Spyware, Viruses, & Security forum

General discussion

UPDATES - December 1, 2008

by roddy32 / November 30, 2008 8:47 PM PST
TrojanHunter 5.0 Ruleset Update - Nov 30, 2008

An updated TrojanHunter ruleset is available. This update adds 67 new trojan definitions:

Adware.BHO.341
Agent.3230
Agent.3229
Agent.3228
Agent.3227
Alureon.128
BHO.403
BiFrose.485
Buzus.300
Crypt.500
FakeAlert.232
FraudPack.152
Inject.317
Inject.316
Jevafus.115
Jevafus.114
Jevafus.113
Jevafus.112
Jevafus.111
Jevafus.110
Jevafus.109
Jevafus.108
Jevafus.107
Kryptik.106
Monder.400
Monder.399
Monder.398
Monderb.162
Olmarik.103
PcClient.265
PoisonIvy.137
PWSteal.Magania.363
PWSteal.Magania.362
PWSteal.OnLineGames.1410
PWSteal.OnLineGames.1409
PWSteal.QQPass.206
Tofsee.103
TrojanClicker.Agent.409
TrojanDownloader.Agent.2827
TrojanDownloader.Agent.2826
TrojanDownloader.Agent.2825
TrojanDownloader.Bagle.162
TrojanDownloader.Banload.1497
TrojanDownloader.CodecPack.140
TrojanDownloader.Dadobra.197
TrojanDownloader.Delf.1490
TrojanDownloader.FraudLoad.444
TrojanDownloader.FraudLoad.443
TrojanDownloader.Small.2952
TrojanDownloader.Small.2951
TrojanDownloader.VB.1008
TrojanDownloader.VB.1007
TrojanDropper.Agent.1084
TrojanDropper.Agent.1083
TrojanDropper.VB.396
TrojanDropper.VB.395
TrojanSpy.Ambler.103
TrojanSpy.IESpy.117
TrojanSpy.Pophot.118
TrojanSpy.VB.284
VB.1339
VB.1338
Vundo.1394
Worm.AutoRun.322
Worm.AutoRun.321
Worm.VB.236
Worm.VB.235

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.

