Spyware, Viruses, & Security forum

General discussion

UPDATES - January 18, 2007

Note: The website had this posted as the 17 but I believe that was a typo and it was supposed to be posted as the 18th so that is what I am posting it as. There already was an updated posted 24 hours ago for the 17th.

TrojanHunter 4.6 Ruleset Update - Jan 18, 2007

An updated TrojanHunter ruleset is available.

Please note this is a Cumulative update.
This update adds at least 58 new trojan definitions:


Adware.Agent.159
Adware.Comet.107
Adware.Lop.225
Adware.Lop.224
Adware.Lop.223
Adware.Lop.222
Adware.NaviPromo.144
Agent.1115
Agent.1114
Agent.1113
Agent.1112
Dialer.185
Dialer.184
DNSChanger.222
DNSChanger.221
IM-Flooder.Delf.104
Inject.127
IRC.Zapchast.165
PWSteal.Agent.268
PWSteal.LdPinch.265
Rootkit.Agent.138
SDBot.944
SDBot.943
TrojanDownloader.Agent.1030
TrojanDownloader.Banload.881
TrojanDownloader.Banload.880
TrojanDownloader.Banload.879
TrojanDownloader.Banload.878
TrojanDownloader.Banload.877
TrojanDownloader.Banload.876
TrojanDownloader.Banload.875
TrojanDownloader.Banload.874
TrojanDownloader.Banload.873
TrojanDownloader.Busky.174
TrojanDownloader.Delf.622
TrojanDownloader.Small.1140
TrojanDownloader.Small.1139
TrojanDownloader.Small.1138
TrojanDropper.Small.299
TrojanDropper.Small.298
TrojanSpy.Agent.280
TrojanSpy.Banbra.242
TrojanSpy.Banbra.241
TrojanSpy.Banbra.240
TrojanSpy.Bancos.513
TrojanSpy.Bancos.512
TrojanSpy.Bancos.511
TrojanSpy.Banker.1542
TrojanSpy.Banker.1541
TrojanSpy.Banker.1540
TrojanSpy.Banker.1539
TrojanSpy.Banker.1538
TrojanSpy.Haxspy.130
Vundo.130
ZlobDropper.598
ZlobDropper.597
ZlobDropper.596
ZlobDropper.595

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, also use LiveUpdate.

License holders without an ongoing subscription please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.


You should have 103048 rules
http://www.misec.net/forum/board/RulesetUpdates/1169177633
Discussion is locked
You are posting a reply to: UPDATES - January 18, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: UPDATES - January 18, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
ZoneAlarm Anti-virus

In reply to: UPDATES - January 18, 2007

Anti-virus signature DAT file version:30.4.3336.000

To check your signature DAT file versions, go to the "Overview" section of ZA. Click on the "Product Info" tab. In the "Version Information" Section, your DAT versions should be listed there. An easier method will be to right-click the ZA icon on the taskbar and click "About..."


note: At this time there is no updates page for ZoneLabs.

http://www.zonelabs.com/store/content/home.jsp

Collapse -
BOClean FILEDATE: 2007-01-19 13:11:30 (UTC)

In reply to: UPDATES - January 18, 2007

ONE HUNDRED AND SIX new nasties for a total of 19989 UNIQUE infectors (229,881 variants of these including trojans, worms, bots, hijackers, downloaders, spam proxies, rootkits, adware, spyware, keyloggers, "dialers" and other malware in total) covered in today's update for BOClean 4.22. BOClean 4.21 and earlier are no longer supported and MUST be upgraded.

To UPDATE your existing BOClean database, doubleclick on your BOClean traybar icon and select "check for update" to have BOClean automatically collect and install your update for you. BOClean is designed to perform an autoupdate if left configured to do so. If you have problems with the autoupdate program, check your firewall settings - we use passive FTP download instead of the more conventional HTTP method and some firewalls may refuse to allow the program to connect unless you set rules to permit the BOClean autoupdate program to collect them. Please consult your firewall's instructions on how to do this if the update program is stopped or crashed by your firewall.

