miércoles, 18 de mayo de 2016

HostsMan File hosts Manager

HostsMan -------------------------------------------------------------
Pagina: http://www.abelhadigital.com/hostsman
Blocking Unwanted Connections with a Hosts File
Download (Zip version). Portable; no es necesario que se encuentre ejecutado HostsMan; dado que en el archivo Hosts es donde se guardan los cambios.
Las entradas del hosts afectan a todos los navegadores, por lo cual resulta una herramienta bastante útil para bloquear sitios en el PC a nivel global.
HostsMan edita el archivo hosts que es el encargado de proporcionar direcciones DNS previamente a la consulta del servidor.
HostsMan proporciona una interfaz sencilla para realizar las tareas típicas en la gestión de este fichero: duplicación por seguridad, introducción de líneas nuevas, importar datos, impedir que sea modificado por ciertos programas, etc.
El archivo Hosts permite resolver nombres de dominio a nivel local para realizar redirecciones o bloquear el acceso a páginas, los ciberdelincuentes también suelen modificarlo para hacer de las suyas.
HostsMan permite descargar y actualizar listas de sitios maliciosos para que sean bloqueados, hay distintas fuentes (Sources) para seleccionar y también se pueden agregar fuentes personalizadas
En HostsMan también es posible importar/exportar las listas creadas, escanearlas en busca de entradas mal formadas, buscar duplicados, eliminar comentarios, hacer respaldos, entre otras opciones que sin dudas resultarán de utilidad para cualquier administrador.
-----------------------------------------------------------------------
Cuando queremos bloquear las conexiones de nuestro ordenador a servidores maliciosos una de las técnicas más utilizadas para su bloqueo es modificando el archivo Hosts de Windows (archivo que asocia dominios con IPs) e indicando en el programa que un dominio o servidor remoto no llegue al DNS, sino que se traduzca por una IP nula como 0.0.0.0 o localhost con 127.0.0.1.
Aunque su uso puede ser algo tosco habiendo servicios de DNS sinkholing más completos y versátiles, usar un fichero host local para blacklisting fortifica al equipo en concreto.
Es mejor que los registros apuntan a 0.0.0.0 en lugar de 127.0.0.1. Esto es debido a que así no es necesario esperar un timeout y el funcionamiento por tanto es mucho más rápido.
Ojo. Todas las líneas del archivo hosts pueden ser borradas de forma segura, salvo la línea
127.0.0.1 localhost
necesaria para que algunos programas funcionen correctamente.
-----------------------------------------------------------------------
Si el archivo hosts contiene cientos de direcciones URL y listados ip entonces podría ralentizar la navegación web, ya que cada vez que tu abres un sitio web el servicio DNS tiene que ir a través de todo el archivo hosts. Reorganizar el contenido del archivo hosts al acomodar 9 nombres host por línea y al eliminar todos los comentarios ayuda a que disminuya su tamaño y el servicio DNS puede activarse
------------------------------------------------------------------------
Configurar preferencias  [edit] [preferences] [import]
[select what to import] Comments and Possible hijacks: Do not import
Replace IP [yes] Replace: [127.0.0.1]  With: [0.0.0.0]
Rearrange hosts file content [yes] Maximun number of hostnames per line [9]
[Apply]...
Actualizar listas de bloqueo --------------------------------
[Run HostsMan as Administrator]  [Tools]  [Backup manager] -- Original Hosts.. [Restore Backup].
[Check for Updates]
[Edit] [Replace IP] [127.0.0.1 --> 0.0.0.0]
[Edit] [Rearrange hosts] Hostnames per line [9] Delete all comments [yes]
El unico distinto debe ser: 127.0.0.1 localhost  (Si no esta añadirlo y listo)
-----------------------------------------------------------------------
Listas de bloqueo de dominios; fuentes (Sources); Host lists --  My filters --  filtros listas
Bloqueo de dominios de: malware, trackers, spyware, parasites, hijackers and unwanted Adware
-----------------------------------------------------------------------
Peter Lowe’s Ad server list -- Bloqueo de Publicidad
http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext

Malware Domain List -- Bloqueo de Malware
http://www.malwaredomainlist.com/hostslist/hosts.txt

Adaway hosts file block ads -- Bloqueo de Publicidad
http://adaway.org/hosts.txt

MVPS Spyware Blocking Hosts File (archivo grande 0.4 mb) -- Bloqueo de Spyware
includes entries for most major parasites, hijackers and unwanted Adware/Spyware programs!
http://winhelp2002.mvps.org/hosts.htm
http://www.mvps.org/winhelp2002/hosts.txt

ZeuS Tracker (latest release March 31, 2013) -- Bloqueo de Rastreadores
website URL: https://zeustracker.abuse.ch/index.php
https://zeustracker.abuse.ch/blocklist.php?download=hostfile

Dan Pollock's Spyware Blocking Hosts File (archivo grande 0.3 mb) -- Bloqueo de Spyware
http://someonewhocares.org/hosts/
  (debe ser manual; copiar y pegar en txt)

Adblock For Malware Domains and others -- Bloqueo de Malware y otros
http://adblock.gjtech.net/?format=unix-hosts
  (debe ser manual; copiar y pegar en txt)


------------- no usar por grandes --------------------------------
securemecca.com  (archivo grande 0.7 mb)
http://www.hostsfile.org/Downloads/hosts.txt

hpHosts - Ad and Tracking servers only (archivo gigante 1.7 mb)
http://hosts-file.net/ad_servers.asp

---------------------------------------------------------------------------
the HOSTS file can be edited in Notepad, a simple text editor.

sobre el icono notepad   (%windir%\NOTEPAD.EXE)
click derecho "ejecutar como administrador"
ir a..   Abrir  C:\WINDOWS\SYSTEM32\DRIVERS\etc\
cambiar..   "Documentos de texto (*.txt)" a "Todos los archivos (*.*)"
seleccionar..   HOSTS  (ya se puede modificar)

Depending on your OS, you will need to edit the directories to find the file. Note: the HOSTS file does not have an extension. It is just labeled HOSTS.
Windows 10 = C:\Windows\System32\drivers\etc
Windows Vista = C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
Windows XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC\HOSTS
Win 98/ME = C:\WINDOWS\HOSTS

Before you do any editing, it is a good idea to backup what is in the file. Try saving it as HOSTS.bak or similar. Remember, the HOSTS file itself HAS NO FILE EXTENSION. Saving the HOSTS file with any .TXT, .DOC, etc will not let it work.

miércoles, 4 de mayo de 2016

TinySpell Rev.1.9.61


Revision 1.9.61  —  March 15, 2016
For Windows 2000/XP/Vista/7/8/10

http://tinyspell.numerit.com/
Portable



Occasionally you need to check spelling in an application that does not include a spelling checker and you don't want to launch your word processor just for that. This is when tinySpell becomes handy. It is a small utility that allows you to easily and quickly check and correct the spelling in any Windows application.
tinySpell can watch your typing on the fly and alert you whenever it detects a misspelled word.
It can also check the spelling of text that you copy to the clipboard.
tinySpell installs itself in the taskbar notification area for easy access.

txpadesp.zip (546.55 KB)  ---- Spanish (571.lex, 500.sup)
encontrado en    http://www.filewatcher.com/
http://www.filewatcher.com/_/?q=txpadesp.zip

The legacy dictionaries file names are txpad???.zip where ??? is the language. Each dictionary contains two files: n71.lex and n00.sup (see below). To install a dictionary just copy the two files to the tinySpell+ directory and restart tinySpell.

