Spyware, Viruses, & Security forum

General discussion

UPDATES - April 21, 2009

TrojanHunter 5.0 Ruleset Update - Apr 21, 2009

An updated TrojanHunter ruleset is available. This update adds 75 new trojan definitions:

Agent.3950
Agent.3949
Agent.3948
Agent.3947
Crypt.533
DDoS.Agent.111
Delf.1175
FakeAlert.304
Flux.146
FlyStudio.102
FlyStudio.101
FraudTool.EvidenceEraser.100
Hupigon.1326
Jevafus.206
Jexec.101
PcClient.293
Poison.176
Poison.175
PWSteal.Agent.495
PWSteal.LdPinch.957
PWSteal.Magania.629
PWSteal.Magania.628
PWSteal.Magania.627
PWSteal.Nilage.512
PWSteal.Nilage.511
PWSteal.OnLineGames.1712
PWSteal.OnLineGames.1711
PWSteal.OnLineGames.1710
PWSteal.OnLineGames.1709
PWSteal.OnLineGames.1708
PWSteal.OnLineGames.1707
PWSteal.OnLineGames.1706
PWSteal.OnLineGames.1705
PWSteal.OnLineGames.1704
PWSteal.OnLineGames.1703
PWSteal.OnLineGames.1702
PWSteal.OnLineGames.1701
Rootkit.Agent.480
Rootkit.Nuclear.107
Rootkit.Small.119
Rootkit.Small.118
Rootkit.Small.117
TDSS.215
TDSS.214
TDSS.213
TDSS.212
TDSS.211
TrojanClicker.Agent.412
TrojanClicker.Small.251
TrojanDownloader.Agent.3254
TrojanDownloader.Agent.3253
TrojanDownloader.Agent.3252
TrojanDownloader.Banload.1580
TrojanDownloader.Banload.1579
TrojanDownloader.Cntr.137
TrojanDownloader.Cntr.136
TrojanDownloader.Delf.1540
TrojanDownloader.FraudLoad.646
TrojanDownloader.Small.3106
TrojanDownloader.Small.3105
TrojanDownloader.Small.3104
TrojanDownloader.Small.3103
TrojanDownloader.Small.3102
TrojanDownloader.Small.3101
TrojanDropper.Agent.1339
TrojanDropper.VB.540
TrojanProxy.Puma.100
TrojanSpy.Zbot.905
TrojanSpy.Zbot.904
TrojanSpy.Zbot.903
VB.1468
Vundo.1589
Vundo.1588
Vundo.1587
Worm.Agent.187

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.

You should have 215165 rules.
http://www.misec.net/forum/board/RulesetUpdates/1240298994
Discussion is locked
You are posting a reply to: UPDATES - April 21, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: UPDATES - April 21, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
ClamAV #9266

In reply to: UPDATES - April 21, 2009

Latest ClamAV? stable release is: 0.95.1
Total number of signatures: 544750
ClamAV Virus Databases:
main.cvd ver. 50 released on 15 Feb 2009 16:47 :0500
daily.cvd ver. 9266 released on 21 Apr 2009 06:05 :0400
http://www.clamav.net/

Collapse -
NOD32 - 4024 (20090421)

In reply to: UPDATES - April 21, 2009

2009-04-21 11:13
INF/Autorun, W97M/Exploit.Agent.NAA, Win32/Adware.Virtumonde.NEF, Win32/Adware.Virtumonde.NEK, Win32/Adware.Virtumonde.NET, Win32/Agent.NXF (3), Win32/Agent.PHJ, Win32/AutoRun.ADR, Win32/AutoRun.Delf.BP (3), Win32/AutoRun.VB.CQ (4), Win32/Bagle.RD, Win32/Conficker.AB, Win32/Flyagent.NAC, Win32/Injector.NI (2), Win32/Koutodoor.A (6), Win32/Peerfrag.AG (3), Win32/Piptea.F, Win32/PSW.OnLineGames.NNU, Win32/PSWTool.Dialupass.244 (2), Win32/Qhost (2), Win32/Qhost.NJG (2), Win32/Rootkit.Small.AAZ, Win32/TrojanDownloader.Delf.OSQ (2), Win32/TrojanDownloader.Zlob.CZK, Win32/TrojanDropper.Agent.NYT, Win32/Waledac.JD (4), Win32/Waledac.JE
http://www.eset.eu/podpora/aktualizacia-4024?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - 4025 (20090421)