You should have 199127 rules.
http://www.misec.net/forum/board/RulesetUpdates/1228107048
Discussion is locked
You are posting a reply to: UPDATES - December 1, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: UPDATES - December 1, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
NOD32 - 3653 (20081201)
by roddy32 / November 30, 2008 8:58 PM PST
2008-12-01 11:42
BAT/Qhost.NAR, JS/TrojanDownloader.Agent.NIU, JS/TrojanDownloader.Agent.NIV, JS/TrojanDownloader.Agent.NIW, VBS/AutoRun.BB (2), Win32/Adware.Cinmus (2), Win32/Adware.SpywareGuard (11), Win32/Adware.Virtumonde (2), Win32/Adware.Virtumonde.NCG, Win32/Adware.VirusTrigger (2), Win32/Adware.WSearch (5), Win32/Agent.ONF (2), Win32/Autoit.CM, Win32/AutoRun.FlyStudio.AJ, Win32/AutoRun.WC (2), Win32/Conficker.D (2), Win32/Delf.NNM (2), Win32/Delf.NTG, Win32/Flyagent.M (2), Win32/FlyStudio.CW (2), Win32/FlyStudio.NDT, Win32/FlyStudio.NDU, Win32/KillAV.AWR, Win32/Patched.BD, Win32/PSW.LdPinch.NCB, Win32/PSW.OnLineGames.NMP (3), Win32/PSW.OnLineGames.NMY (4), Win32/PSW.OnLineGames.ODJ (3), Win32/PSW.WOW.NDZ, Win32/PSW.WOW.NGH (4), Win32/PSW.WOW.NGI (4), Win32/Qhost, Win32/Rootkit.Agent.ETR, Win32/SpamTool.Agent.NBF (2), Win32/Spy.Bancos.CI, Win32/Spy.Banker.PWD, Win32/Spy.Banker.PWE, Win32/Spy.Delf.NNK, Win32/Spy.Goldun.NDW (7), Win32/TrojanDownloader.Agent.ONK, Win32/TrojanDownloader.Agent.ONM (2), Win32/TrojanDownloader.Agent.ONO, Win32/TrojanDownloader.Delf.OKO (2), Win32/TrojanDownloader.Delf.OKP, Win32/TrojanDownloader.FakeAlert.IQ, Win32/TrojanDownloader.FakeAlert.QY, Win32/TrojanDownloader.FakeAlert.SM (2), Win32/TrojanDownloader.FakeAlert.SN (2), Win32/TrojanDownloader.Small.OCS, Win32/TrojanDownloader.Zlob.CWH (18), Win32/TrojanDropper.Agent.NRI, Win32/TrojanDropper.Delf.NIN (2), Win32/TrojanDropper.Delf.NKD (2), Win32/TrojanDropper.FriJoiner.AW, Win32/TrojanDropper.VB.BL, Win32/VB.NTL, Win32/Wigon.BA
http://www.eset.eu/podpora/aktualizacia-3653?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - 3654 (20081201)
by roddy32 / December 1, 2008 12:09 AM PST
2008-12-01 16:29
BAT/FormatCQ.O, IRC/Flood.NAM, Win32/Adware.WSearch (10), Win32/Adware.XPAntivirus, Win32/Adware.Xupiter (2), Win32/Agent.NDO (2), Win32/Agent.NGC, Win32/Agent.ONH, Win32/Agent.ONI (4), Win32/Agent.ONJ, Win32/Agent.ONK, Win32/AutoRun.Qhost.A, Win32/BadJoke.FakeDestruct.C (2), Win32/Bagle.QH, Win32/Bagle.QO, Win32/Conficker.A, Win32/Conficker.E (2), Win32/Delf.NTJ, Win32/Delf.NTK (2), Win32/Dialer.NEW, Win32/Dialer.NFZ, Win32/Exploit.MS08-067.B (2), Win32/KillAV.AWR, Win32/KillAV.NCU (3), Win32/KillFiles.NBT (2), Win32/PcClient, Win32/Poebot.NBF, Win32/Poebot.NBU, Win32/Prosti.NAV, Win32/Prosti.NAZ, Win32/PSW.Agent.NCN, Win32/PSW.Legendmir.NFX (3), Win32/PSW.OnLineGames.NMP (6), Win32/PSW.OnLineGames.NMY (3), Win32/PSW.OnLineGames.NNU (2), Win32/PSW.OnLineGames.NRN, Win32/PSW.OnLineGames.NRS, Win32/PSW.OnLineGames.NSQ (2), Win32/PSW.OnLineGames.ODJ (2), Win32/PSW.OnLineGames.ODW, Win32/PSW.OnLineGames.OFE (2), Win32/PSW.OnLineGames.OFF (4), Win32/PSW.OnLineGames.XTT (2), Win32/PSW.QQPass.NDF, Win32/PSW.QQPass.NDY (2), Win32/Qhost, Win32/Rootkit.Agent.EVO, Win32/Spy.Agent.NKL, Win32/Spy.Banker.PLM, Win32/Spy.Banker.PWF (2), Win32/Spy.Banker.PWG (2), Win32/Spy.Banker.PWH (2), Win32/Spy.Banker.PWI (2), Win32/Spy.Zbot.BD, Win32/Tifaut.A (3), Win32/Toolbar.AskSBar (2), Win32/Toolbar.MyWebSearch, Win32/TrojanClicker.Delf.NFA, Win32/TrojanClicker.VB.CJW, Win32/TrojanClicker.VB.COJ (2), Win32/TrojanDownloader.Banload.ODC (2), Win32/TrojanDownloader.FakeAlert.SO, Win32/TrojanDownloader.Sinique.A (4), Win32/TrojanDownloader.VB.NOY (2), Win32/TrojanDownloader.Wigon.BA, Win32/TrojanDownloader.Wigon.BB, Win32/TrojanDownloader.Wigon.BC, Win32/TrojanDownloader.Zlob.CWI (18), Win32/TrojanDropper.Agent.NJV (2), Win32/TrojanDropper.Agent.NRJ, Win32/TrojanProxy.Small.NCJ, Win32/TrojanProxy.Small.NP, Win32/Wigon.GX, Win32/Wigon.HK
http://www.eset.eu/podpora/aktualizacia-3654?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - 3655 (20081201)
by roddy32 / December 1, 2008 7:01 AM PST
2008-12-01 21:57
INF/Autorun, IRC/SdBot (2), PDF/Exploit.Pidief.NEB, PDF/Exploit.Pidief.NEC, PDF/Exploit.Pidief.UQ, Win32/Adware.Agent.HVI, Win32/Adware.BHO.EFQ, Win32/Adware.BHO.NCX, Win32/Adware.GooochiBiz, Win32/Adware.SuperJuan (2), Win32/Adware.Virtumonde (5), Win32/Adware.WSearch, Win32/Agent.ARLY (2), Win32/Agent.AROJ (3), Win32/Agent.ODG, Win32/Agent.ONG (4), Win32/Agent.ONL, Win32/Agent.ONM (3), Win32/Agent.TGS (2), Win32/Autoit.EZ, Win32/Autoit.GE (2), Win32/AutoRun.ADJ (3), Win32/AutoRun.Agent.CH (2), Win32/AutoRun.Autoit.Q, Win32/AutoRun.FakeAlert.AF (3), Win32/AutoRun.FakeAlert.AG, Win32/AutoRun.FakeAlert.AH, Win32/AutoRun.VB.AE (2), Win32/AutoRun.VB.AF, Win32/Bagle.QH, Win32/BHO.NKB (2), Win32/BHO.NKC (2), Win32/Bifrose.AFPX, Win32/Delf.NTF (2), Win32/Delf.NTH (2), Win32/Delf.NTI (2), Win32/Hupigon, Win32/MailFinder.Blen.EN (2), Win32/Olmarik.A (2), Win32/Olmarik.D, Win32/Olmarik.E, Win32/Poebot.NBV, Win32/Prosti.NAY (2), Win32/PSW.Agent.NHG, Win32/PSW.Agent.NJI (3), Win32/PSW.OnLineGames.NMP (3), Win32/PSW.OnLineGames.NMY (4), Win32/PSW.OnLineGames.NRD (2), Win32/PSW.OnLineGames.OFG, Win32/Qhost, Win32/Rootkit.Agent.NFF, Win32/Rootkit.Podnuha (2), Win32/Runner.BX, Win32/Sohanad.AS, Win32/SpamTool.Blen.NAC (2), Win32/SpotAuditor (2), Win32/Spy.Agent.NKN (4), Win32/Spy.Agent.NKO, Win32/Spy.Banbra.EXR (2), Win32/Spy.Banbra.FFQ (2), Win32/Spy.Banker.AAZN (2), Win32/Spy.Banker.AAZP (2), Win32/Spy.Banker.OXC, Win32/Spy.Banker.PWS (2), Win32/Spy.Banker.PWT (2), Win32/Spy.Banker.PWU (2), Win32/Spy.Banker.ZXC (3), Win32/Spy.Delf.NNL (2), Win32/Spy.Zbot.BA (2), Win32/Spy.Zbot.BB, Win32/Spy.Zbot.BC, Win32/Srizbi.NCB, Win32/Tifaut.A (4), Win32/TrojanClicker.Agent.NEB, Win32/TrojanDownloader.Agent.AABX (2), Win32/TrojanDownloader.Agent.ONP, Win32/TrojanDownloader.Agent.ONQ (2), Win32/TrojanDownloader.Delf.OKN, Win32/TrojanDownloader.Delf.OKO (2), Win32/TrojanDownloader.Delf.OKQ (2), Win32/TrojanDownloader.Delf.OKR, Win32/TrojanDownloader.FakeAlert.PY (2), Win32/TrojanDownloader.FakeAlert.QU (2), Win32/TrojanDownloader.FakeAlert.SP, Win32/TrojanDownloader.FlyStudio.B, Win32/TrojanDownloader.Small.NTQ, Win32/TrojanDownloader.Small.OGQ, Win32/TrojanDownloader.Zlob.CWJ, Win32/TrojanDropper.Agent.ZLH (3), Win32/TrojanDropper.Delf.NKE, Win32/TrojanDropper.VB.II, Win32/TrojanDropper.VB.NFT (3), Win32/TrojanDropper.VB.NFU, Win32/VB.NTM, Win32/Wigon (4), Win32/Wigon.GR (2), WMA/TrojanDownloader.GetCodec.C (4)
http://www.eset.eu/podpora/aktualizacia-3655?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
ClamAV #8701
by roddy32 / November 30, 2008 9:04 PM PST