Borre los diccionarios en ingles y puse los de español; pero al archivo les cambie el nombre, les puse el nombre que usaban los originales; en ingles.

lunes, 2 de mayo de 2016

Emsisoft Commandline Scanner

Emsisoft Commandline Scanner
-----------------------------------------------------------------------------------------------------------



Archivo comprimido, todo incluido: Scan motor y base de datos; listo para usar.
Update signatures (base de datos) and Scan motor. Emsisoft Anti-Malware; a2cmd.exe Command Line Scanner.
Download Emsisoft Emergency Kit that always include the latest signatures.
Dentro estan dos folders para cada tipo de sistema 32 & 64 bit
https://www.emsisoft.com/en/software/eek/
Version 11.9.0.6508 — Released: 08/09/2016
For Windows 7/8/10
Software Type: Full Version - Freeware for private use
mas informacion .... https://www.emsisoft.com/en/software/cmd/

Check your system for malware infection with the Commandline Scanner. It includes all functions of the Anti-Malware scanner and both the top scan engines (Emsisoft Anti-Malware and Ikarus Antivirus). Malware scanner that detects and removes viruses, trojans, worms, bots, spyware, adware, tracking cookies and malware traces in the registry and on the harddisk with the power of two major scan engines.

Software Type: Full Version - Freeware for private use
mas informacion .... https://www.emsisoft.com/en/software/cmd/
  ----------------------------------------------------------------------
Usage:  Open a command prompt box and type: a2cmd

  Hint: You have to add the installation folder to the PATH system variable
  to be able to call a2cmd from any location in the dos prompt.

By default, the help dialog appears:
  ----------------------------------------------------------------------
a2cmd.exe [path] | [parameters]
  ----------------------------------------------------------------------
Scan types (can be combined) ------------

/f=[path], /files=[path]  
Scans specified disks, folders or files for malware infections. Folder paths must be enclosed in quotation marks. Multiple paths need to be delimited by commas. Example: a2cmd /f="c:\windows\","c:\program files\"

/quick    Scans all active programs, malware traces (registry, files) and Tracking Cookies.
/smart    Good and fast result, but only important folders will be scanned
/deep     Slowest scan. All files on all hard disks will be scanned deeply

/malware
Scans all places that Malware typically infects. A Malware Scan is the best choice for most users. It's fast and thoroughly examines the whole computer for any active Malware infections.

/rk                 Scans for active rootkits.
/m, /memory    Scans all active programs.
/t, /traces       Scans the registry and the file/folder structures on a hard disk for malware traces.

/c, /cookies
 Scans all cookies for Tracking Cookies. Supported browsers: MS Internet Explorer, Mozilla Firefox.

/fh=[handle], /pid=[PID]
 Scan a file by handle. Requires the ID of the process that keeps the handle.

/b=[pointer] /bs=[size] /pid=[PID]
 Scan a data buffer in memory. Requires the buffer size and the ID of the process that keeps the buffer.

Scan settings (for precise adjustment of the scan types) -----------

/pup
 Also detects Potentially Unwanted Programs (programs that are not specifically malicious but are often installed without user consent)

/h, /heuristic  Heuristic scan for unknown Malware
/r, /riskware   Alert Riskware that is often used by Malware
/a, /archive    Scans also within archive files such as ZIP, RAR, CAB, and self-extracting archives.
/n, /ntfs     Scans also hidden data flows in NTFS disks.
/ac, /advancedcaching      Uses the advanced caching to avoid unnecessary re-scans.

/dda, /directdiskaccess
 Scans with direct disk access mode which is slower. Not required when the rootkit scan is enabled.

/l=[path], /log=[path]
 Saves a scan log to the specified file. The text-based log is saved in Unicode format.
Example: a2cmd /malware /log="c:\scans\scan.log"

/la=[path], /logansi=[path]
 Same as the /l bzw /log parameter, but the log is saved in ANSI Format.

