Spyware, Viruses, & Security forum

General discussion

UPDATES - March 25, 2009

by roddy32 / March 24, 2009 9:15 PM PDT
TrojanHunter 5.0 Ruleset Update - Mar 24, 2009

An updated TrojanHunter ruleset is available. This update adds 49 new trojan definitions:

Adware.BHO.362
Adware.GooochiBiz.103
Adware.MSAntispyware2009.100
Adware.NaviPromo.186
Agent.3810
Agent.3809
Bredolab.184
Dialer.339
Flux.145
FraudTool.HDSweeper.100
FraudTool.SystemSecurity.102
FraudTool.Systuner.100
FraudTool.VirusDoctor.100
FraudTool.XpyburnerPro.100
FraudTool.Xpyburner.100
Inject.410
KillFiles.184
Monder.575
PWSteal.LdPinch.933
PWSteal.WOW.433
PWSteal.WOW.432
Rootkit.Agent.469
Rootkit.TDSS.189
Silentbanker.104
TDSS.189
TDSS.188
TDSS.187
TrojanDownloader.AdLoad.472
TrojanDownloader.Agent.3195
TrojanDownloader.Banload.1572
TrojanDownloader.Delf.1528
TrojanDropper.Agent.1283
TrojanDropper.Agent.1282
TrojanDropper.Agent.1281
TrojanDropper.Agent.1280
TrojanDropper.Agent.1279
TrojanDropper.Agent.1278
TrojanDropper.Agent.1277
TrojanDropper.Agent.1276
TrojanSpy.Zbot.873
TrojanSpy.Zbot.872
TrojanSpy.Zbot.871
Wintrim.101
Worm.AutoRun.457
Worm.AutoRun.456
Worm.AutoRun.455
Worm.Iksmas.209
Worm.Iksmas.208
Worm.Joleee.133

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.

You should have 212387 rules.
http://www.misec.net/forum/board/RulesetUpdates/1237957368
Discussion is locked
You are posting a reply to: UPDATES - March 25, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: UPDATES - March 25, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
ClamAV #9164
by roddy32 / March 24, 2009 9:30 PM PDT

Latest ClamAV? stable release is: 0.95
Total number of signatures: 534180
ClamAV Virus Databases:
main.cvd ver. 50 released on 15 Feb 2009 16:47 :0500
daily.cvd ver. 9164 released on 25 Mar 2009 00:02 :0400
http://www.clamav.net/

Collapse -
BOClean FILE DATE: 2009-03-25 10:29:46 (UTC)
by roddy32 / March 24, 2009 9:51 PM PDT
TWENTY NINE new nasties for a total of 71,770 **UNIQUE**
infectors (341,872 variants of these including
trojans,worms,bots,hijackers,downloaders,spam proxies, rootkits, adware,
spyware,keyloggers,"dialers" and other malware in total) covered in
today's update for BOClean 4.27.

Please also note that if you ever miss an update (or several) the update
you collect includes **ALL** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.comodo.com/boclean/trolist.html
Collapse -
Ad-Aware defs update
by roddy32 / March 24, 2009 10:33 PM PDT
0148.0001 - March 25, 2009

New definitions:

====================
Win32.Backdoor.Biffy
Win32.Backdoor.Bizzy
Win32.Backdoor.Oqx
Win32.Trojan.Clisora
Win32.Trojan.Kilkav
Win32.TrojanClicker.Foxwar
Win32.TrojanClicker.Vesloruki
Win32.TrojanDropper.Alfa
Win32.TrojanNotifier.Zlob
Win32.TrojanPWS.Netpass
Win32.TrojanSpy.Gumai

