Spyware, Viruses, & Security forum

General discussion

UPDATES - January 12, 2010

by roddy32 / January 11, 2010 9:00 PM PST
NOD32 - Update 4763 (20100112)
2010-01-12 12:35
ASP/Ace.NAF, BAT/Agent.NFE, BAT/Agent.NFG, BAT/Agent.NFH, BAT/Agent.NFI (2), BAT/ArmageddonVirusCreator.A (2), BAT/KillAV.NBB, BAT/KillFiles.NCD (2), IRC/SdBot, JS/Exploit.Pdfka.NPN, JS/Exploit.Pdfka.NPO (2), JS/Fraud.F, NSIS/TrojanDownloader.FakeAlert.AS, NSIS/TrojanDownloader.FakeAlert.AT, VBS/TrojanDownloader.Agent.NCR, VBS/TrojanDownloader.Agent.NCS (2), Win32/Adware.CoreguardAntivirus.D, Win32/Adware.InternetAntivirus, Win32/Adware.SecurityTool.AA, Win32/Adware.Webdesk, Win32/Adware.Webdesk.AA, Win32/Agent.NVT, Win32/Bagle.UN (4), Win32/Flyagent.NFE, Win32/Flyagent.NFF, Win32/Flyagent.NFG, Win32/Flyagent.NFH, Win32/HackAV.DQ, Win32/Injector.APY, Win32/Injector.APZ, Win32/Kryptik.BLL.Gen, Win32/Kryptik.BSR, Win32/Kryptik.BSS, Win32/LockScreen.GJ (5), Win32/Poison.NAE (2), Win32/PSW.OnLineGames.NRD (2), Win32/PSW.OnLineGames.ORT (4), Win32/PSW.OnLineGames.OZC (2), Win32/Qhost, Win32/Qhost.Banker.BB, Win32/Shutdowner.ACQ, Win32/Spy.Zbot.UN (2), Win32/StartPage.NPX (4), Win32/StartPage.NPY (2), Win32/Tifaut.C, Win32/TrojanClicker.Delf.NDM, Win32/TrojanDownloader.Agent.PAY, Win32/TrojanDownloader.FakeAlert.AED, Win32/VB.ODU
http://www.eset.eu/podpora/aktualizacia-4763?lng=en
http://www.eset.eu/support/update-xy1
Discussion is locked
You are posting a reply to: UPDATES - January 12, 2010
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: UPDATES - January 12, 2010
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
TrojanHunter 5.2 Ruleset Update - Jan 12, 2010
by roddy32 / January 11, 2010 9:03 PM PST

An updated TrojanHunter ruleset is available. This update adds 82 new trojan definitions:

Adware.Zwangi.103
Agent.4930
Agent.4929
Cosmu.167
Cosmu.166
Cosmu.165
Cosmu.164
Cosmu.163
Cosmu.162
Cosmu.161
Cosmu.160
Cosmu.159
Cosmu.158
Cosmu.157
FakeSmoke.133
FakeSmoke.132
FraudTool.Agent.158
FraudTool.Agent.157
FraudTool.Agent.156
FraudTool.Agent.155
FraudTool.Agent.154
FraudTool.Agent.153
FraudTool.Agent.152
FraudTool.Agent.151
FraudTool.Agent.150
FraudTool.Agent.149
FraudTool.Agent.148
FraudTool.Agent.147
FraudTool.Agent.146
FraudTool.Agent.145
FraudTool.Agent.144
FraudTool.Agent.143
FraudTool.Agent.142
FraudTool.Agent.141
FraudTool.Agent.140
FraudTool.AntivirusPlus.126
FraudTool.AntivirusPlus.125
FraudTool.AntivirusPlus.124
FraudTool.AntivirusPlus.123
FraudTool.AntivirusPlus.122
FraudTool.AntivirusPlus.121
FraudTool.AntivirusPlus.120
FraudTool.AntivirusPlus.119
FraudTool.AntivirusPlus.118
FraudTool.AntivirusPlus.117
FraudTool.AntiVirusPro.120
FraudTool.AntiVirusPro.119
FraudTool.AntiVirusPro.118
FraudTool.AntiVirusPro.117
FraudTool.AntiVirusPro.116
FraudTool.AntiVirusPro.115
FraudTool.AntiVirusPro.114
FraudTool.AntiVirusPro.113
FraudTool.AntiVirusPro.112
FraudTool.RegistryDoktor.106
FraudTool.WinSpywareProtect.135
FraudTool.WinSpywareProtect.134
FraudTool.WinSpywareProtect.133
FraudTool.WinSpywareProtect.132
FraudTool.WinSpywareProtect.131
FraudTool.WinSpywareProtect.130
FraudTool.WinSpywareProtect.129
FraudTool.WinSpywareProtect.128
Genome.154
PinkBlocker.100
Rabbit.144
Rabbit.143
Rabbit.142
Rabbit.141
Rabbit.140
Rabbit.139
Rabbit.138
Rabbit.137
Rabbit.136
Rabbit.135
Rabbit.134
Rabbit.133
Rabbit.132
Rabbit.131
Rabbit.130
Rabbit.129
TrojanDownloader.FraudLoad.1126