Please ALSO note that updates of the database do NOT "UPGRADE" BOClean 4.21 and earlier to 4.22. Doing so requires that we send you a replacement or (if you paid for the "extended download" when you purchased BOClean) you can go back and redownload BOClean from Digital River and obtain the 4.22 upgrade yourself. If you didn't opt for the "extended download" premium option at additional cost at time of purchase, then you need to contact upgrade@nsclean.com in order to upgrade to 4.22. Information on what you need to do in order to GET your upgrade are detailed here:

http://www.nsclean.com/upgrade.html

Please also note that if you ever miss an update (or several) the update you collect includes *ALL* previous update information. There is no need to go hunting down other updates. The current one is always complete.
Collapse -
BOClean INTRADAY update notice

In reply to: BOClean FILEDATE: 2007-01-19 13:11:30 (UTC)

FILEDATE: 2007-01-19 13:11:30 (UTC)

This update corrects detection of an obsolete version of RUNDLL32.EXE apparently still used by some from the XP SP1 release who haven't updated to SP2 on XP. Several new malwares are replacing SP2 versions of RUNDLL32.EXE with the old, exploitable one from SP1 which is the reason for the detection. We have since found specific exploits built into the dropped "DEMUUT.EXE" file which now differentiate it from the "regular" old RUNDLL32.EXE, however we STRONGLY urge folks who are still running SP1 to *please* apply the SP2 patches - they've been stable for quite a while now and are NOT exploitable by the ZLOB folks.

------------------------------------------------------------------------

SIX MORE new nasties for a total of 19995 UNIQUE infectors (229,908 variants of these including trojans, worms, bots, hijackers, downloaders, spam proxies, rootkits, adware, spyware, keyloggers, "dialers" and other malware in total) covered in today's update for BOClean 4.22. BOClean 4.21 and earlier are no longer supported and MUST be upgraded.

To UPDATE your existing BOClean database, doubleclick on your BOClean traybar icon and select "check for update" to have BOClean automatically collect and install your update for you. BOClean is designed to perform an autoupdate if left configured to do so. If you have problems with the autoupdate program, check your firewall settings - we use passive FTP download instead of the more conventional HTTP method and some firewalls may refuse to allow the program to connect unless you set rules to permit the BOClean autoupdate program to collect them. Please consult your firewall's instructions on how to do this if the update program is stopped or crashed by your firewall.

Please ALSO note that updates of the database do NOT "UPGRADE" BOClean 4.21 and earlier to 4.22. Doing so requires that we send you a replacement or (if you paid for the "extended download" when you purchased BOClean) you can go back and redownload BOClean from Digital River and obtain the 4.22 upgrade yourself. If you didn't opt for the "extended download" premium option at additional cost at time of purchase, then you need to contact upgrade@nsclean.com in order to upgrade to 4.22. Information on what you need to do in order to GET your upgrade are detailed here:

http://www.nsclean.com/upgrade.html

Please also note that if you ever miss an update (or several) the update you collect includes *ALL* previous update information. There is no need to go hunting down other updates. The current one is always complete.
Collapse -
Spybot Search and Destroy

In reply to: UPDATES - January 18, 2007

2007-01-19
Adware
+ NCast (10)
Dialer
+ EGDAccess ++ UniversalDial
Keylogger
++ SpyMyPC-Pro
Malware
++ AdArmor + Anti-Virus-Pro + DeepDive ++ ErrorKiller ++ FixerAntispy + RemedyAntiSpy ++ SpyAnalyst ++ SpyOfficer ++ SVerner.Search + Swizzor
PUPS
+ AntiverminsPro + SunStarCasino.Kasinos
Trojan
++ 1und1Bill.Fake (2) + Banload ++ CurePCSolution (2) ++ Hupignon ++ PWS.WOW + QQRob (6) ++ Some-Standards.com (2) ++ Win32.Agent.ar ++ Win32.Bifrose.LA ++ Win32.Delf.ago ++ Win32.SdBot.ye ++ Zinblog ++ Zlob.DirectVideo + Zlob.EliteCodec + Zlob.VideoActiveXObject
Total: 350350 fingerprints in 58536 rules for 2624products. http://www.safer-networking.org/en/home/index.html

