Spyware, Viruses, & Security forum

General discussion

UPDATES - July 21, 2009

by roddy32 / July 20, 2009 10:19 PM PDT
TrojanHunter 5.x Ruleset Update - Jul 20, 2009 (2)

An updated TrojanHunter ruleset is available. This update adds 68 new trojan definitions:

Afcore.124
Afcore.123
Afcore.122
Agent.4433
Agent.4432
Agent.4431
Agent.4430
Agent.4429
BiFrose.544
Buzus.454
Buzus.453
DNSChanger.685
Hupigon.1347
IRCBot.890
IRCBot.889
IRCBot.888
Koutodoor.106
Koutodoor.105
Koutodoor.104
Koutodoor.103
Koutodoor.102
Neakse.101
Olmarik.112
Olmarik.111
Olmarik.110
Olmarik.109
Olmarik.108
PcClient.301
Poison.249
Possador.102
Possador.101
Possador.100
PWSteal.LdPinch.1048
PWSteal.OnLineGames.2159
PWSteal.OnLineGames.2158
PWSteal.Steam.125
PWSteal.TokSteal.100
PWSteal.WOW.547
PWSteal.YahooPass.104
Rootkit.Agent.529
Rootkit.Agent.528
Rootkit.Agent.527
SDBot.1277
TrojanDownloader.Agent.3557
TrojanDownloader.CodecPack.178
TrojanDownloader.Harnig.236
TrojanDownloader.Harnig.235
TrojanDownloader.Tiny.389
TrojanDownloader.VB.1140
TrojanDownloader.WebDown.106
TrojanDropper.Clons.100
TrojanDropper.Hamer.102
TrojanDropper.Helios.109
TrojanDropper.Joiner.160
TrojanDropper.MicroJoiner.118
TrojanDropper.MuDrop.154
TrojanDropper.Peace.104
TrojanDropper.Peace.103
TrojanDropper.Peace.102
TrojanDropper.Peace.101
TrojanDropper.VB.642
TrojanProxy.Agent.481
VB.1577
WinUOJ.108
WinUOJ.107
Worm.Koobface.142
Worm.Koobface.141
Worm.Locksky.178

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.