Updated definitions:
====================

List too long to post

MD5 checksum for core.aawdef is b2c8c9967fd22f9d5fa55270df1be257
http://www.lavasoftsupport.com/index.php?showtopic=24607
http://www.lavasoft.com/mylavasoft/securitycenter/blog/01480001-is-now-available-for-adaware-ae
Collapse -
NOD32 - 3961 (20090325)
by roddy32 / March 24, 2009 10:47 PM PDT
2009-03-25 12:20
IRC/SdBot, JS/Exploit.Pdfka.NFR (9), PDF/Exploit.Pidief.OBR, PDF/Exploit.Pidief.OBS, PDF/Exploit.Pidief.OBT, PDF/Exploit.Pidief.OBU, PDF/Exploit.Pidief.OBV, PDF/Exploit.Pidief.OBW, PDF/Exploit.Pidief.OBX, PDF/Exploit.Pidief.OBY, PDF/Exploit.Pidief.OBZ, PDF/Exploit.Pidief.OCA, PDF/Exploit.Pidief.OCB, PDF/Exploit.Pidief.OCC, PDF/Exploit.Pidief.OCD, PDF/Exploit.Pidief.OCE, PDF/Exploit.Pidief.OCF, Win32/Adware.Agent.NLE, Win32/Adware.AntiVirus1, Win32/Adware.AntiVirusAgentPro (4), Win32/Adware.MalwareDefender2009 (7), Win32/Adware.MSAntispyware2009, Win32/Adware.SpywareGuard (7), Win32/Adware.SuperJuan, Win32/Adware.SuperJuan.A (2), Win32/Adware.SystemSecurity (2), Win32/Adware.Virtumonde (7), Win32/Adware.Virtumonde.FP, Win32/Adware.Virtumonde.NDH (3), Win32/Adware.Virtumonde.NEF, Win32/Adware.Virtumonde.NEI, Win32/Adware.Virtumonde.NEK, Win32/Adware.Virtumonde.NEO (3), Win32/Adware.WinPCDefender, Win32/Agent.NDP, Win32/Agent.NFO, Win32/Autoit.NCR, Win32/AutoRun.ABH, Win32/AutoRun.FlyStudio.EE, Win32/AutoRun.FlyStudio.EF, Win32/AutoRun.FlyStudio.EG, Win32/AutoRun.VB.CC (2), Win32/BHO.NNE, Win32/BHO.NNG, Win32/BHO.NNH, Win32/Delf.NFQ (2), Win32/Injector.LY, Win32/IRCBot.AGP, Win32/Joleee.AI, Win32/Joleee.NG, Win32/Koobface.NAY, Win32/Koobface.NBA, Win32/Kryptik.LF, Win32/Kryptik.LH, Win32/Kryptik.LI, Win32/Kryptik.LJ, Win32/Kryptik.LK, Win32/PSW.LdPinch.NJG, Win32/PSW.Lineage.NHS, Win32/PSW.Lineage.NHZ (2), Win32/PSW.WOW.DZI (2), Win32/PSW.WOW.NIW, Win32/PSW.YahooPass.NAD, Win32/Qhost.NIR, Win32/Rootkit.Agent.NIA (2), Win32/Rootkit.Agent.NJD, Win32/Rootkit.Agent.NKM, Win32/Small.NEB (3), Win32/Spy.Banbra.HFY, Win32/Spy.Banbra.NOT, Win32/Spy.Banker.QNJ (2), Win32/Spy.Banker.QNM, Win32/Spy.Zbot.BG, Win32/Spy.Zbot.CK, Win32/Spy.Zbot.IB, Win32/Spy.Zbot.JF (8), Win32/Tinxy.AB, Win32/TrojanClicker.Delf.CBR (2), Win32/TrojanClicker.Delf.NDJ, Win32/TrojanClicker.Delf.NDK, Win32/TrojanClicker.Delf.NDM, Win32/TrojanClicker.Delf.NDN, Win32/TrojanClicker.Delf.NDR (2), Win32/TrojanClicker.Delf.NGI (9), Win32/TrojanClicker.Delf.NGK, Win32/TrojanClicker.Delf.NGL, Win32/TrojanDownloader.Banload.OOK (2), Win32/TrojanDownloader.Delf.OQB (2), Win32/TrojanDownloader.FakeAlert.AAV, Win32/TrojanDownloader.FakeAlert.GU, Win32/TrojanDownloader.FakeAlert.SM, Win32/TrojanDownloader.FakeAlert.YZ, Win32/TrojanDownloader.VB.NWI (3), Win32/Virut.A, Win32/Waledac.II (3), Win32/Waledac.IJ, Win32/Waledac.IK (2), Win32/Wigon
http://www.eset.eu/podpora/aktualizacia-3961?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - 3962 (20090325)
by roddy32 / March 25, 2009 3:02 AM PDT
2009-03-25 16:30
HTML/TrojanDownloader.IFrame, JS/Exploit.Pdfka.NFR (4), JS/Exploit.Pdfka.NFS, JS/TrojanClicker.AdClicker.NAD, JS/TrojanDownloader.Agent.NJO, PDF/Exploit.Pidief.OCG (4), PDF/Exploit.Pidief.OCH, PDF/Exploit.Pidief.OCI, PDF/Exploit.Pidief.OCJ, PDF/Exploit.Pidief.OCK, PDF/Exploit.Pidief.OCL, PDF/Exploit.Pidief.OCM, PDF/Exploit.Pidief.OCN, PDF/Exploit.Pidief.OCO, PDF/Exploit.Pidief.OCP, PDF/Exploit.Pidief.OCQ, Win32/Adware.Antivirus2008, Win32/Adware.BHO.NCX, Win32/Adware.Coolezweb (4), Win32/Adware.InternetAntivirus (4), Win32/Adware.MSAntispyware2009 (4), Win32/Adware.SuperJuan.A, Win32/Adware.Virtumonde (6), Win32/Adware.Virtumonde.FP, Win32/Adware.Virtumonde.NEF (3), Win32/Adware.Virtumonde.NEI, Win32/Agent.NEP, Win32/Agent.OUZ, Win32/Agent.PCA (2), Win32/Agent.WPI, Win32/Autoit.D (2), Win32/Autoit.NCS (2), Win32/AutoRun.Agent.AQ, Win32/AutoRun.Delf.AP (2), Win32/AutoRun.FakeAlert.AF, Win32/AutoRun.FakeAlert.M, Win32/AutoRun.FlyStudio.EH, Win32/AutoRun.FlyStudio.EI (2), Win32/BHO.NGY (2), Win32/BHO.NKD (3), Win32/BHO.NNI, Win32/BHO.NNJ, Win32/BHO.NNK, Win32/Delf.NVS, Win32/Delf.ODK, Win32/Delf.ODL, Win32/Delf.ODM, Win32/FlyStudio.NIJ (2), Win32/Injector.LV, Win32/KillAV.NCU, Win32/Olmarik.FT (14), Win32/Olmarik.GP (2), Win32/PSW.LdPinch.NEL (2), Win32/PSW.OnLineGames.OIU, Win32/PSW.YahooPass.AF (2), Win32/Rootkit.Agent.NHG, Win32/Rootkit.Agent.NKN (3), Win32/Rustock, Win32/Rustock.NHM, Win32/SpamTool.Agent.NBI (5), Win32/Spy.Agent.NMC (2), Win32/Spy.Bancos.DSY, Win32/Spy.Banker.ADCW (2), Win32/Spy.Banker.PPG, Win32/Spy.Banker.QEP, Win32/Spy.Banker.QLJ, Win32/Spy.Banker.QLP, Win32/Spy.Delf.NSL (2), Win32/Spy.Silentbanker.AI, Win32/Spy.Silentbanker.AJ, Win32/Spy.Zbot.BA, Win32/Spy.Zbot.GM, Win32/Spy.Zbot.JF (4), Win32/Spy.Zbot.ND, Win32/Tifaut.C, Win32/TrojanClicker.VB.NFW, Win32/TrojanDownloader.Agent.BICX (2), Win32/TrojanDownloader.Agent.OMQ (2), Win32/TrojanDownloader.Agent.ORH, Win32/TrojanDownloader.Agent.OXU (2), Win32/TrojanDownloader.Agent.OYA (2), Win32/TrojanDownloader.Banload.OOA, Win32/TrojanDownloader.Delf.OLI (2), Win32/TrojanDownloader.Delf.ORJ (5), Win32/TrojanDownloader.FakeAlert.AAW, Win32/TrojanDownloader.FakeAlert.ZI, Win32/TrojanDownloader.Small.OLB, Win32/TrojanDownloader.Small.ONM, Win32/TrojanDropper.Delf.NMG, Win32/TrojanDropper.VB.NHA, Win32/TrojanProxy.Small.NCA, Win32/VB.NQS
http://www.eset.eu/podpora/aktualizacia-3962?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - 3963 (20090325)
by roddy32 / March 25, 2009 8:50 AM PDT
2009-03-25 22:04
IRC/SdBot, Win32/Adware.Antivirus2009, Win32/Adware.Antivirus360, Win32/Adware.Cinmus, Win32/Adware.Coolezweb (5), Win32/Adware.SuperJuan.A (3), Win32/Adware.Virtumonde (3), Win32/Adware.Virtumonde.FP (3), Win32/Adware.Virtumonde.NEF (4), Win32/Adware.Virtumonde.NEI, Win32/Adware.Virtumonde.NEK (3), Win32/Adware.WinPCDefender (2), Win32/Agent.NWI, Win32/Agent.PCB (4), Win32/AutoRun.FakeAlert.AF, Win32/AutoRun.FlyStudio.EJ, Win32/AutoRun.FlyStudio.EK, Win32/Bagle.QX, Win32/Delf.KNQ, Win32/Delf.ODN, Win32/Hupigon, Win32/IRCBot.ADZ, Win32/IRCBot.AGP (2), Win32/IRCBot.AMX, Win32/Joleee.NH, Win32/Mypis.AQ, Win32/Olmarik.FT (3), Win32/PcClient (2), Win32/PcClient.NDG, Win32/Poison.QIV, Win32/Popwin.NAT, Win32/Proxec.C, Win32/PSW.Delf.NOP, Win32/PSW.Lineage.NHZ, Win32/PSW.VB.NCI, Win32/Spy.Agent.PZ, Win32/Spy.Ambler, Win32/Spy.Ambler.M (2), Win32/Spy.Banbra.NOR, Win32/Spy.Banker.OXC, Win32/Spy.Banker.QEO, Win32/Spy.Banker.QEP, Win32/Spy.Banker.QLP, Win32/Spy.Banker.QNN (2), Win32/Spy.Banker.QNO, Win32/Spy.Banker.QNP (2), Win32/Spy.Banker.QNQ (2), Win32/Spy.Delf.NSM, Win32/Spy.Delf.NSN (2), Win32/Spy.Delf.NSO (3), Win32/Spy.Delf.NSP (2), Win32/Spy.KeyLogger.NDX (3), Win32/Spy.Zbot.CK, Win32/Spy.Zbot.JF (3), Win32/Spy.Zbot.NE, Win32/TrojanClicker.Delf.NGM, Win32/TrojanDownloader.Agent.BNLC, Win32/TrojanDownloader.Agent.OWQ, Win32/TrojanDownloader.Agent.OYB, Win32/TrojanDownloader.Agent.OYC, Win32/TrojanDownloader.Banload.OON, Win32/TrojanDownloader.Delf.ORL (2), Win32/TrojanDownloader.FakeAlert.PR, Win32/TrojanDownloader.Small.EIQ (2), Win32/TrojanDownloader.Small.OHD (2), Win32/TrojanDownloader.Small.OIB, Win32/TrojanDownloader.Small.ONN, Win32/TrojanDropper.Agent.NXG, Win32/TrojanDropper.Joiner.AJ, Win32/VB.NZN
http://www.eset.eu/podpora/aktualizacia-3963?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
a-squared signature updates
by roddy32 / March 24, 2009 11:03 PM PDT
Collapse -
more
by roddy32 / March 25, 2009 3:16 AM PDT
Collapse -
SUPERAntiSpyware - 03/24/2009 - #3813
by roddy32 / March 25, 2009 12:08 AM PDT
Collapse -
AVG - AVI: 270.11.28/2022
by roddy32 / March 25, 2009 12:37 AM PDT
Collapse -
AVG - AVI: 270.11.29/2023
by roddy32 / March 25, 2009 8:32 AM PDT