In reply to: NOD32 - 4024 (20090421)

2009-04-21 21:28
INF/Autorun (2), IRC/SdBot, PDF/Exploit.Pidief.OIX, PDF/Exploit.Pidief.OIY, Win32/Adware.Agent.NMN, Win32/Adware.Antivirus2008 (5), Win32/Adware.Coolezweb (5), Win32/Adware.GooochiBiz (2), Win32/Adware.InternetAntivirus (7), Win32/Adware.MSAntispyware2009 (4), Win32/Adware.PersonalAntivirus (2), Win32/Adware.SpyProtector.J, Win32/Adware.SpywareProtect2009 (2), Win32/Adware.WinPCDefender (3), Win32/Agent.DKR, Win32/Agent.NAM (5), Win32/Agent.NXG (2), Win32/Agent.OSE (2), Win32/Agent.PAX, Win32/Agent.PAY, Win32/Agent.PFL, Win32/Agent.PHK, Win32/Agent.PHL (3), Win32/Agent.TKR, Win32/Agent.WPI (2), Win32/Autoit.CM, Win32/Autoit.NDC, Win32/AutoRun.ADR, Win32/AutoRun.Agent.IE (2), Win32/AutoRun.Agent.NC (2), Win32/AutoRun.Agent.ND (2), Win32/AutoRun.Delf.BQ, Win32/AutoRun.FakeAlert.AF, Win32/AutoRun.FlyStudio.HE, Win32/AutoRun.Qhost.A (4), Win32/AutoRun.VB.CR (2), Win32/AutoRun.VB.CS (3), Win32/Cimag.W (3), Win32/Feedel.A (2), Win32/Feedel.B (2), Win32/Feedel.C (2), Win32/FlyStudio.NJY, Win32/FlyStudio.NJZ, Win32/FlyStudio.NKA, Win32/FlyStudio.NKB, Win32/Injector.NJ (2), Win32/Injector.NL, Win32/IRCBot (3), Win32/Koutodoor.B (6), Win32/LockScreen.A, Win32/Olmarik.FT (18), Win32/Olmarik.GW, Win32/Olmarik.GX, Win32/Olmarik.GY, Win32/Olmarik.HC (2), Win32/Olmarik.HL (2), Win32/PcClient, Win32/PcClient.NDL (3), Win32/Peerfrag.AH, Win32/Piptea.F, Win32/PSW.Delf.NOV (2), Win32/PSW.LdPinch.NEL (2), Win32/PSW.Legendmir.NFX, Win32/PSW.OnLineGames.NMP (2), Win32/PSW.OnLineGames.NMY, Win32/Qhost (3), Win32/Rootkit.Podnuha.NCB, Win32/Rustock (2), Win32/Rustock.NHZ, Win32/Sality.AE, Win32/Sohanad.NAK (2), Win32/SpamTool.Agent.NCI (4), Win32/Spy.Agent.ALFH (2), Win32/Spy.Banbra.NOX, Win32/Spy.Banker.OYT, Win32/Spy.Banker.QPO, Win32/Spy.Banker.QPQ (2), Win32/Spy.Delf.NTM (2), Win32/Spy.Zbot.BA, Win32/Spy.Zbot.JF (7), Win32/Spy.Zbot.OW, Win32/Spy.Zbot.OX (3), Win32/TrojanClicker.Delf.NDG, Win32/TrojanClicker.Delf.NDR (3), Win32/TrojanClicker.Delf.NGK (2), Win32/TrojanClicker.Delf.NGL, Win32/TrojanClicker.Delf.NGM, Win32/TrojanClicker.Delf.NGO (2), Win32/TrojanClicker.Delf.NGQ, Win32/TrojanClicker.Delf.NGR (2), Win32/TrojanDownloader.Agent.ORH (2), Win32/TrojanDownloader.Agent.OZR, Win32/TrojanDownloader.Agent.OZS (3), Win32/TrojanDownloader.Delf.OSR (2), Win32/TrojanDownloader.FakeAlert.ZI (3), Win32/TrojanDownloader.Sality, Win32/TrojanDownloader.Small.EDB (3), Win32/TrojanDownloader.Small.JPF (2), Win32/TrojanDownloader.Small.NTQ (2), Win32/TrojanDownloader.Small.OOG (2), Win32/TrojanDownloader.VB.NXO, Win32/TrojanDownloader.Wigon.BY, Win32/TrojanDownloader.Wigon.CB, Win32/TrojanDropper.Agent.NYU, Win32/TrojanDropper.Small.NJG, Win32/VB.NGW (2), Win32/VB.NZV, Win32/VB.OBR (3), Win32/Wigon (3), Win32/Wigon.KH
http://www.eset.eu/podpora/aktualizacia-4025?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - 4026 (20090421)

