Spyware, Viruses, & Security forum

General discussion

UPDATES - January 27, 2009

by roddy32 / January 26, 2009 8:21 PM PST
TrojanHunter 5.0 Ruleset Update - Jan 26, 2009

An updated TrojanHunter ruleset is available. This update adds 48 new trojan definitions:

Adware.Agent.406
Adware.Cinmus.168
Agent.3465
Agent.3464
Agent.3463
Agent.3462
Banker.164
Bredolab.119
Crypt.524
Delf.1149
FakeAV.103
Forbot.104
FraudTool.AntiVirusXP.113
FraudTool.IEDefender.143
FraudTool.Netcom3.100
FraudTool.VB.100
FraudTool.WiniGuard.100
FraudTool.WinSpywareProtect.106
HexZone.105
Inject.361
Pakes.590
PWSteal.Agent.456
PWSteal.Nilage.506
Sinowal.146
Sinowal.145
Sinowal.144
TrojanDownloader.Agent.2989
TrojanDownloader.Agent.2988
TrojanDownloader.Banload.1525
TrojanDownloader.Banload.1524
TrojanDownloader.BHO.160
TrojanDownloader.CodecPack.152
TrojanDownloader.Exchanger.181
TrojanDownloader.FraudLoad.516
TrojanDownloader.FraudLoad.515
TrojanDownloader.FraudLoad.514
TrojanDownloader.FraudLoad.513
TrojanDownloader.FraudLoad.512
TrojanDownloader.VB.1033
TrojanDownloader.VB.1032
TrojanDropper.Agent.1150
TrojanDropper.Agent.1149
TrojanDropper.Agent.1148
TrojanDropper.MuDrop.138
TrojanSpy.Banbra.306
Worm.AutoRun.367
Worm.AutoTDSS.130
Worm.Iksmas.126

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.

You should have 205048 rules.
http://www.misec.net/forum/board/RulesetUpdates/1233032094
Discussion is locked
You are posting a reply to: UPDATES - January 27, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: UPDATES - January 27, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
ClamAV #8908
by roddy32 / January 26, 2009 8:31 PM PST

Latest ClamAV? stable release is: 0.94.2
Total number of signatures: 499661
ClamAV Virus Databases:
main.cvd ver. 49 released on 22 Oct 2008 07:46 +0000
daily.cvd ver. 8908 released on 27 Jan 2009 08:23 +0000
http://www.clamav.net/

Collapse -
SUPERAntiSpyware - 01/26/2009 -#3730
by roddy32 / January 26, 2009 8:41 PM PST
Collapse -
SUPERAntiSpyware update #3731
by roddy32 / January 27, 2009 2:01 AM PST
Collapse -
avast! update 27.1.2009 version: 090127-0
by roddy32 / January 26, 2009 8:42 PM PST
Collapse -
AVG - AVI: 270.10.14/1918
by roddy32 / January 26, 2009 9:01 PM PST
Collapse -
AVG - AVI: 270.10.14/1920
by roddy32 / January 27, 2009 5:45 AM PST

Added detection of new variants of trojans Downloader.Generic8.TBY, Generic12.BELH, BackDoor.Generic10.ANJM, Generic12.BEMH, Generic12.BEOI, Agent.AWJA.
January 27, 2009
http://www.grisoft.com/us.download-update