Please remember to Re-Immunize after updating!
Collapse -
F-Prot

In reply to: UPDATES - January 18, 2007

Virus Signature Files
For F-PROT Antivirus for Windows Version 6
o Virus Signature File (19th January 2007 )
Version 6 of F-PROT Antivirus can detect a total of 441344 worms, viruses and other malicious programs with its latest virus signature file. This number differs from that of other versions of F-PROT Antivirus due to differences in design and structure.
For All other Versions of F-PROT Antivirus
o Application/Script viruses and Trojans (19th January 2007 )
o Document/Office/Macro viruses (19th January 2007)
F-PROT Antivirus can detect a total of 369677 worms, viruses and other malicious programs with these latest virus signature files.
http://www.f-prot.com/products/currentversions.html
http://www.f-prot.com/download/signaturefiles.html
Collapse -
Sorry, the date of this updates thread should be the 19th.

In reply to: UPDATES - January 18, 2007

I can't seem to get it right lately. Sad

Collapse -
(NT) No problem, Roddy! We figure it out! :)

In reply to: Sorry, the date of this updates thread should be the 19th.

Collapse -
Date

In reply to: Sorry, the date of this updates thread should be the 19th.

Roddy.me thinks just one more scoop of coffee in the pot will correct your situation. Happy We all appreciate your usual fine job regardless.

Collapse -
(NT) Thanks guys, I think I am losing it. LOL

In reply to: Date

Collapse -
Could be but I don't know you that well Roddy but coffee...

In reply to: Thanks guys, I think I am losing it. LOL

This thing I bought I thought it was for nasal problems. Got home and read the box: Each pill is equal to 1 cup of coffee. Bought Excedrin Tension Headache! Thank God I didn't use them! Two pills plus my own caffiene...
Darrell

Collapse -
(NT) We'll let it slide this time :)

In reply to: Sorry, the date of this updates thread should be the 19th.

Collapse -
NOD32 - 1990 (20070119)

In reply to: UPDATES - January 18, 2007

2007-01-19 09:45
A97M/TrojanDropper.Agent.DP, IRC/Bnc.D, IRC/Flood.CP, IRC/Rab.A, PP97M/TrojanDropper.PPDrop, Win32/Adware.2Search (2), Win32/Adware.DM, Win32/Adware.Mirar (4), Win32/Adware.Toolbar.YokBar, Win32/Adware.WhenU.SaveNow (16), Win32/Agent.NAS, Win32/Agent.ZQ, Win32/Fujacks.AB, Win32/Medbot.FX (2), Win32/Nuwar.Q (4), Win32/PSW.Agent.NBX, Win32/PSW.Agent.NCC (2), Win32/PSW.LdPinch.NCB, Win32/PSW.Legendmir.NEF, Win32/PSW.Lineage.DN, Win32/RJump.A, Win32/TrojanDownloader.QQHelper.KX, Win32/TrojanDownloader.Small.AWA (2), Win32/TrojanDownloader.Tiny.NBX (2), Win32/TrojanProxy.Lager.NAD, Win32/Wenna, Win32/Wenna.A (2), Win32/Wenna.B (2), X97M/Exploit.Hlinic.A (2), X97M/Exploit.Hlinic.B (2), X97M/Exploit.MS04-033.Excel.A
http://www.eset.eu/support/update-xy1
http://www.eset.eu/podpora/aktualizacia-1990-20070119?lng=en
Collapse -
AVG Anti-spyware 14:12 CET