In reply to: NOD32 - 4025 (20090421)

2009-04-22 00:00
PDF/Exploit.Pidief.OIZ, Win32/Adware.Antivirus2008 (3), Win32/Adware.AntiVirusAgentPro, Win32/Adware.BHO.NCG, Win32/Adware.Coolezweb, Win32/Adware.MalwareDefender2009, Win32/Adware.MSAntispyware2009, Win32/Adware.Virtumonde.NEH, Win32/Adware.Virtumonde.NEI, Win32/Adware.VirusAlarmPro, Win32/Adware.WinPCDefender, Win32/Adware.WSearch, Win32/Agent.DKR, Win32/Agent.NXH (3), Win32/Agent.PHM, Win32/Agent.PHN (2), Win32/AutoRun.ABH (2), Win32/AutoRun.ADS (2), Win32/AutoRun.FakeAlert.BH, Win32/BHO.NOA (4), Win32/Feedel.D (2), Win32/Hupigon, Win32/Koobface.HH (2), Win32/Olmarik.FT (28), Win32/Olmarik.HM (11), Win32/PcClient (2), Win32/PSW.OnLineGames.NSU, Win32/PSW.WOW.DZI, Win32/Sohanad.NDZ, Win32/SpamTool.Agent.NCI (2), Win32/Spy.007 Spy (6), Win32/Spy.Banker.DVU (2), Win32/Spy.Vlogger.M (2), Win32/Tinxy.AC (2), Win32/TrojanClicker.Delf.NDK, Win32/TrojanDownloader.Agent.ORH, Win32/TrojanDownloader.Agent.OZA, Win32/TrojanDownloader.Agent.OZT, Win32/TrojanDownloader.Delf.OST, Win32/TrojanDownloader.FakeAlert.GU, Win32/TrojanDownloader.Small.NTQ, Win32/TrojanDownloader.Wigon.BY, Win32/TrojanDropper.Delf.NMU (2), Win32/TrojanDropper.Microjoin.C, Win32/TrojanProxy.Small.NDW (4), Win32/Waledac.JF (2), Win32/Wigon.KI (2)
http://www.eset.eu/podpora/aktualizacia-4026?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
BOClean FILE DATE: 2009-04-21 11:16:57 (UTC)

In reply to: UPDATES - April 21, 2009

TWENTY NINE new nasties for a total of 72,538 **UNIQUE**
infectors (342,908 variants of these including
trojans,worms,bots,hijackers,downloaders,spam proxies, rootkits, adware,
spyware,keyloggers,"dialers" and other malware in total) covered in
today's update for BOClean 4.27.