You should have 227333 rules.
http://www.misec.net/forum/board/RulesetUpdates/1248151347
Discussion is locked
You are posting a reply to: UPDATES - July 21, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: UPDATES - July 21, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
NOD32 - Update 4263 (20090721)
by roddy32 / July 20, 2009 10:24 PM PDT
2009-07-21 10:48
ASP/Ace.NAC (2), ASP/Ace.NAD (2), ASP/Ace.NAE (2), BAT/Agent.NCY, BAT/FormatAll.NAB (4), BAT/Qhost.NCH (2), BAT/Qhost.NCI (3), BAT/Qhost.NCJ (2), VBS/Small.NAP, Win32/Adware.CoreguardAntivirus (2), Win32/Adware.DoubleD (3), Win32/Adware.KwSearchGuide (2), Win32/Agent.PQR (2), Win32/Agent.PTU (4), Win32/Autoit.FX, Win32/AutoRun.ABH, Win32/AutoRun.Agent.PL (3), Win32/AutoRun.Agent.PU (2), Win32/AutoRun.FlyStudio.OB, Win32/AutoRun.FlyStudio.OC, Win32/Bagle.SD, Win32/Bagle.SE, Win32/BHO.NPF, Win32/Bifrose.NFJ, Win32/Delf.OON, Win32/Ilomo.C, Win32/KillAV.NED (2), Win32/KillAV.NEE (2), Win32/Korgo.AN (3), Win32/Koutodoor.CG, Win32/Koutodoor.CM, Win32/Koutodoor.G, Win32/Kryptik.YI, Win32/Kryptik.YT, Win32/Kryptik.YV, Win32/Kryptik.YW, Win32/Kryptik.YY, Win32/Kryptik.ZE, Win32/LockScreen.AX, Win32/Pacex.Gen, Win32/PSW.OnLineGames.NMP (3), Win32/PSW.OnLineGames.NNU (3), Win32/PSW.OnLineGames.NRD (2), Win32/PSW.OnLineGames.XTT, Win32/PSW.Pebox.AC (2), Win32/PSW.WOW.DZI, Win32/Qhost (5), Win32/Qhost.NLW (3), Win32/Qhost.NLX (3), Win32/Qhost.NLY (2), Win32/Sohanad.NEY, Win32/SpamTool.Tedroo.I, Win32/Spy.Banker.QEP, Win32/Spy.Bankpatch.BV, Win32/Spy.Zbot.JF (3), Win32/StartPage.NLV, Win32/TrojanDownloader.Agent.PIG (2), Win32/TrojanDownloader.Agent.PJA, Win32/TrojanDownloader.Agent.PJB, Win32/TrojanDownloader.Banload.OVH (2), Win32/TrojanDownloader.Banload.OVI (2), Win32/TrojanDownloader.Dadobra.NDC (2), Win32/TrojanDownloader.FakeAlert.AAX, Win32/TrojanDropper.Agent.ODZ, Win32/TrojanDropper.Agent.OFN (4), Win32/TrojanDropper.Agent.OFO, Win32/TrojanDropper.Agent.OFP, Win32/TrojanDropper.VB.NIW, Win32/Waledac.JZ, Win32/Wigon.KT, Win32/Wigon.LO
http://www.eset.eu/podpora/aktualizacia-4263?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - Update 4264 (20090721)
by roddy32 / July 20, 2009 11:45 PM PDT
2009-07-21 15:11
IRC/SdBot (5), VBS/Agent.NBS, VBS/AutoRun.CK (2), Win32/Adware.Cinmus, Win32/Adware.Coolezweb (5), Win32/Adware.FastAntivirus2009 (2), Win32/Adware.PersonalAntivirus (2), Win32/Adware.VirusAlarmPro, Win32/Adware.XPAntiSpyware.AA, Win32/Adware.XPSecurityCenter (2), Win32/Agent.CCWW, Win32/Agent.NWM, Win32/Agent.OAT (2), Win32/Agent.PQR, Win32/Agent.PVS, Win32/Agent.PVT (2), Win32/Agent.PVU (3), Win32/Agent.WPO (4), Win32/AntiAV.NAS, Win32/AntiAV.NBH, Win32/Autoit.CV, Win32/AutoRun.Agent.OW, Win32/AutoRun.FlyStudio.OD, Win32/AutoRun.KS, Win32/AutoRun.LockScreen.A (2), Win32/AutoRun.LockScreen.A.Gen, Win32/Bifrose.NGT, Win32/BlackHole, Win32/Delf.OOM (3), Win32/Delf.OOO, Win32/Delf.OOP (5), Win32/Delf.OOQ, Win32/Delf.OOR (2), Win32/FlyStudio.NPU, Win32/IRCBot, Win32/KillAV.NDC, Win32/Koobface.NCF (2), Win32/Koutodoor.CG, Win32/Koutodoor.CM (4), Win32/Koutodoor.CN (3), Win32/Koutodoor.CO, Win32/Koutodoor.CP (4), Win32/Koutodoor.G (4), Win32/LockScreen.AY (2), Win32/Packed.Themida, Win32/PSW.Agent.NKU (2), Win32/PSW.Agent.NMV, Win32/PSW.Legendmir.NFX (2), Win32/PSW.OnLineGames.NMP (8), Win32/PSW.OnLineGames.NNU (17), Win32/PSW.OnLineGames.NRD, Win32/PSW.OnLineGames.ODJ (9), Win32/PSW.OnLineGames.OLW (3), Win32/PSW.OnLineGames.OLX (3), Win32/PSW.OnLineGames.XTT (2), Win32/PSW.Small.NBK (2), Win32/PSW.TestSpy.C (2), Win32/PSW.VB.NCL (2), Win32/PSW.WOW.DZI, Win32/Rootkit.Agent.LSJ, Win32/Rootkit.Agent.NMM (4), Win32/Rootkit.Agent.NOA (4), Win32/Rootkit.Agent.NOB (2), Win32/Rootkit.Kryptik.F, Win32/SpamTool.Tedroo.I, Win32/Spy.Agent.NOG (4), Win32/Spy.Banbra.NQX, Win32/Spy.Banbra.NRK, Win32/Spy.Banbra.NRP, Win32/Spy.Banbra.NRT, Win32/Spy.Bancos.NMM (2), Win32/Spy.Banker.AKMU, Win32/Spy.Banker.QEP (3), Win32/Spy.Banker.QLG, Win32/Spy.Banker.QLP, Win32/Spy.Banker.QTE (2), Win32/Spy.Banker.RFL, Win32/Spy.Banker.RGT (2), Win32/Spy.Banker.RGU (2), Win32/Spy.Banker.RGV (2), Win32/Spy.Banker.RGW (2), Win32/Spy.Banker.RGX (2), Win32/Spy.Banker.RGY, Win32/Spy.Banker.RGZ, Win32/Spy.Banker.RHA, Win32/Spy.Banker.RHB, Win32/Spy.Banker.RHC, Win32/Spy.Banker.RHD, Win32/Spy.Banker.RHE (2), Win32/Spy.Banker.RHF, Win32/Spy.Delf.NUL (2), Win32/Spy.VB.NEO, Win32/Spy.Zbot.JF (6), Win32/Spy.Zbot.TJ, Win32/StartPage.NLW, Win32/StartPage.NLX, Win32/StartPage.NLY (2), Win32/TrojanClicker.VB.NJC, Win32/TrojanDownloader.Agent.PCE (2), Win32/TrojanDownloader.Agent.PIW (4), Win32/TrojanDownloader.Agent.PJC, Win32/TrojanDownloader.Agent.PJD (2), Win32/TrojanDownloader.Agent.PJE, Win32/TrojanDownloader.Banload.OVJ (2), Win32/TrojanDownloader.Banload.OVK (2), Win32/TrojanDownloader.Banload.OVL, Win32/TrojanDownloader.Banload.OVM (2), Win32/TrojanDownloader.Banload.QL, Win32/TrojanDownloader.Caxnet.AA (5), Win32/TrojanDownloader.Delf.OVG (2), Win32/TrojanDownloader.FakeAlert.AEJ, Win32/TrojanDownloader.FakeAlert.AEY (3), Win32/TrojanDownloader.FakeAlert.GU, Win32/TrojanDownloader.VB.OBI, Win32/TrojanDownloader.VB.OBJ (2), Win32/TrojanDownloader.VB.OBK (3), Win32/TrojanDropper.Agent.OFQ, Win32/TrojanDropper.Agent.OFR, Win32/TrojanDropper.Agent.OFS, Win32/TrojanDropper.Delf.NOS, Win32/TrojanDropper.Delf.NOT, Win32/TrojanDropper.Mudrop.BUS, Win32/VB.OIZ
http://www.eset.eu/podpora/aktualizacia-4264?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - Update 4265 (20090721)
by roddy32 / July 21, 2009 6:19 AM PDT
2009-07-21 21:14
BAT/TrojanDownloader.Ftp.NEG, IRC/SdBot, Java/TrojanDownloader.OpenStream, JS/Exploit.Agent.NAO, VBS/Runner.NAG (2), VBS/Runner.NAH, VBS/Small.NAQ (2), Win32/Adware.AdvancedVirusRemover.A, Win32/Adware.Coolezweb (11), Win32/Adware.CoreguardAntivirus, Win32/Adware.FastAntivirus2009, Win32/Adware.SystemSecurity (2), Win32/Adware.UltimateDefender, Win32/Adware.VirusAlarmPro, Win32/Agent.CCWW, Win32/Agent.OAU, Win32/Agent.PVW, Win32/AutoRun.KS (4), Win32/AutoRun.LockScreen.A, Win32/AutoRun.VB.FA, Win32/BHO.NRI, Win32/Delf.OOM, Win32/Delf.OOS (2), Win32/Dialer.NHH, Win32/Ilomo.D (3), Win32/Injector.SF, Win32/Kryptik.ZF, Win32/Kryptik.ZG, Win32/Kryptik.ZH, Win32/Kryptik.ZI, Win32/Kryptik.ZJ, Win32/Kryptik.ZK, Win32/Kryptik.ZM, Win32/Kryptik.ZN, Win32/LockScreen.AV, Win32/LockScreen.AW, Win32/LockScreen.AY, Win32/Nulprot.NAT, Win32/Otlard.C (2), Win32/PcClient.NFC, Win32/PSW.Agent.NLB, Win32/PSW.OnLineGames.OXA, Win32/PSW.Papras.AV, Win32/PSW.WOW.NLO (2), Win32/Qhost, Win32/Qhost.NLZ, Win32/Rootkit.Agent.NAC, Win32/Rootkit.Agent.NOC, Win32/Routmo.D (3), Win32/Small.NDQ (2), Win32/SpamTool.Tedroo.I, Win32/Spy.Agent.PZ, Win32/Spy.Banbra.NQX, Win32/Spy.Banker.ANV, Win32/Spy.Banker.OXB, Win32/Spy.Banker.PPH (3), Win32/Spy.Banker.QEP (2), Win32/Spy.Banker.QTF, Win32/Spy.Banker.QXO, Win32/Spy.Banker.RFP, Win32/Spy.Banker.RGR, Win32/Spy.Banker.RHG (2), Win32/Spy.Banker.RHH (2), Win32/Spy.Banker.RHI (2), Win32/Spy.Banker.RHJ (2), Win32/Spy.Delf.NUL (2), Win32/Spy.Delf.NWI, Win32/TrojanClicker.VB.NJC, Win32/TrojanDownloader.Agent.PIW (4), Win32/TrojanDownloader.Agent.PJF (2), Win32/TrojanDownloader.Agent.PJG (2), Win32/TrojanDownloader.Banload.AYX, Win32/TrojanDownloader.Banload.ORR, Win32/TrojanDownloader.Banload.OSL (3), Win32/TrojanDownloader.Banload.OSM (2), Win32/TrojanDownloader.Banload.OTS (2), Win32/TrojanDownloader.Banload.OVN (2), Win32/TrojanDownloader.Banload.OVO (2), Win32/TrojanDownloader.Banload.OVP (2), Win32/TrojanDownloader.Caxnet.AA, Win32/TrojanDownloader.Dadobra.NDD (2), Win32/TrojanDownloader.Delf.OVH (2), Win32/TrojanDownloader.FakeAlert.AED (3), Win32/TrojanDownloader.FakeAlert.AEY (4), Win32/TrojanDownloader.FakeAlert.AFD, Win32/TrojanDownloader.Small.OOT, Win32/TrojanDownloader.VB.OBF, Win32/TrojanDownloader.VB.OBL, Win32/TrojanDownloader.VB.OBM, Win32/TrojanDropper.Agent.OFT, Win32/TrojanDropper.Agent.OFU, Win32/TrojanDropper.Agent.OFV, Win32/TrojanDropper.Agent.OFW, Win32/TrojanDropper.Small.NJP, Win32/UltimateDefender.A, Win32/VB.OJA (2), Win32/VB.OJB, Win32/VB.OJC, Win32/VB.OJD, Win32/VB.OJE, Win32/VB.OJF (2), Win32/VB.OJG, Win32/Waledac.KA (2), Win32/Wigon.LP, Win32/Wigon.LQ, Win32/Zuten.AA (3)
http://www.eset.eu/podpora/aktualizacia-4265?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
AVG - AVI: 270.13.21/ 2252
by roddy32 / July 20, 2009 10:32 PM PDT

