HeX 1.0.3, the CNY Release

I am pleased to announce the release of HeX 1.0.3, release info is below. Thanks to the entire development team for their dedication and hard work. This release has been dubbed the CNY, or Chinese New Year release.

With the recent release of FreeBSD 7.0 RC2, we anticipate an actual 7.0 release in the near future. When the Release version of 7.0 becomes available we will begin working on the new HeX 2.0 project.

Get HeX 1.0.3 Here:
US Mirrors:
https://secure.redsphereglobal.com/data/tools/security/live/hex-i386-1.0.3.iso
https://secure.redsphereglobal.com/data/tools/security/live/hex-i386-1.0.3.iso.md5
https://secure.redsphereglobal.com/data/tools/security/live/hex-i386-1.0.3.iso.sha256

Malaysia Mirrors:
http://bsd.ipv6.la/hex-i386-1.0.3.iso
http://bsd.ipv6.la/hex-i386-1.0.3.iso.md5
http://bsd.ipv6.la/hex-i386-1.0.3.iso.sha256

Fixed:
- pkg_info works after installation
- ping works without sudo
- procfs is correctly mounted on /proc at boot

Upgraded:
1. NSM Console 0.6-DEVEL
Features:
- 'dump' command added, you can now dump packet payloads into a binary
file for later analysis
- Significant speedups in the harimau module and 'checkip' command if
wget is installed
- tcpxtract configuration file changed to extract more types of files
- Added foremost module
- Added clamscan module (Thanks JohnQPublic)
- Argus and tcptrace have reverse dns turned off by default now, it
was causing the module to hang for extremely large pcap files. Can be
switched on by changed the module options
- rot13 encoding and decoding added :)
Bugfixes:
- alias command
- urlescape (en|de)coding
- file existence check
- many other things
All the other enhancements, bugfixes and additions since the 0.2
release (there have been many!)

New Application Packages:
- xplot
- uni2ascii
- vnc
- vsftpd
- samplicator
- sflowtool
- pmacct
- ming
- ploticus
- tcpick
- bvi
- elinks
- feh
- tftpgrab
- arpwatch

Misc:
- New wallpapers with different color schemes

The LiveUSB image will be out shortly, it is undergoing a quick regression test currently.

Cheers,
JJC

Antispywareupdates.net - new rogue promoting crap site

Antispywareupdates.net is the malicious web site that promote well known rogue anti-spyware programs such as SpyAway and Perfect Cleaner. Antispywareupdates.net can hijack your homepage and display annoying security warnings and fake online scanners. We recomend to download Spyware Doctor, it will remove Antispywareupdates.net for seconds.

Antispywareupdates.net screenshot:

Antispywareupdates.net automatical removal tool:

Antispywareupdates Remover

Emotrlq Toolbar Removal Tool - Remove Emotrlq Toolbar

Emotrlq Toolbar is a fake security toolbar that pretends to be the from spam and popup blocker and spyware remover. But in real Emotrlq generates fake spyware detection reports to trick users into downloading and purchasing fake antispyware programs (like VirusHeat 3.9). This malicious toolbar can slow your computer and may cause serious system errors and even crashes. We recomend to remove it using Spyware Doctor antispyware with free scan.

Emotrlq Toolbar Screenshot (note: there are many Emotrlq Toolbar skins) :

Emotrlq Toolbar Remover:

Emotrlq Removal Tool

Emotrlq Toolbar Manual Removal:
Remove Emotrlq Toolbar files and unregister dll's:

emotrlq.dll
byxww.dll
ssqpp.dll
ezzhjmt.dll
browsew.dll
ddcyvtt.dll
ctl3d3.dll
hggdbab.dll
toprates.dll
sprt_ads.dll
oggview32.dll
turbosearchsite.dll

Remove Emotrlq Toolbar registry keys:

A74F3FC3-CC9A-4D4C-AFB5-B56F0CAA445D
14B65C62-1F53-4B15-9476-5D697608536F
82C8422E-86A3-41C1-9F2E-094F7BF849E2
BCBC8B3C-397C-4D98-B6BA-FF337B9671E1
17D2F953-B2D1-4D1B-BCD3-20432E09ECF1
80DFDD57-D8B8-4991-82B9-9E9D426668B0
4911E55D-9240-49DB-B878-337DE4F53E70
4090F502-6B2D-41B4-8409-B08905A3A0E6
F10587E9-0E47-4CBE-84AE-7DD20B8684BB
47EFD4AD-CB46-4549-B24B-CEE415394C56
3DAF1739-AB9E-493E-8DD7-F65CDF363BCB