Latest ClamAV? stable release is: 0.94.2
Total number of signatures: 469261
ClamAV Virus Databases:
main.cvd ver. 49 released on 22 Oct 2008 22:03 +0000
daily.cvd ver. 8701 released on 01 Dec 2008 12:35 +0000
http://www.clamav.net/

Collapse -
AVG - AVI: 270.9.12 /1822
by roddy32 / November 30, 2008 9:07 PM PST
Collapse -
AVG - AVI: 270.9.12 /1823
by roddy32 / December 1, 2008 7:50 AM PST
Collapse -
AntiVir Version: 7.01.00.166
by roddy32 / November 30, 2008 9:12 PM PST
Collapse -
BOClean FILE DATE: 2008-12-01 12:42:45 (UTC)
by roddy32 / November 30, 2008 9:18 PM PST
FIFTY new nasties for a total of 66,600 **UNIQUE**
infectors (334,671 variants of these including
trojans,worms,bots,hijackers,downloaders,spam proxies, rootkits, adware,
spyware,keyloggers,"dialers" and other malware in total) covered in
today's update for BOClean 4.27.

Please also note that if you ever miss an update (or several) the update
you collect includes **ALL** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.comodo.com/boclean/trolist.html
Collapse -
BOClean FILEDATE: 2008-12-01 13:19:22 (UTC)
by roddy32 / November 30, 2008 10:18 PM PST
THIRTY-FOUR new nasties for a total of 66634 *UNIQUE* infectors (
334,721 variants of these including trojans, worms, bots, hijackers,
downloaders, spam proxies, rootkits, adware, spyware, keyloggers,
"dialers" and other malware in total) covered in today's update for
BOClean 4.27.

Please also note that if you ever miss an update (or several) the update
you collect includes ***ALL*** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.comodo.com/boclean/trolist.html
Collapse -
a-squared signature update
by roddy32 / November 30, 2008 9:22 PM PST
Collapse -
a-squared signature update (2)
by roddy32 / December 1, 2008 12:13 AM PST
Collapse -
Ad-Aware defs update
by roddy32 / November 30, 2008 9:37 PM PST
0143.0002 - December 1, 2008

New definitions:

====================
Win32.Backdoor.LiteBot

Updated definitions:
====================
ABetterInternet.Aurora
Adware.AdMedia
Adware.BHO(generic)
Adware.SuperJuan
CometSystems
CommonName
PurityScan
Ultimateantivirus 2008
Win32.AdWare.Cinmus
Win32.Backdoor.Agent
Win32.Backdoor.Agobot
Win32.Backdoor.AimBot
Win32.Backdoor.AutoIt
Win32.Backdoor.Bandok
Win32.Backdoor.Bifrose
Win32.Backdoor.BlackHole
Win32.Backdoor.BO2k
Win32.Backdoor.ceBot
Win32.Backdoor.CiaDoor
Win32.Backdoor.Delf
Win32.Backdoor.DsBot
Win32.Backdoor.EggDrop
Win32.Backdoor.Frauder
Win32.Backdoor.GGDoor
Win32.Backdoor.HacDef
Win32.Backdoor.Hupigon
Win32.Backdoor.IRCBot
Win32.Backdoor.IRCZapchast
Win32.Backdoor.Iroffer
Win32.Backdoor.Optix
Win32.Backdoor.PcClient
Win32.Backdoor.Poison
Win32.Backdoor.PopWin
Win32.Backdoor.RBot
Win32.Backdoor.Robobot
Win32.Backdoor.Rukap
Win32.Backdoor.SDBot
Win32.Backdoor.Shodabot
Win32.Backdoor.UltimateDefender
Win32.Backdoor.VanBot
Win32.Backdoor.VB
Win32.Backdoor.Vipdataend
Win32.Backdoor.Webdor
Win32.Backdoor.WootBot
Win32.Dialer.Trojan
Win32.Generic.PWS
Win32.P2PWorm.Agent
Win32.P2PWorm.Bacteraloh
Win32.P2PWorm.SpyBot
Win32.SpamTool.Blen
Win32.Trojan.Agent
Win32.Trojan.BHO
Win32.Trojan.Buzus
Win32.Trojan.Delf
Win32.Trojan.Diamin
Win32.Trojan.Disabler
Win32.Trojan.Fraudpack
Win32.Trojan.Inject
Win32.Trojan.KillAV
Win32.Trojan.LowZones
Win32.Trojan.Mailfinder
Win32.Trojan.Monder
Win32.Trojan.Nosok
Win32.Trojan.Obfuscated
Win32.Trojan.Pakes
Win32.Trojan.Regrun
Win32.Trojan.Runner
Win32.Trojan.ShipUp
Win32.Trojan.Small
Win32.Trojan.Spy
Win32.Trojan.Vapsup
Win32.Trojan.VB
Win32.Trojan.Vxgame
Win32.TrojanClicker
Win32.TrojanClicker.Small
Win32.TrojanDownloader.Agent
Win32.TrojanDownloader.Bagle
Win32.TrojanDownloader.Banload
Win32.TrojanDownloader.BHO
Win32.TrojanDownloader.CodecPack
Win32.TrojanDownloader.ConHook
Win32.TrojanDownloader.Dadobra
Win32.TrojanDownloader.Delf
Win32.TrojanDownloader.FraudLoad
Win32.TrojanDownloader.Homles
Win32.TrojanDownloader.Injecter
Win32.TrojanDownloader.Mutant
Win32.TrojanDownloader.Qoologic
Win32.TrojanDownloader.Redreval
Win32.TrojanDownloader.Small
Win32.TrojanDownloader.Tibs
Win32.TrojanDownloader.VB
Win32.TrojanDownloader.Winlagons
Win32.Trojandownloader.Zlob
Win32.TrojanDropper
Win32.Trojan-Dropper.Delf
Win32.Trojan-Dropper.Instaler
Win32.Trojan-Dropper.Joiner
Win32.Trojan-Dropper.MuDrop
Win32.TrojanDropper.VB
Win32.TrojanProxy.Agent.dl
Win32.TrojanProxy.Mitglieder.bi
Win32.TrojanProxy.Ranky
Win32.TrojanProxy.Small
Win32.TrojanProxy.Symbab
Win32.Trojan-PSW.Delf
Win32.Trojan-PSW.Nilage
Win32.TrojanPWS.Magania
Win32.TrojanPWS.OnlineGames
Win32.TrojanPWS.QQPass
Win32.TrojanPWS.Steam
Win32.Trojan-PWS.Tibia
Win32.TrojanPWS.VB
Win32.TrojanPWS.WebMoner
Win32.TrojanPWS.WOW
Win32.TrojanSpy.Banbra
Win32.TrojanSpy.Banker
Win32.TrojanSpy.Delf
Win32.TrojanSpy.Goldun
Win32.TrojanSpy.Pophot
Win32.TrojanSpy.Small
Win32.TrojanSpy.VB
Win32.TrojanSpy.Zbot
Win32.Worm.Allaple
Win32.Worm.Autorun
Win32.Worm.Brontok
Win32.Worm.Dedler
Win32.Worm.Glowa
Win32.Worm.Kolab
Win32.Worm.Kolabc
Win32.Worm.Maslan
Win32.Worm.Mydoom
Win32.Worm.Opanki
Win32.Worm.Padobot
Win32.Worm.Socks
Win32.Worm.Sohanad
Win32.Worm.VB
Win32.Worm.Warezov
Win32.Worm.Zhelatin