Collapse -
NOD32 - 3803 (20090127)
by roddy32 / January 26, 2009 9:21 PM PST
2009-01-27 11:45
BAT/TrojanDownloader.Ftp.NBF, BAT/TrojanDownloader.Ftp.NBG (3), BAT/TrojanDownloader.Ftp.NBH (3), INF/Autorun, IRC/SdBot (3), JS/TrojanDownloader.Psyme.NEV, MSIL/PSW.Steathie.B, Win32/AdProt.S, Win32/Adware.Antivirus2008 (2), Win32/Adware.Antivirus2009, Win32/Adware.Cinmus, Win32/Adware.MSAntispyware2009 (2), Win32/Adware.SpywareGuard, Win32/Adware.VirusIsolator (2), Win32/Adware.WiniGuard, Win32/Adware.XPAntivirus (3), Win32/Agent.BJLY (2), Win32/Agent.NUJ (2), Win32/Agent.WPI, Win32/AutoRun.Autoit.Y (2), Win32/BHO.NKD (4), Win32/BHO.NLV, Win32/Delf.NYL, Win32/Dialer.NGB, Win32/FlyStudio.NFA, Win32/IRCBot.AGP (2), Win32/Nulprot, Win32/Olmarik.DG (2), Win32/PcClient.ATF, Win32/PcClient.ZIS, Win32/PSW.Chill, Win32/PSW.Lineage.NHP (2), Win32/PSW.Lineage.NHQ (2), Win32/PSW.OnLineGames.NMP (2), Win32/PSW.OnLineGames.NUC (2), Win32/PSW.OnLineGames.OHG (2), Win32/PSW.Papras.AO, Win32/Qhost.NHR (2), Win32/Spy.Banker.EDY (2), Win32/Spy.Banker.PIS (2), Win32/Spy.Banker.QGM, Win32/Spy.Banker.QGN (2), Win32/Spy.Banker.QGO, Win32/Spy.Banker.QGP, Win32/Tifaut.A (3), Win32/Tifaut.C, Win32/TrojanClicker.Agent.NEB, Win32/TrojanDownloader.Agent.OOL (2), Win32/TrojanDownloader.Agent.OQF (2), Win32/TrojanDownloader.Delf.OLI (4), Win32/TrojanDownloader.Delf.OOE (3), Win32/TrojanDownloader.Delf.OOH (2), Win32/TrojanDownloader.FakeAlert.PY, Win32/TrojanDownloader.Sality, Win32/TrojanDownloader.Small.OJH, Win32/VB.NVP, Win32/VB.NVQ (3), Win32/Waledac.AC (2), Win32/Wigon.IU (3)
http://www.eset.eu/podpora/aktualizacia-3803?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - 3804 (20090127)
by roddy32 / January 27, 2009 12:47 AM PST
2009-01-27 16:32
BAT/Sosiska.A, HTML/TrojanDownloader.IFrame, INF/Autorun, IRC/SdBot, JS/Exploit.Agent.ABE, JS/Exploit.CVE-2008-2463, JS/Exploit.Pdfka.W, JS/Exploit.RealPlay.NBE, JS/TrojanDownloader.Agent.NKR, JS/TrojanDownloader.Agent.NKS, JS/TrojanDownloader.Agent.NKT, JS/TrojanDownloader.Agent.NKU (2), JS/TrojanDownloader.Iframe.AEV, JS/TrojanDownloader.Iframe.AFC, JS/TrojanDownloader.Iframe.NDD (2), JS/TrojanDownloader.Iframe.NDF, JS/TrojanDownloader.Iframe.NDG, JS/TrojanDownloader.Psyme.NEL, JS/TrojanDownloader.Small.NBR, PDF/Exploit.Pidief.NFS, PDF/Exploit.Pidief.NFT, VBS/TrojanDownloader.Psyme.NFG, Win32/Adware.BPSSpywareRemover (2), Win32/Adware.Cinmus, Win32/Adware.IeDefender.NID (2), Win32/Adware.KwSearchGuide (2), Win32/Adware.PCOptimizing (2), Win32/Adware.SpywareGuard (8), Win32/Adware.TotalDefender, Win32/Adware.Virtumonde (4), Win32/Adware.WiniGuard (4), Win32/Adware.XPAntivirus, Win32/Agent.OCX, Win32/Agent.OTX (2), Win32/Agent.OTY, Win32/Agent.OUA, Win32/Autoit.DG, Win32/AutoRun.ABH, Win32/AutoRun.Agent.GY (2), Win32/AutoRun.Agent.HA, Win32/AutoRun.FakeAlert.AC, Win32/AutoRun.KS (2), Win32/BHO.NLW (2), Win32/BHO.NLX, Win32/BHO.NLY, Win32/Bifrose.NFH (2), Win32/Bifrose.NFQ, Win32/Boberog.F (2), Win32/Cimag.B, Win32/Delf.NXH (2), Win32/Delf.NXM, Win32/Delf.NYM, Win32/Downloader.Quyl.B (2), Win32/HackAV.BZ (2), Win32/Hupigon, Win32/Inject.OCQ, Win32/IRCBot (2), Win32/Kryptik.FY, Win32/Mebroot (2), Win32/Mebroot.AA, Win32/Olmarik.D (9), Win32/Olmarik.DR, Win32/Olmarik.DS, Win32/Olmarik.DT, Win32/Olmarik.DU, Win32/Olmarik.DV, Win32/Olmarik.DW, Win32/Olmarik.DX, Win32/Olmarik.DY, Win32/Olmarik.DZ, Win32/Olmarik.F, Win32/Patched.AN, Win32/PSW.Agent.NJO, Win32/PSW.Agent.NKE (2), Win32/PSW.LdPinch.NJX, Win32/PSW.OnLineGames.NMP (2), Win32/PSW.OnLineGames.NMY, Win32/PSW.OnLineGames.NTM (4), Win32/PSW.OnLineGames.NUA (2), Win32/PSW.OnLineGames.NYL (2), Win32/PSW.OnLineGames.ODJ, Win32/PSW.OnLineGames.OHH (3), Win32/Qhost, Win32/Qhost.NHS, Win32/Rbot, Win32/Rootkit.Agent.NFF, Win32/Small.AAMC (2), Win32/SpamTool.Blen (2), Win32/Spy.Agent.NKH, Win32/Spy.Agent.PZ (7), Win32/Spy.Bancos.NKP (2), Win32/Spy.Bancos.NKT (2), Win32/Spy.Banker.QGQ (2), Win32/Spy.Banker.QGR (2), Win32/Spy.Delf.NPX, Win32/Spy.Delf.NPY, Win32/Spy.KeyLogger.NDN, Win32/Spy.Webmoner.NBK (4), Win32/Tifaut.B, Win32/Tifaut.C, Win32/TrojanClicker.Agent.NFH, Win32/TrojanClicker.Agent.NFI, Win32/TrojanDownloader.Agent.OQF, Win32/TrojanDownloader.Agent.OQW, Win32/TrojanDownloader.Agent.ORH (2), Win32/TrojanDownloader.Agent.OSE (2), Win32/TrojanDownloader.Agent.OSF, Win32/TrojanDownloader.Agent.OSG (2), Win32/TrojanDownloader.Agent.OSH (2), Win32/TrojanDownloader.Agent.OSI (2), Win32/TrojanDownloader.Agent.OSJ, Win32/TrojanDownloader.Bagle.AMT, Win32/TrojanDownloader.Banload.OML (2), Win32/TrojanDownloader.Delf.OOH, Win32/TrojanDownloader.Delf.OOI (2), Win32/TrojanDownloader.Delf.OOJ, Win32/TrojanDownloader.Quyl.C (2), Win32/TrojanDownloader.Small.OCS, Win32/TrojanDownloader.Small.OGQ, Win32/TrojanDownloader.Small.OJX, Win32/TrojanDownloader.Small.OLB (2), Win32/TrojanDownloader.Swizzor.NBF (2), Win32/TrojanDownloader.VB.NUA (2), Win32/TrojanDownloader.VB.NUT, Win32/TrojanDownloader.Wigon.BN, Win32/TrojanDownloader.Zlob.BOK, Win32/TrojanDropper.Agent.NTV, Win32/TrojanDropper.Delf.NLF, Win32/TrojanDropper.Delf.NLH, Win32/TrojanDropper.VB.NGO, Win32/VB.NGP (5), Win32/VB.NVR (2), Win32/Wigon, Win32/Wigon.IV, Win32/Zapchast
http://www.eset.eu/podpora/aktualizacia-3804?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - 3805 (20090127)
by roddy32 / January 27, 2009 7:55 AM PST
2009-01-28 00:32
IRC/SdBot (2), Win32/Adware.AdvansedSpywareDetector (2), Win32/Adware.Boran, Win32/Adware.Virtumonde, Win32/Adware.WebGuide (2), Win32/Adware.WiniGuard, Win32/Adware.XPAntivirus (4), Win32/Agent.NPI, Win32/Agent.NSJ, Win32/Agent.NUK, Win32/Agent.NUM (3), Win32/Agent.NUN (2), Win32/Agent.OCX, Win32/Agent.OUB, Win32/AutoRun.FlyStudio.CB, Win32/AutoRun.KS (2), Win32/Bagle.QQ, Win32/Bifrose.AJSJ, Win32/Conficker.X, Win32/FlyStudio.NFB, Win32/HackTool.DreamPackPL.A (2), Win32/Poison.NAE, Win32/PSW.OnLineGames.NNM (2), Win32/PSW.OnLineGames.NNU, Win32/PSW.OnLineGames.NVE (2), Win32/PSW.OnLineGames.ODJ, Win32/PSW.Tibia.ST, Win32/Qhost.NHT, Win32/Rbot (2), Win32/Rootkit.Agent.EHW (2), Win32/Rootkit.Agent.NGM, Win32/Rustock.NGR, Win32/SpamTool.Blen, Win32/Spy.Ambler, Win32/Spy.Ambler.J, Win32/Spy.Delf.NPZ (12), Win32/Spy.GWGhost.H, Win32/TrojanDownloader.Agent.OOL (2), Win32/TrojanDownloader.Agent.ORH (2), Win32/TrojanDownloader.Agent.OSK (2), Win32/TrojanDownloader.Agent.OSL, Win32/TrojanDownloader.FakeAlert.HK, Win32/TrojanDownloader.FakeAlert.SM, Win32/TrojanDownloader.FakeAlert.WR (2), Win32/TrojanDownloader.Flux, Win32/TrojanDownloader.Small.OJX, Win32/TrojanDownloader.Zlob.CYX, Win32/TrojanDownloader.Zlob.CYY (2), Win32/TrojanDropper.Agent.NJV, Win32/TrojanDropper.Agent.NTW, Win32/TrojanProxy.Wopla, Win32/VB.NVW, Win32/Wigon, Win32/Wigon.GX, Win32/Wigon.IX (2)
http://www.eset.eu/podpora/aktualizacia-3805?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
BOClean FILE DATE: 2009-01-27 12:39:20 (UTC)
by roddy32 / January 26, 2009 9:34 PM PST
SIXTY ONE new nasties for a total of 69,661 **UNIQUE**
infectors (338,959 variants of these including
trojans,worms,bots,hijackers,downloaders,spam proxies, rootkits, adware,
spyware,keyloggers,"dialers" and other malware in total) covered in
today's update for BOClean 4.27.