Please also note that if you ever miss an update (or several) the update
you collect includes **ALL** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.comodo.com/boclean/trolist.html
Collapse -
Ad-Aware defs 0148.0014

In reply to: UPDATES - April 21, 2009

Collapse -
BitDefender - 14:07

In reply to: UPDATES - April 21, 2009

Collapse -
Malwarebytes' Anti-Malware defs #2019

In reply to: UPDATES - April 21, 2009

Collapse -
AVG - AVI: 270.12.1/ 2071

In reply to: UPDATES - April 21, 2009

[color=blue]AVG - AVI: 270.12.1/ 2071[/color]
Added detection of new variant of Worm/Generic.YLN, new variants of trojans Dropper.Generic.ALSB, Generic13.AAWJ, SHeur2.ABTA, Generic13.AAZY, Delf.JZK.
April 20, 2009
http://www.grisoft.com/us.download-update
Collapse -
AVG - AVI: 270.12.2/ 2072

In reply to: AVG - AVI: 270.12.1/ 2071

Added detection of new variants of trojans Dropper.Generic.ALSO, Agent2.ELG, Downloader.Generic8.AHMP, Downloader.Generic8.AHMK, SHeur2.ABVY, SHeur2.ABWF.
April 21, 2009
http://www.grisoft.com/us.download-update

Collapse -
a-squared signature updates

In reply to: UPDATES - April 21, 2009

Collapse -
More

In reply to: a-squared signature updates

Collapse -
NAV Daily

In reply to: UPDATES - April 21, 2009

Daily Updates
Symantec AntiVirus
Norton AntiVirus 2006/2007

Virus Definitions created April 21
Virus Definitions released April 21
Defs Version: 110421f
Sequence Number: 94546
Extended Version: 4/21/2009 rev. 6
Total Detections (Threats & Risks): 3656263

Multiple Daily Updates
Symantec Endpoint Protection 11
Norton AntiVirus 2008 and newer

Virus Definitions created April 21
Virus Definitions released April 21
Defs Version: 110421f
Sequence Number: 94546
Extended Version: 4/21/2009 rev. 6
Total Detections (Threats & Risks): 3656263
http://www.symantec.com/business/security_response/definitions/download/index.jsp
Collapse -
F-Prot

In reply to: UPDATES - April 21, 2009

F-PROT Antivirus can as of 21 April 2009 detect more than 1310835 worms, viruses and other malicious programs with its latest virus signature file.
http://www.f-prot.com/products/currentversions.html

Note: The total detections on the site are the same as what was posted on the 23rd of December 2008, BUT the actual program is being updated automatically at regular intervals even though the webpage isn't.

Collapse -
Panda

In reply to: UPDATES - April 21, 2009

Collapse -
Panda - 04/22/2009

In reply to: Panda

Collapse -
AntiVir Version: 7.01.03.86

In reply to: UPDATES - April 21, 2009

Collapse -
avast! update 21.4.2009 version: 090421-0

In reply to: UPDATES - April 21, 2009

Collapse -
McAfee Daily #5591

In reply to: UPDATES - April 21, 2009

Collapse -
SUPER AntiSpyware #3856

In reply to: UPDATES - April 21, 2009

Collapse -
Mozilla Firefox v3.0.9 released April 21, 2009

In reply to: UPDATES - April 21, 2009

Firefox 3.0.9 fixes several issues found in Firefox 3.0.8:

#Fixed several security issues
# Fixed several stability issues.
# Many users experienced an issue where a corrupt local database caused Firefox to ?lose? its stored cookies. (bug 470578)
# Fixed an issue where, starting with Firefox 3.0.7, inline image attachments on popular webmail services (like AOL and AIM) would not display. (bug 482659)
# Large forms would sometimes take a long time to submit. (bug 426991)
# In certain cases, new windows would not have proper focus. (bug 446568)

http://www.mozilla.com/en-US/firefox/3.0.9/releasenotes/
http://www.mozilla.com/en-US/firefox/firefox.html


Exsisting users can update via "Help>>>Check for Updates" as soon as that option is released which should be soon.
Collapse -
CounterSpy/VIPRE defs #5105

In reply to: UPDATES - April 21, 2009

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

GIVEAWAY

Enter to win* a free holiday tech gift!

CNET's giving five lucky winners the gift of their choice valued up to $250!