MD5 checksum for core.aawdef is 0dd5c1c693c98b3ab39a8ceda2aa4c17
MD5 checksum for defs.ref is e02ec3c4ebc2bfea79f5a3a1131d4749


http://www.lavasoft.com/support/securitycenter/blog/?p=327#more-327
Collapse -
NAV Daily
by roddy32 / December 1, 2008 12:35 AM PST
Collapse -
CCleaner v2.14.763 released December 1, 2008
by roddy32 / December 1, 2008 1:38 AM PST

- Fixed minor bug in Firefox 2 cookies support.

http://www.ccleaner.com/download/version-history
http://www.ccleaner.com/

Download
http://www.ccleaner.com/download/builds

There are 3 builds available.
1. Standard Build also includes the Yahoo Toolbar but that can be UNcheckmarked during the installation if you so desire.
2. Portable does NOT include the Installer
3. Slim also does NOT include the Toolbar.

Note by me: You can use the updater on the program which will bring you to the download link or from there choose the "other builds" link if you want one of the versions without the Toolbar OR you can use the download link above. Choose run on the download, close CCleaner back up again and when the download completes, follow the prompts and it will overwrite your old version which will save your settings and cookies that you have saved.

Collapse -
SUPERAntiSpyware #3657
by roddy32 / December 1, 2008 1:56 AM PST
Collapse -
SUPERAntiSpyware #3658
by roddy32 / December 1, 2008 9:35 AM PST
In reply to: SUPERAntiSpyware #3657
Collapse -
McAfee Daily #5451
by roddy32 / December 1, 2008 3:45 AM PST
Collapse -
Panda
by roddy32 / December 1, 2008 3:50 AM PST
Collapse -
F-Prot
by roddy32 / December 1, 2008 3:53 AM PST

F-PROT Antivirus can as of 1 December 2008 detect a total of 1127783 worms, viruses and other malicious programs with its latest virus signature file.
http://www.f-prot.com/products/currentversions.html

Note: The total detections on the site are the same as what was posted on 26th August 2008, BUT Although we cannot confirm it, it is very likely that the actual program is being updated automatically at regular intervals even though the webpage isn't.

Collapse -
avast! 4.x VPS (released: 1.12.2008,version:081201-0)
by roddy32 / December 1, 2008 7:58 AM PST
Collapse -
Java Runtime Environment (JRE) 6 Update 11 - December 1
by roddy32 / December 1, 2008 8:06 AM PST
Collapse -
Additional note on this.
by roddy32 / December 1, 2008 1:23 PM PST
Java note: If you already have JRE 6 Update 10 installed, there is no longer a need to uninstall it - Update 11 is an update to this version.

If you have JRE 6 Update 7 or earlier, these must be uninstalled before or after the Update 11 installation.
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?