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility.

You should have 246818 rules.
http://www.misec.net/forum/board/RulesetUpdates/1263290720

Collapse -
MBAM #3547
by roddy32 / January 11, 2010 9:13 PM PST
Collapse -
MBAM #3551
by roddy32 / January 12, 2010 7:10 AM PST
In reply to: MBAM #3547
Collapse -
AVG - AVI: 270.14.136/ 2616
by roddy32 / January 11, 2010 9:18 PM PST

Added detection of new variant of Worm/VB.AEZA,, new variants of trojans Generic16.ZYH, Crypt.MAZ, PSW.Banker5.ANDE, BackDoor.Generic12.YFV, SHeur2.CFTM.
January 12, 2010
http://www.grisoft.com/us.download-update

Collapse -
AVG - AVI: 270.14.137/ 2617
by roddy32 / January 12, 2010 6:30 AM PST

Added detection of new variants of trojans BackDoor.Generic12.YJT, BackDoor.Generic12.YGR, Generic16.AADI, BackDoor.Generic12.YLA, BackDoor.Generic12.YHN, Generic16.AAET.
January 12, 2010
http://www.grisoft.com/us.download-update

Collapse -
ClamAV #10286
by roddy32 / January 11, 2010 9:44 PM PST

Latest ClamAV? stable release is: 0.95.3
Total number of signatures: 698666
ClamAV Virus Databases:
main.cvd ver. 51 released on 14 May 2009 10:04 :0400
daily.cvd ver. 10286 released on 12 Jan 2010 05:01 :0500
http://www.clamav.net/

Collapse -
a-squared signature updates
by roddy32 / January 11, 2010 9:47 PM PST
Collapse -
AIMFix Sun Jan 10
by roddy32 / January 11, 2010 9:56 PM PST

AIMFix was last updated at: Sun Jan 10 19:11:22 EST 2010

Collapse -
Panda
by roddy32 / January 11, 2010 9:58 PM PST
Collapse -
BitDefender defs v7.29845
by roddy32 / January 11, 2010 10:20 PM PST
Collapse -
SUPERAntiSpyware #4469 (Yesterday)
by roddy32 / January 11, 2010 10:24 PM PST
Collapse -
SUPERAntiSpyware #4471
by roddy32 / January 12, 2010 4:55 AM PST
Collapse -
SUPERAntiSpyware #4472
by roddy32 / January 12, 2010 9:59 AM PST
In reply to: SUPERAntiSpyware #4471
Collapse -
Microsoft Windows Malicious Software Removal Tool (KB890830)
by roddy32 / January 11, 2010 10:37 PM PST
Collapse -
Windows Defender Signature Update January 12, 2010
by roddy32 / January 11, 2010 11:04 PM PST
Definition Version: 1.71.2030.0
Engine Version: 1.1.5302.0


Product Info: Windows Defender

Available via Windows updates or the program updater

NOTE: Users who have not received the update within the program or MU or WU and wish to update manually, go to Microsoft Malware Protection Center Portal website to download the definitions. That is one of the features of their malware protection center portal... to allow manual download of the definitions for users who have trouble in getting the updates due to some reason or for users who administer computers and want to deploy defs updates offline.

Note: that this is not a daily Windows Defender update form the portal.