In reply to: UPDATES - January 18, 2007

Collapse -
ZoneAlarm anti-spyware update

In reply to: UPDATES - January 18, 2007

Anti-spyware signature DAT file version:01.200701.835

To check your signature DAT file versions, go to the "Overview" section of ZA. Click on the "Product Info" tab. In the "Version Information" Section, your DAT versions should be listed there. An easier method will be to right-click the ZA icon on the taskbar and click "About..."


note: At this time there is no updates page for ZoneLabs.

http://www.zonelabs.com/store/content/home.jsp


01/19/2007

Collapse -
AVG Anti-Virus 7 Update - AVI 268.17.1 / IAVI 0640

In reply to: UPDATES - January 18, 2007

--- AVG Anti-Virus Update ---
(1/19/2007)

********************************
** AVG Anti-Virus 7 **
********************************

--- information about Update ---

Update Summary:

- added new variants of I-Worm/Stration, Worm/Spybot
- added new variants of trojan Downloader.Tibs

Collapse -
New AVG Anti-Virus 7 Program Update - 7.5.441

In reply to: AVG Anti-Virus 7 Update - AVI 268.17.1 / IAVI 0640

--- AVG Anti-Virus Update ---
(01/19/2007)

********************************
** AVG Anti-Virus 7.5 **
********************************

--- information about Update ---

Update Summary:

AVG 7.5 VERSION DESCRIPTION
===========================

Product: AVG
Version: 7.5 (build 441)

FIXED BUGS
==========
- Fixed problem with scanning encrypted files on NTFS volumes.

Collapse -
NAV Daily

In reply to: UPDATES - January 18, 2007

Collapse -
The Cleaner Pro Database v4034 01-19-2007

In reply to: UPDATES - January 18, 2007

Database v4034 01-19-2007
-------------------------
Updated Agent
Updated Agent.Downloader
Updated Agent.Dropper
Updated Banbra
Updated Bancos
Updated Banker
Updated Banload
Updated Banpeas
Updated BZub
Updated CapreDeam
Updated dadobra
Updated Delf
Updated Diamin
Updated Femad
Updated Hupigon
Updated Inject
Updated IRC.Zapchast
Updated IRCContact
Updated Kelvir
Updated ldpinch
Updated PEPatch
Updated PluginAccess
Updated rbot
Updated Renos
Updated Small
Updated Small.Downloader
Updated Softomate
Updated Tibs
Updated WinFixer
Updated Zlob

Collapse -
Panda

In reply to: UPDATES - January 18, 2007

Collapse -
Windows Defender Signature Update 1.14.2035.5

In reply to: UPDATES - January 18, 2007

Collapse -
a-squared signature update

In reply to: UPDATES - January 18, 2007

2007-01-19 01:59:
Traces signature update
73 Spyware Traces
2007-01-19 01:59:
Signature update
606 Signatures: 462 Trojans, 22 Dialers, 2 Worms and 120 Spywares
Collapse -
AntiVir Version: 6.37.00.190

In reply to: UPDATES - January 18, 2007

Collapse -
SpySweeper 5.2.3.2132 defs #842

In reply to: UPDATES - January 18, 2007

Collapse -
RogueRemover database update

In reply to: UPDATES - January 18, 2007

Collapse -
AVG Free Anti Virus

In reply to: UPDATES - January 18, 2007

C of U shows AVG 7.5.441 update. Mine is at 7.5.432 but says it is up to date.

Collapse -
Is that AVG Free?

In reply to: AVG Free Anti Virus

Hi Auggie,

For AVG Free, what you have is currently the latest (v7.5.432).
The v7.5.411 was released for Pro (paid users).

You can verify this by going to Grisoft's AVG Free website: http://free.grisoft.com/doc/5390/lng/us/tpl/v5
Scroll down the page and you should see:
AVG Free for Windows installation files
File Version
avg75free_432a904.exe 7.5.432

Collapse -
(NT) Thanks againRoddy

In reply to: Is that AVG Free?

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

DEALS, DEALS, DEALS!

Best Black Friday Deals

CNET editors are busy culling the list and highlighting what we think are the best deals out there this holiday season.