Please also note that if you ever miss an update (or several) the update
you collect includes **ALL** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.comodo.com/boclean/trolist.html
Collapse -
CCleaner v2.16.830 released January 27, 2009
by roddy32 / January 26, 2009 10:07 PM PST

* Google Chrome v2.0 compatibility fixes.
* Improved Firefox support when browser is open.
* Improved SeaMonkey support.
* Added Publisher to the uninstall tool.
* Many translation updates.
* Several updates to installer code.
* Cookie options loading now fully threaded.
* Lots of minor interface improvements.
* Minor performance improvements.

http://www.ccleaner.com/download/version-history
http://www.ccleaner.com/

Download
http://www.ccleaner.com/download/builds

There are 3 builds available.
1. Standard Build also includes the Yahoo Toolbar but that can be UNcheckmarked during the installation if you so desire.
2. Portable does NOT include the Installer
3. Slim also does NOT include the Toolbar.

Note by me: You can use the updater on the program which will bring you to the download link or from there choose the "other builds" link if you want one of the versions without the Toolbar OR you can use the download link above. Choose run on the download, close CCleaner back up again and when the download completes, follow the prompts and it will overwrite your old version which will save your settings and cookies that you have saved.

Collapse -
Spybot-S&D 1.6.2 released January 26, 2009
by roddy32 / January 26, 2009 11:31 PM PST

[quote]The probably last maintenance release of Spybot-S&D 1.6.2 is finally ready, available starting today on the first mirrors, with more becoming available as they're added. It will also be available through the integrated updater soon after it is online completely.

Among its bugfixes and new features are support for the latest Opera releases, support for Googles new browser Chrome, fixed support for fresh older Firefox installations, improved support for fast user switching while Spybot is running, plus a few more bugfixes.[/quote]

http://www.safer-networking.org/en/home/index.html

Also more here
http://forums.spybot.info/showthread.php?p=284705#post284705

Download
http://safer-networking.org/en/download/index.html

Collapse -
Should I uninstall the old version first?
by Harv / January 27, 2009 3:34 AM PST

roddy, should the old version be uninstalled before installing the new one?

Collapse -
That would be your
by roddy32 / January 27, 2009 6:24 AM PST

choice Harv. If you update it via the program updater you would be installing it over the old one. The update post quoted this "It will also be available through the integrated updater soon after it is online completely."
http://safer-networking.org/en/spybotsd/index.html

I don't know if it is available via that yet or not. From what that quote says it might not be YET.

If you want to do a clean install instead, you should download it via the download link and then undo the resident protection and immunization, uninstall the old version and then install the new one. Your choice.

Here is someone at CoU that installed it already on 2 computers. .

2nd post.
http://www.calendarofupdates.com/updates/index.php?showtopic=17069&hl=

Collapse -
I did a clean install just to play safe.
by Harv / January 28, 2009 10:36 AM PST
In reply to: That would be your

Thanks again, roddy.

Collapse -
(NT) You're welcome Harv.
by roddy32 / January 28, 2009 10:52 AM PST
Collapse -
Harv, I've Installed Over-The-Top On Half A Dozen So Far...
by Grif Thomas Forum moderator / January 27, 2009 2:25 PM PST

..and it installed fine.. One note: I installed 1.6.2 over the previous 1.6.0 version and in each case, there were a couple of popups which notifed me that "Read-only" dll files were being written over.. In each case, selecting "Retry" allowed the installation to proceed correctly.

Hope this helps.

Grif

Collapse -
a-squared signature updates
by roddy32 / January 27, 2009 1:10 AM PST
Collapse -
another
by roddy32 / January 27, 2009 6:40 AM PST
Collapse -
Panda
by roddy32 / January 27, 2009 1:52 AM PST
Collapse -
NAV Daily
by roddy32 / January 27, 2009 2:04 AM PST
Collapse -
McAfee Daily #5508
by roddy32 / January 27, 2009 2:32 AM PST
Collapse -
Windows Defender Signature Update January 26, 2009
by roddy32 / January 27, 2009 2:52 AM PST

Definition Version: 1.49.2551.0
Engine Version: 1.1.4205.0

Product Info: Windows Defender

Available via Windows updates or the program updater

NOTE: Users who have not received the update within the program or MU or WU and wish to update manually, go to Microsoft Malware Protection Center Portal website to download the definitions. That is one of the features of their malware protection center portal... to allow manual download of the definitions for users who have trouble in getting the updates due to some reason or for users who administer computers and want to deploy defs updates offline.

Note: that this is not a daily Windows Defender update form the portal.

Windows Defender version: 1.1.1593.0 XP-32 bit system
Windows Defender version: 1.1.1505.0 Vista-32 bit system
Windows Defender version: 1.1.1600.0 Vista SP1

Collapse -
Adobe Shockwave Player v11.0.3.472 released January 27, 2009
by roddy32 / January 27, 2009 5:51 AM PST

Windows | English | 4.38 MB

http://get.adobe.com/shockwave/

Note: Please remember to uncheck any unwanted 3rd party toolbars/programs during installation. Also please do not confuse this with Adobe Plash Player which is a different program.

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!