Windows Defender version: 1.1.1593.0 XP-32 bit system
Windows Defender version: 1.1.1505.0 Vista-32 bit system
Windows Defender version: 1.1.1600.0 Vista SP2
Windows Defender version: 6.1.7600.16385 Windows 7
Collapse -
Microsoft Security Essentials defs v1.71.2079.0
by roddy32 / January 11, 2010 11:20 PM PST
Collapse -
Microsoft Security Essentials defs v1.71.2087.0
by roddy32 / January 12, 2010 5:02 AM PST
Collapse -
Microsoft Security Essentials defs v1.71.2100.0
by roddy32 / January 12, 2010 7:34 AM PST
Collapse -
AntiVir Version: 7.10.02.174
by roddy32 / January 11, 2010 11:23 PM PST
Collapse -
AntiVir Version: 7.10.02.175
by roddy32 / January 12, 2010 5:00 AM PST
Collapse -
Ad-Aware defs v0149.0130
by roddy32 / January 11, 2010 11:32 PM PST
Collapse -
The Cleaner Database v1244
by roddy32 / January 11, 2010 11:53 PM PST
Collapse -
NOD32 - Update 4764 (20100112)
by roddy32 / January 12, 2010 12:24 AM PST
2010-01-12 15:19
BAT/DelAll.NAC, BAT/DelFiles.NAN (2), BAT/Proxy.W (4), Java/TrojanDownloader.Agent.NAC (2), Java/TrojanDownloader.Agent.NAD (2), Java/TrojanDownloader.OpenStream.NAG, JS/Exploit.Pdfka.AOG, JS/Exploit.Pdfka.NPP, JS/Exploit.Pdfka.NPQ, MSIL/HackAV.B, MSIL/TrojanDropper.Agent.Q (2), VBS/StartPage.NAL, VBS/StartPage.NAN (2), VBS/TrojanDownloader.Iwill.B, Win32/Adware.Antivirus2009, Win32/Adware.Antivirus2009.AB, Win32/Adware.CoreguardAntivirus.C, Win32/Adware.CoreguardAntivirus.D, Win32/Adware.Mirar (4), Win32/Adware.OneStep (5), Win32/Adware.SecurityTool.AA, Win32/Adware.SmartProtector, Win32/Adware.SpyProtector.N, Win32/Adware.SpywareGuard.AA, Win32/Agent.NOV (2), Win32/Agent.QIJ, Win32/Agent.QLN (22), Win32/Agent.QOH (2), Win32/Agent.QOO, Win32/Agent.QPN (4), Win32/Agent.QPO (2), Win32/Agent.QPP (3), Win32/Agent.QPQ, Win32/Agent.QPR, Win32/Agent.QPS, Win32/AutoRun.IRCBot.EE, Win32/AutoRun.VB.IU, Win32/Bagle.UN (2), Win32/Delf.RCC, Win32/DNSChanger.NBD (2), Win32/FlyStudio.T, Win32/Hoax.Agent.H, Win32/Injector.AMC, Win32/Injector.ANU, Win32/Injector.AOP, Win32/KillAV.NHP (2), Win32/Koobface.NBH, Win32/Kryptik.BSK, Win32/Kryptik.BSN, Win32/Kryptik.BST, Win32/Kryptik.BSU, Win32/Kryptik.BSV, Win32/Kryptik.BSW, Win32/Kryptik.BSX, Win32/Kryptik.BSY, Win32/Kryptik.BSZ, Win32/Kryptik.BTA, Win32/Kverzdoor.A (4), Win32/LockScreen.GI, Win32/LockScreen.GJ (4), Win32/LockScreen.GK (4), Win32/LockScreen.GL, Win32/LockScreen.GM, Win32/LockScreen.GN (3), Win32/Oficla.CI, Win32/Oficla.CQ, Win32/Oficla.CR, Win32/Olmarik.OH (3), Win32/Olmarik.QO, Win32/Olmarik.SC, Win32/Olmarik.SF, Win32/Olmarik.SK, Win32/Poison.NAE, Win32/PSW.Agent.NJL (2), Win32/PSW.LdPinch.NEL, Win32/PSW.OnLineGames.NRD (2), Win32/PSW.WOW.NOE, Win32/PSW.WOW.NOF, Win32/PSW.WOW.NOJ (2), Win32/Qhost.NRL (2), Win32/Redosdru.AZ (2), Win32/Refpron.DW, Win32/Rootkit.Ressdt.NAT, Win32/Sality, Win32/Sirefef.T (2), Win32/SpamTool.Agent.NCB, Win32/Spatet.A, Win32/Spy.Bancos.NOG, Win32/Spy.Bancos.NQD, Win32/Spy.Bancos.NQH, Win32/Spy.Banker.QEP, Win32/Spy.Banker.SKA, Win32/Spy.Banker.SPW, Win32/Spy.Banker.SPX, Win32/Spy.Banker.SPZ (2), Win32/Spy.Banker.SQA (2), Win32/Spy.Banker.SQB, Win32/Spy.Banker.SQC (2), Win32/Spy.Banker.SQD (2), Win32/Spy.Banker.SQE (2), Win32/Spy.VB.NFJ, Win32/TrojanClicker.Agent.NII, Win32/TrojanDownloader.Agent.CYEK, Win32/TrojanDownloader.Agent.PLS, Win32/TrojanDownloader.Agent.PME, Win32/TrojanDownloader.Banload.OYA (2), Win32/TrojanDownloader.Delf.PFN (2), Win32/TrojanDownloader.Delf.PFO (2), Win32/TrojanDownloader.FakeAlert.AED, Win32/TrojanDownloader.FakeAlert.AQI, Win32/TrojanDownloader.FakeAlert.ARF, Win32/TrojanDownloader.FakeAlert.ARU (2), Win32/TrojanDownloader.FakeAlert.ARV, Win32/TrojanDownloader.FakeAlert.ARW (2), Win32/TrojanDownloader.Small.OIR, Win32/TrojanDownloader.Small.OJH, Win32/TrojanDownloader.VB.OGT (2), Win32/VB.ORU (2)
http://www.eset.eu/podpora/aktualizacia-4764?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - Update 4765 (20100112)
by roddy32 / January 12, 2010 4:06 AM PST
2010-01-12 18:29
JS/Exploit.Pdfka.NOE, Win32/Adware.GeneralAV, Win32/Adware.PersonalAntivirus (3), Win32/Adware.SecurityTool (2), Win32/Adware.SecurityTool.AA, Win32/AGbot.K (2), Win32/AGbot.L, Win32/AGbot.M, Win32/Agent.NWL (2), Win32/Agent.OBO (2), Win32/Agent.QNF (3), Win32/Agent.QOH, Win32/Agent.QPM (5), Win32/Agent.QPS (2), Win32/Agent.QPT, Win32/Agent.WPI, Win32/AutoRun.Agent.UG (2), Win32/AutoRun.Delf.EL, Win32/AutoRun.FlyStudio.XG, Win32/AutoRun.Hupigon.L, Win32/AutoRun.IRCBot.CX, Win32/AutoRun.IRCBot.EF (2), Win32/AutoRun.VB.IU (7), Win32/AutoRun.VB.IY (2), Win32/Bifrose.NDX (2), Win32/Bifrose.NDY, Win32/Bifrose.NEL, Win32/Bifrose.NTA, Win32/Delf.OYF, Win32/Delf.OYO, Win32/Emis.AA (4), Win32/FlyStudio.ODD, Win32/FlyStudio.ODE, Win32/FlyStudio.ODF, Win32/FlyStudio.ODG, Win32/HackTool.Patcher.A, Win32/Injector.AQA, Win32/Kryptik.BTB, Win32/Kryptik.BTC, Win32/Kryptik.BTD, Win32/Kryptik.BTE, Win32/LockScreen.DB, Win32/LockScreen.GF, Win32/LockScreen.GG, Win32/LockScreen.GI, Win32/LockScreen.GM, Win32/LockScreen.GN, Win32/LockScreen.GO (2), Win32/LockScreen.GP (2), Win32/Olmarik.KT, Win32/Olmarik.SC (2), Win32/Olmarik.SN, Win32/Olmarik.SP, Win32/Olmarik.SQ (2), Win32/Olmarik.SR (2), Win32/Peerfrag.BL, Win32/Prisos.A (2), Win32/PSW.Agent.NPD (2), Win32/PSW.LdPinch.NCB, Win32/PSW.Legendmir.NHV (4), Win32/PSW.OnLineGames.NNU (6), Win32/PSW.OnLineGames.ODJ (3), Win32/PSW.OnLineGames.OQY (2), Win32/PSW.OnLineGames.ORU, Win32/PSW.OnLineGames.OZA, Win32/PSW.OnLineGames.XTT, Win32/PSW.QQRob.NBP, Win32/PSW.WOW.DZI (2), Win32/Sality.NAU (3), Win32/ServU-Daemon, Win32/Sirefef.S (2), Win32/Spy.Banbra.NYH (2), Win32/Spy.Bancos.NQI (2), Win32/Spy.Banker.ONJ, Win32/Spy.Banker.PPG, Win32/Spy.Banker.QXO (2), Win32/Spy.Banker.SEI (2), Win32/Spy.Banker.SHN (2), Win32/Spy.Banker.SLX (2), Win32/Spy.Banker.SOF, Win32/Spy.Banker.SOU, Win32/Spy.Banker.SPG, Win32/Spy.Banker.SPR (2), Win32/Spy.Banker.SPT (2), Win32/Spy.Banker.SQF (2), Win32/Spy.Banker.SQG, Win32/Spy.Banker.SQH, Win32/Spy.Delf.OBP, Win32/Spy.Delf.OBR, Win32/Spy.Delf.OBT (2), Win32/Spy.Delf.OBV (3), Win32/Spy.Delf.OBW, Win32/Spy.KeyLogger.NFH (2), Win32/Spy.Zbot.JF (4), Win32/Spy.Zbot.UN (3), Win32/StartPage.NPZ, Win32/TrojanClicker.Agent.NIJ, Win32/TrojanClicker.Agent.NIS, Win32/TrojanClicker.Delf.NDJ, Win32/TrojanClicker.Delf.NDK, Win32/TrojanClicker.Delf.NDN (2), Win32/TrojanClicker.Delf.NDR (3), Win32/TrojanClicker.Delf.NGK, Win32/TrojanClicker.Delf.NGL, Win32/TrojanClicker.Delf.NIR, Win32/TrojanClicker.Delf.NIS, Win32/TrojanDownloader.Bredolab.AA, Win32/TrojanDownloader.Bredolab.AN, Win32/TrojanDownloader.Bredolab.BE (2), Win32/TrojanDownloader.Delf.PFQ (3), Win32/TrojanDownloader.Delf.PFR, Win32/TrojanDownloader.Delf.PGF, Win32/TrojanDownloader.FakeAlert.ADA, Win32/TrojanDownloader.FakeAlert.AED, Win32/TrojanDownloader.FakeAlert.AOP, Win32/TrojanDownloader.FakeAlert.ARD, Win32/TrojanDownloader.FakeAlert.ARX (2), Win32/TrojanDownloader.Small.OIB, Win32/TrojanDownloader.Small.OOT, Win32/TrojanDownloader.Small.OTT (2), Win32/TrojanDownloader.VB.OGS, Win32/TrojanDropper.Agent.NYS (2), Win32/TrojanDropper.Joiner.AJ (2), Win32/VB.NHW, Win32/VB.ORV, Win32/VB.ORW, Win32/Waledac (2), Win32/Wigon, Win32/Wigon.DC, Win32/Wigon.MU
http://www.eset.eu/podpora/aktualizacia-4765?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
The MVPS HOSTS file was recently updated [JAN-12-2010]
by roddy32 / January 12, 2010 1:06 AM PST
Collapse -
MVPS hosts file
by Ray_moe / January 12, 2010 2:02 AM PST
Collapse -
I don't know Ray, I don't use it
by roddy32 / January 12, 2010 2:13 AM PST
In reply to: MVPS hosts file

so I never tried to search for anything. Maybe Grif would know, I think he uses it. You could also post in Mike's blog and ask, I think it is a public blog. Not sure if you would have to join or not. The blog link is in the original post.

Collapse -
A Search Is Easy
by Grif Thomas Forum moderator / January 12, 2010 2:59 AM PST
In reply to: MVPS hosts file

First, you'll need to download the entire file to your desktop. You should now have a HOSTS.txt file on your desktop. Open the desktop HOSTS file in Notepad,(which should happen by double clicking on the HOSTS.txt file, then click on "Edit" in the upper left, choose "Find", then type in the search criteria of choice in the "Find What" line, then click on the "Find Next" button.. If your criteria is found, it will stop there and you can continue to find more items with the same criteria by pressing the F3 button, over and over again, till all items with that criteria are exhausted in the list..

Hope this helps.

Grif

Collapse -
Quick Heal defs
by roddy32 / January 12, 2010 1:37 AM PST
Collapse -
McAfee Daily #5859
by roddy32 / January 12, 2010 3:32 AM PST

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!