/x=[list], /ext=[list]     Scans only files with the specified extensions.
Example: a2cmd /f="c:\windows\" /x="exe, com, scr, bat"

/xe=[list], /extexclude=[list]
 Scans all files except those with the specified extensions.  Example: a2cmd /malware /xe="avi, bmp, mp3"

/wl=[path], /whitelist=[path]
 Uses the specified whitelist file for excluding certain files, folders or malware names in the scan. Whitelist files must be text files where each line is one of the items to be excluded.  Example: a2cmd /f="c:\" /wl="c:\whitelist.txt"

/d, /delete
 Deletes all detected malware objects at once during the scan. Also deletes references to the detected file, e.g. autorun entries in the registry.

/dq, /deletequick
 Deletes all detected malware objects at once during the scan. Only the detected file itself is deleted. Quicker than /d or /delete.

/q=[folder], /quarantine=[folder]
 Immediately place detected malware in quarantine during the scan. The quarantine folder can be specified. Detected objects are saved and encrypted there so that they cannot cause further damage.

/s, /service
 Defines if the Anti-Malware service is to be used for scanning.
 Background: When running many short scans, loading the scan engine afresh at each start of a2cmd is inefficient. Using the /s or /service parameter makes the Anti-Malware service load the engine and keep it loaded for later scans. If the service is not yet started or installed it is installed and started when the service parameter is run for the first time. This command is not available in Emsisoft Emergency Kit because the service component is not included.


Malware handling (to be used alone) ------------

/ql, /quarantinelist
 Lists all objects that are under quarantine. The consecutive number at the beginning of each line can be used for deleting or restoring (zero-based index).

/qr=[n], /quarantinerestore=[n]
 Restores an object under quarantine with the specified index number. If no number is specified, all objects are restored.
Example: a2cmd /qr=0

/qd=[n], /quarantinedelete=[n]    Deletes an object under quarantine with the specified index number.

Online updates (to be used alone)  -------

/u, /update
 Must be used alone. Runs an online update of all program components and signatures. If a2cmd is used as a part of Emsisoft Anti-Malware, this command triggers an update of the whole Emsisoft Anti-Malware package.

/ub, /updatebeta     Downloads the latest beta updates instead of stable updates.
/proxy=[proxyname:port]     Sets a proxy host and port number to be used for connections to the update server.
/proxyuser=[username]      Sets a proxy username if the proxy requires authentication.
/proxypassword=[password]     Sets a proxy password if the proxy requires authentication.

General commands  (to be used alone)

/?, /help   Shows an overview of all available parameters.
  ----------------------------------------------------------------------

  Example: a2cmd /f="c:\windows\" /m /t /c /h /r /a /n /q
  Description: Scans c:\windows. Memory, Traces and Cookie scan enabled.
               Uses heuristics, displays Riskware and scans in Archives and ADS.
               Puts found Malware in Quarantine.

Example batch file:
Archivo bat para agregar a la carpeta (ejm AV-Emsisoft) y escanear archivos.
en notepaq copiar y nombrar ... AV-Emsisoft.bat
colocar en "enviar a" con boton derecho
C:\Users\usuario\AppData\Roaming\Microsoft\Windows\SendTo
crear acceso directo   AV-Emsisoft.bat
++++++++++++++++
@echo off
ECHO -------------------------------------------------------------------------
ECHO **--EMSISOFT ANTIVIRUS--**
ECHO -------------------------------------------------------------------------
ECHO ANTIVIRUS; ESCANEANDO ARCHIVOS ... CORRIENDO ANALISIS ESPERE ............
a2cmd %* /pup /heuristic /riskware /archive /quarantine /log=Emsisoft.txt
ECHO RESULTADO DEL ANALISIS --------------------------------------------------
Type Emsisoft.txt
ECHO -------------------------------------------------------------------------
ECHO **--FINALIZADO--**
pause
++++++++++++++++
Donde TYPE Muestra el contenido de un archivo de texto en el prompt; en este caso el resultado del análisis.
------------------------------------