Added detection of new variants of trojans BackDoor.Hupigon5.NDU, Dropper.Generic.ATEF, Generic_c.AXNW, IRC/BackDoor.SdBot4.MPB, Generic14.GFO, Downloader.Generic8.BCYV.
July 21, 2009
http://www.grisoft.com/us.download-update

Collapse -
AVG - AVI: 270.13.22/ 2253
by roddy32 / July 21, 2009 7:12 AM PDT
Collapse -
ClamAV #9598
by roddy32 / July 20, 2009 10:35 PM PDT

Latest ClamAV? stable release is: 0.95.2
Total number of signatures: 597387
ClamAV Virus Databases:
main.cvd ver. 51 released on 14 May 2009 10:28 :0400
daily.cvd ver. 9598 released on 21 Jul 2009 08:05 :0400
http://www.clamav.net/

Collapse -
ClamAV #9601
by roddy32 / July 21, 2009 1:05 AM PDT
In reply to: ClamAV #9598

Latest ClamAV? stable release is: 0.95.2
Total number of signatures: 600996
ClamAV Virus Databases:
main.cvd ver. 51 released on 14 May 2009 10:28 :0400
daily.cvd ver. 9601 released on 21 Jul 2009 10:31 :0400
http://www.clamav.net/

Collapse -
ClamAV #9602
by roddy32 / July 21, 2009 7:01 AM PDT
In reply to: ClamAV #9601

Latest ClamAV? stable release is: 0.95.2
Total number of signatures: 600996
ClamAV Virus Databases:
main.cvd ver. 51 released on 14 May 2009 10:28 :0400
daily.cvd ver. 9602 released on 21 Jul 2009 16:00 :0400
http://www.clamav.net/

Collapse -
VIPRE and CounterSpy
by Donna Buenaventura / July 20, 2009 10:44 PM PDT
Collapse -
CounterSpy/VIPRE #5274
by roddy32 / July 21, 2009 9:41 AM PDT
In reply to: VIPRE and CounterSpy
Collapse -
hpHOSTS
by Donna Buenaventura / July 20, 2009 10:46 PM PDT

The hpHOSTS Hosts file has been updated. There is now a total of 80,066 listed hostsnames.

