General discussion

UPDATES - April 21, 2010

NOD32 - Update 5047 (20100421)
2010-04-21 14:44
INF/Autorun (3), IRC/SdBot (2), Java/TrojanDownloader.Agent.NAM (2), JS/Exploit.Pdfka.NXT, Win32/Adware.Agent.NMS, Win32/Adware.Antivirus2009.AA, Win32/Adware.Cinmus.AA, Win32/Adware.Primawega.AA (2), Win32/Adware.WSearch, Win32/Adware.WSearch.AD (2), Win32/Adware.WSearch.AE (2), Win32/Adware.XPAntiSpyware.AA, Win32/Agent.PHX, Win32/Agent.QNU, Win32/Agent.QRB (2), Win32/Agent.QRO, Win32/Agent.QXQ, Win32/AutoRun.Autoit.CI, Win32/AutoRun.Delf.GB (6), Win32/AutoRun.IRCBot.DZ (4), Win32/AutoRun.NAE, Win32/AutoRun.VB.NX (5), Win32/Bagle.UN, Win32/Bamital.AQ (2), Win32/Boberog.AK (2), Win32/Delf.NSM (2), Win32/Delf.NUY (4), Win32/Delf.PFH (2), Win32/Delf.PFZ, Win32/Dursg.A, Win32/Hupigon.NTY (2), Win32/Injector.BKH, Win32/Injector.BKI, Win32/Injector.BKJ, Win32/Koobface.NCT, Win32/Koutodoor.EP (2), Win32/Koutodoor.FY (2), Win32/Kryptik.DUW, Win32/Kryptik.DUX, Win32/Kryptik.DUY, Win32/Kryptik.DUZ, Win32/Kryptik.DVA, Win32/Kryptik.DVD, Win32/Kryptik.DVE, Win32/Kryptik.DVF, Win32/Kryptik.DVG, Win32/Kryptik.DVH, Win32/Kryptik.DVI, Win32/Kryptik.DVJ, Win32/Kryptik.DVK, Win32/Kryptik.DVL, Win32/Kryptik.DVM, Win32/LockScreen.RP (2), Win32/Mypis.AW, Win32/Obfuscated.NCY (2), Win32/Patched.EO, Win32/PcClient.NGK (2), Win32/Poison.NCY, Win32/PSW.Delf.NSE, Win32/PSW.OnLineGames.OVC (2), Win32/PSW.OnLineGames.OVD (2), Win32/PSW.QQPass.NEH, Win32/PSW.QQPass.NFW, Win32/PSW.VB.NFC, Win32/PSW.WOW.NOP, Win32/Refpron.HC, Win32/Refpron.HD, Win32/Riggin.AC (2), Win32/Riggin.AD (2), Win32/Sopiclick.S, Win32/Sopiclick.T, Win32/Sopiclick.U, Win32/Sopiclick.V, Win32/Sopiclick.W, Win32/Sopiclick.X, Win32/SpamTool.Tedroo.AL, Win32/Spatet.A, Win32/Spatet.E (2), Win32/Spy.Agent.NRQ (2), Win32/Spy.Antired.A, Win32/Spy.Bancos.NPA, Win32/Spy.Bancos.NTD (2), Win32/Spy.Banker.QEP, Win32/Spy.Banker.SMU, Win32/Spy.Banker.SRQ, Win32/Spy.Setfic.B, Win32/Spy.Setfic.C (2), Win32/Spy.Shiz.NAI, Win32/Spy.Zbot.JF, Win32/Spy.Zbot.UN (2), Win32/Spy.Zbot.YW (2), Win32/Tifaut.C, Win32/TrojanClicker.VB.NJT (2), Win32/TrojanClicker.VB.NOI (2), Win32/TrojanDownloader.Adload.NFC, Win32/TrojanDownloader.Adload.NGD (2), Win32/TrojanDownloader.Agent.OQT, Win32/TrojanDownloader.Banload.NQZ, Win32/TrojanDownloader.Banload.OZN, Win32/TrojanDownloader.Bredolab.AA (2), Win32/TrojanDownloader.Caxnet.CD, Win32/TrojanDownloader.Delf.OZM, Win32/TrojanDownloader.Delf.PMY (2), Win32/TrojanDownloader.FakeAlert.AQI, Win32/TrojanDownloader.FakeAlert.ASI (2), Win32/TrojanDownloader.VB.OLJ (2), Win32/TrojanDropper.Agent.ORE (2), Win32/TrojanDropper.Delf.NPG (2), Win32/TrojanDropper.Delf.NRD, Win32/VB.OXC
http://www.eset.eu/podpora/aktualizacia-5047?lng=en
http://www.eset.eu/support/update-xy1
Discussion is locked
Follow
Reply to: UPDATES - April 21, 2010
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: UPDATES - April 21, 2010
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
avast! 21.4.2010 - 100421-0
- Collapse -
avast! 21.4.2010 - 100421-1
- Collapse -
Spybot S&D detection rules
2010-04-21
Malware
+ Fraud.ControlCenter ++ Fraud.DigitalProtection ++ Fraud.IQManager ++ Fraud.MyProtection + Fraud.PaladinAntivirus + Lop + Mirar + Win32.Bifrost + Win32.FraudLoad + Win32.FraudLoad.edt + Win32.Renos
Spyware
+ AdRotator + Fake.AdobeUpdater + Marketscore.RelevantKnowledge + Win32.Spynet.a
Trojans
++ Adload.dl ++ IRCBot.gu ++ SmileyDistrict + Virtumonde.sci + Virtumonde.sdn + Win32.Agent.ark ++ Win32.Agent.cls ++ Win32.Agent.fw ++ Win32.Agent.of ++ Win32.Agent.svc + Win32.Agent.wu + Win32.Allaple.ab ++ Win32.AutoRun.ul ++ Win32.Delf.wsg + Win32.FakeAlert.ttam + Win32.FraudPack ++ Win32.OnLineGames.mfem + Win32.TDSS.cl + Win32.TDSS.rtk + Win32.ZBot + Win32.ZBot.rtk
Total: 3018027 fingerprints in 1083786 rules for 5353
http://www.safer-networking.org/en/home/index.html
Please remember to Re-Immunize after updating!
- Collapse -
Panda
- Collapse -
ClamAV defs v10775