Remove Puresafetyhere.com hijacker. Puresafetyhere.com removal tool

Puresafetyhere.com description:
Puresafetyhere.com is a browser hijacker that generates fake spyware detection reports (Myzor@.fk and others) to trick you into buying full verions of rogue anti-spyware programs. Puresafetyhere.com can slow your computer and secretly install dangerous spyware. Download Spyware Doctor antispyware with free scan to remove Puresafetyhere.com from your computer

Puresafetyhere.com screenshots:

Puresafetyhere.com automatical remover with free scan

Puresafetyhere Remover

Puresafetyhere.com manual removal instructions:
Remove Puresafetyhere.com registry entires:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70d17a5f-ef27-4295-90f5-20ad6f24834f}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80ced3d6-ece9-48ba-8df8-2503d8d87c2b}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Messenger Service
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper objects\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Security Plug-in
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Secure Bar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa6d4f53-4c8d-4549-84d2-02d584acc4e9}

Remove Puresafetyhere.com files:
icmntr.exe
icthis.exe
ictun.exe
icun.exe
isfmm.exe
isfmntr.exe
isfun.exe
pmuninst.exe
gtawclv.dll
Online Security Guide.url
Security Troubleshooting.url
Online Security Guide.url
Security Troubleshooting.url
pmmon.exe
gtawclv.dll
vjxwnn.dll
cfqbw.dll
fdpzgi.dll
vmlwp.dll
veptlh.dll
isfmdl.dll

Iwannaseeyounude.com/scan/ - IE Defender fake scan

How to remove iwannaseeyounude.com/scan/ hijacker?
Iwannaseeyounude.com/scan/ is a browser hijacker that reults from Zlob.Trojan infection. It can slow your computer and destroy personal data. This hijacker promotes IEDefender rogue anti-spyware. If your computer was hijacked with Iwannaseeyounude.com/scan/ - download Spyware Doctor - most technologically advanced application on the Internet for detection and removal of potentially undesired items.

Iwannaseeyounude.com/scan/ Removal Tool

Iwannaseeyounude.com screenshot

Remove Powered by Zedo popups

Zedo (Powered by Zedo) is an annoying adware that will popup in the middle of the screen without warning usually when user try to search Google or another search engine. Then they would take your search term and put it in the popup ad showing Ebay or a few other sites. Pop up blockers can't remove Zedo. We recomend to use Spyware Doctor with free scan to remove Zedo cookies and files from your computer.

Zedo produces popups from this urls:

• xads.zedo.com
• upspiral.com
• searchlocal.ws
• aavalue.com
• url.cpvfeed.com

Zedo Manual removal:
Find and remove this Zedo cookies:

• zedo
• c1.zedo
• c2.zedo
• c5.zedo
• zedo.com

Remove Zedo files:

• core.sys

Remove Zedo registry values:

• HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CORE

Automatical removal:

Zedo Remover

How to remove Edfqvrw Toolbar - Edfqvrw Toolbar Remover

Edfqvrw Toolbar is the latest BHO (Browser Helper Object) that hijacks your browser and generates fake spyware detection reports. Edfqvrw Toolbar may slow your computer and cause system slowdowns and Windows errors.The Edfqvrw Toolbar usually get installed onto your PC without your permission, through Trojan, malware and virus. We recomend to use Spyware Doctor anti-spyware to remove this threat from your computer.

Edfqvrw Toolbar removal tool:

Edfqvrw Toolbar Removal Tool

Edfqvrw Toolbar manual removal instructions:
Unregister Ekxdvft Toolbar DLL Files:

byxww.dll
ssqpp.dll
ezzhjmt.dll
browsew.dll
ddcyvtt.dll
ctl3d3.dll
hggdbab.dll
toprates.dll
sprt_ads.dll
oggview32.dll
turbosearchsite.dll

Remove Ekxdvft Toolbar Registry Values:

A74F3FC3-CC9A-4D4C-AFB5-B56F0CAA445D
14B65C62-1F53-4B15-9476-5D697608536F
82C8422E-86A3-41C1-9F2E-094F7BF849E2
BCBC8B3C-397C-4D98-B6BA-FF337B9671E1
17D2F953-B2D1-4D1B-BCD3-20432E09ECF1
80DFDD57-D8B8-4991-82B9-9E9D426668B0
4911E55D-9240-49DB-B878-337DE4F53E70
4090F502-6B2D-41B4-8409-B08905A3A0E6
F10587E9-0E47-4CBE-84AE-7DD20B8684BB
47EFD4AD-CB46-4549-B24B-CEE415394C56
3DAF1739-AB9E-493E-8DD7-F65CDF363BCB