Latest Updated: 21/07/2009 03:00
Last Verified: 21/07/2009 02:00

http://hosts-file.net/?s=Download

Collapse -
AntiVir IVDF Version: 7.01.05.10
by Donna Buenaventura / July 20, 2009 10:47 PM PDT
Collapse -
AntiVir Version: 7.01.05.12
by roddy32 / July 21, 2009 1:45 AM PDT
Collapse -
a-squared signature updates
by roddy32 / July 20, 2009 10:56 PM PDT
Collapse -
More
by roddy32 / July 21, 2009 7:18 AM PDT
Collapse -
CA eTrust AV defs update
by roddy32 / July 21, 2009 12:44 AM PDT
Collapse -
NAV Daily
by roddy32 / July 21, 2009 1:16 AM PDT
Daily Updates
Symantec AntiVirus
Norton AntiVirus 2006/2007

Virus Definitions created 7/21/2009
Virus Definitions released 7/21/2009
Defs Version: 110721f
Sequence Number: 98279
Extended Version: 7/21/2009 rev. 6
Total Detections (Threats & Risks): 4465515

Multiple Daily Updates
Symantec Endpoint Protection 11
Norton AntiVirus 2008 and newer

Virus Definitions created 7/21/2009
Virus Definitions released 7/21/2009
Defs Version: 110721f
Sequence Number: 98279
Extended Version: 7/21/2009 rev. 6
Total Detections (Threats & Risks): 4465515
http://www.symantec.com/business/security_response/definitions/download/index.jsp
Collapse -
Quick Heal defs
by roddy32 / July 21, 2009 2:04 AM PDT
Collapse -
MBAM #2473
by roddy32 / July 21, 2009 2:18 AM PDT
Collapse -
Ad-Aware defs 0149.0010
by roddy32 / July 21, 2009 2:29 AM PDT
Collapse -
McAfee Daily #5683
by roddy32 / July 21, 2009 3:47 AM PDT
Collapse -
avast! 21.7.2009 version: 090721-0
by roddy32 / July 21, 2009 6:22 AM PDT
Collapse -
SUPERAntiSpyware #4009
by roddy32 / July 21, 2009 6:27 AM PDT
Collapse -
SUPERAntiSpyware #4010
by Donna Buenaventura / July 21, 2009 2:22 PM PDT
In reply to: SUPERAntiSpyware #4009
Collapse -
Panda
by roddy32 / July 21, 2009 6:41 AM PDT
Collapse -
BotDefender - 22:54
by roddy32 / July 21, 2009 7:03 AM PDT
Collapse -
Agnitum Outpost Products Updated
by Donna Buenaventura / July 21, 2009 2:19 PM PDT
Collapse -
Is there an updated free Agnitum Outpost version available?
by Harv / July 22, 2009 7:59 AM PDT

The one I have is Outpost Firewall 2009 ver. 6.5.1.

Collapse -
Firefox 3.0.12
by Donna Buenaventura / July 21, 2009 3:57 PM PDT
Collapse -
Norton Internet Security 2009 Update for Firefox 3.5
by Donna Buenaventura / July 21, 2009 4:06 PM PDT

For NIS 2009 users with FF 3.5. A fix for you if you use the toolbar in NIS 2009:

Symantec has released a hotfix tool to fix the issue of the toolbar in NIS 2009 for Firefox 3.5

Brian Krebs advised to follow the provided instruction by Symantec on how to fix the issue of NIS 2009 toolbar for FF 3.5. Brian also wrote:

Still, if you're like me, and hated that toolbar, check out Mozilla's instructions for removing it here.

More in http://voices.washingtonpost.com/securityfix/2009/07/update_for_norton_internet_sec.html

Popular Forums
icon
Computer Help 51,912 discussions
icon
Computer Newbies 10,498 discussions
icon
Laptops 20,411 discussions
icon
Security 30,882 discussions
icon
TVs & Home Theaters 21,253 discussions
icon
Windows 10 1,672 discussions
icon
Phones 16,494 discussions
icon
Windows 7 7,855 discussions
icon
Networking & Wireless 15,504 discussions

REVIEW

Meet the drop-resistant Moto Z2 Force

The Moto Z2 Force is really thin, with a fast processor and great battery life. It can survive drops without shattering.