Latest ClamAV? stable release is: 0.96
Total number of signatures: 757417
ClamAV Virus Databases:
main.cvd ver. 52 released on 15 Feb 2010 09:54 Shocked500
daily.cvd ver. 10775 released on 21 Apr 2010 08:53 Shocked400
http://www.clamav.net/

- Collapse -
(NT) above should be v10776
- Collapse -
Additions to TrojanHunter's updates from yesterday.
Added later 257075 rules

Hupigon.1570
Hupigon.1569
Hupigon.1568
Hupigon.1567
Hupigon.1566
Hupigon.1565
Hupigon.1564
Hupigon.1563
Hupigon.1562
Hupigon.1561
Hupigon.1560
Hupigon.1559
Hupigon.1558
Hupigon.1557
Hupigon.1556
Hupigon.1555
Hupigon.1554
Hupigon.1553
Hupigon.1552
Hupigon.1551
Hupigon.1550
Hupigon.1549
Hupigon.1548
Hupigon.1547
Hupigon.1546
Hupigon.1545
Hupigon.1544
Hupigon.1543
Hupigon.1542

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility.

http://www.misec.net/forum/board/RulesetUpdates/1271757468
- Collapse -
AVG - AVI: 271.1.1/ 2826
- Collapse -
Secunia Online Software Inspector
April 21, 2010

Secunia has updated the Secunia Online Software Inspector (OSI) with new
rules for detecting insecure software.

Run the Secunia OSI to make sure that your system is up-to-date:
http://secunia.com/vulnerability_scanning/online/

What is New:

1) Inspection rules have been updated to detect new security updates.
- Collapse -
Microsoft Security Essentials defs v1.81.79.0
- Collapse -
AntiVir Version: 7.10.06.169
- Collapse -
MBAM defs v4016
- Collapse -
McAfee Daily v5958 and a note about a problem with this.
- Collapse -
McAfee Daily v5959 emergency release
- Collapse -
And a quote from and e-mail notice from McAfee

[quote]
The 5959 dat files have been released early due to a DAT Issue Emergency with the
5958 DAT Files.

The reason for this DAT Issue Emergency is a 'W32/Wecorl.a' False Positive in 5958 DAT.

The various 5959 dat file packages can be found at
http://www.mcafee.com/apps/downloads/security_updates/dat.asp
[/quote]

- Collapse -
Ad-Aware defs v0149.0216
- Collapse -
SUPERAntiSpyware defs v4834
- Collapse -
NAV Weekly and Daily
Weekly Updates released 4/21/2010

Norton AntiVirus for Mac Defs released 4/21/2010

Symantec AntiVirus for Handhelds Defs released 3/25/2010

Daily Updates
Symantec AntiVirus
Norton AntiVirus 2006/2007

Virus Definitions created 4/21/2010
Virus Definitions released 4/21/2010
Defs Version: 120421b
Sequence Number: 109893
Extended Version: 4/21/2010 rev. 2
Total Detections (Threats & Risks): 7027905

