I would be interested if there any more hosts than this one:
that are noted as bad at this IP address. I heard from somebody helping me that www.calendarofupdates.com
identified the IP address as bad but I can't find it anywhere. This host (xbarre.com) distributes adware as indicated by this scan:http://www.securemecca.com/public/xbarresetup.exe.pdf
I also don't like any of these toolbars:
Why not? THEY TURN MY PAC FILTER OFF!
I don't know if they turn it off at install time or removal time but their removal is sloppy and leaves you contacting their services until you clean it up yourself. If you allowed them on your toolbar in Firefox it is left that way. The full list of hosts is here:http://www.securemecca.com//MalwareDomainList/ToolBars.txt
Now I don't regret these rules I added to the PAC filter:
// next rule - all *.*toolbar.com hosts redirect to hosting.conduit.com
BadNetworks[i++] = "184.108.40.206, 255.255.255.255"; // 2008-11-24
BadDomains[i++] = "toolbar.com"; // DNSWCDs - *.*toolbar.com
I don't know if it escalates to the point of malware but I am pretty steamed about it turning my PAC filter off (it completely erases the string). That means it is making unwanted modifications to my browser, and ones that most people cannot clean up manually themselves. Your choice - add the hosts or point them to our PAC filter. I don't know if LeVerso has added this pattern or not but he should. The service hosts it keeps contacting are:
cetrk.com # they just use a script there
The script they are using at cetrk.com is:
I hope that helps. I am going to block all of those hosts for all machines because the damage was done on Linux, not on Windows. Let's say that again - the damage is done on all operating systems in Firefox!
I cannot speak for what it does to IE on Windows or what it does to Opera. I am late to my day job.