Multiple Daily Updates
Symantec Endpoint Protection 11
Norton AntiVirus 2008 and newer

Virus Definitions created 4/21/2010
Virus Definitions released 4/21/2010
Defs Version: 120421b
Sequence Number: 109893
Extended Version: 4/21/2010 rev. 2
Total Detections (Threats & Risks): 7027905
http://www.symantec.com/business/security_response/definitions/download/index.jsp
- Collapse -
NOD32 - Update 5048 (20100421)
2010-04-21 17:54
JS/Exploit.Pdfka.NXO, MSIL/Autorun.Spy.KeyLogger.AB (2), Win32/Adware.SecurityTool.AC, Win32/Adware.WSearch, Win32/Adware.WSearch.AD, Win32/Adware.XPAntiSpyware.AA, Win32/Agent.NWM, Win32/Agent.QZV (4), Win32/AutoRun.Agent.VR, Win32/AutoRun.Hupigon.V, Win32/AutoRun.IRCBot.CX, Win32/AutoRun.VB.NY (6), Win32/AutoRun.VB.NZ (3), Win32/BHO.NXK, Win32/BHO.NYA, Win32/BHO.NYF, Win32/BHO.NYG, Win32/BHO.NYH, Win32/BHO.NYI, Win32/Daonol.O, Win32/Delf.NTZ (2), Win32/Delf.PGC (3), Win32/Dewnad.AB, Win32/Dialer.NKR (2), Win32/Disabler.NAJ, Win32/Dursg.A (2), Win32/Inject.NDA, Win32/Injector.BKK, Win32/IRCBot.NBC, Win32/KillProt.AA, Win32/Kryptik.DVN, Win32/Kryptik.DVP, Win32/Kryptik.DVV, Win32/Oficla.GC (2), Win32/Olmarik.SC, Win32/Peerfrag.FD, Win32/Peerfrag.HC (2), Win32/Protector.J, Win32/PSW.OnLineGames.OOW, Win32/PSW.OnLineGames.OVE, Win32/PSW.QQPass.NGO, Win32/PSW.Tibia.NBR (2), Win32/Qbot.AO, Win32/Qhost, Win32/Redosdru.DI (3), Win32/Spatet.A (2), Win32/Spy.Bancos.NQF, Win32/Spy.Banker.AGH, Win32/Spy.Banker.TPQ, Win32/Spy.Banker.TQQ, Win32/Spy.Delf.NYS (2), Win32/Spy.Delf.OGC, Win32/Spy.Webmoner.NCY (2), Win32/Spy.Zbot.JF (2), Win32/Spy.Zbot.UN (2), Win32/TrojanDownloader.Adload.NFC, Win32/TrojanDownloader.Agent.PVF, Win32/TrojanDownloader.Agent.PWB, Win32/TrojanDownloader.Agent.PWG (2), Win32/TrojanDownloader.FakeAlert.AQI, Win32/TrojanDownloader.FakeAlert.AVU, Win32/TrojanDownloader.FakeAlert.AVZ, Win32/TrojanDownloader.FakeAlert.AWY (2), Win32/TrojanDownloader.FakeAlert.AWZ (3), Win32/TrojanDownloader.FakeAlert.AXA (2), Win32/TrojanDownloader.Small.NTQ, Win32/TrojanDownloader.Swizzor.NCH, Win32/TrojanDownloader.Swizzor.NCN, Win32/TrojanDownloader.Swizzor.NCO, Win32/TrojanDownloader.Swizzor.NCQ, Win32/TrojanDownloader.Swizzor.NCS, Win32/TrojanDownloader.Swizzor.NDB, Win32/TrojanDownloader.Swizzor.NEN, Win32/TrojanDownloader.Swizzor.NEO, Win32/TrojanDownloader.Swizzor.NEP, Win32/TrojanDownloader.Swizzor.NER, Win32/TrojanDownloader.Swizzor.NES, Win32/TrojanDownloader.Swizzor.NET, Win32/TrojanDownloader.Swizzor.NEU, Win32/TrojanDownloader.Swizzor.NEV, Win32/TrojanDownloader.Swizzor.NEW, Win32/TrojanDownloader.Swizzor.NEX, Win32/TrojanDownloader.Swizzor.NEY, Win32/TrojanDropper.Delf.NQD (2), Win32/TrojanDropper.VB.NNZ, Win32/VB.OYG (2), Win32/Wigon.NU (4)
http://www.eset.eu/podpora/aktualizacia-5048?lng=en
http://www.eset.eu/support/update-xy1

CNET Forums

Forum Info