Added detection of new variants of trojans IRC/BackDoor.SdBot4.JQH, Dropper.Small.BCW, PSW.Agent.YYI, Downloader.Generic8.ACOE, Generic13.KXN, PSW.Generic7.APT.
March 25, 2009
http://www.grisoft.com/us.download-update

Collapse -
AntiVir Version: 7.01.02.215
by roddy32 / March 25, 2009 1:00 AM PDT
Collapse -
Spybot S&D detection rules
by roddy32 / March 25, 2009 1:34 AM PDT
2009-03-25
PUPS
+ GameVance
Malware
+ CMVideo + Fraud.Downloader.gen + Fraud.MalwareDefender2009 + Fraud.SystemGuard2009 + Fraud.TotalAntispyware + Spambot.mib
Trojans
+ Fraud.VirusRemover2009 + SpambotLoad.cn + Virtumonde.sci + Virtumonde.sdn + Waledac.cn + Win32.Koutodoor.aik + Win32.Poison.pg + Win32.Small.ajbq + Win32.Small.NCA + Win32.TDSS.rtk + Win32.Virut.bg
Total: 1525689 fingerprints in 484951 rules for 4580 products.
http://www.safer-networking.org/en/home/index.html
Please remember to Re-Immunize after updating !
Collapse -
F-Prot
by roddy32 / March 25, 2009 1:57 AM PDT

F-PROT Antivirus can as of 25 March 2009 detect more than 1310835 worms, viruses and other malicious programs with its latest virus signature file.
http://www.f-prot.com/products/currentversions.html

Note: The total detections on the site are the same as what was posted on the 23rd of December 2008, BUT the actual program is being updated automatically at regular intervals even though the webpage isn't.

Collapse -
Java (JRE) 6 update 13
by Bugbatter / March 25, 2009 4:25 AM PDT
Collapse -
I posted this yesterday :)
by roddy32 / March 25, 2009 4:29 AM PDT
In reply to: Java (JRE) 6 update 13
Collapse -
Good Job!
by Bugbatter / March 27, 2009 6:21 AM PDT

Now there are two. Happy

Collapse -
McAfee Daily #5564
by roddy32 / March 25, 2009 7:57 AM PDT
Collapse -
SUPERAntuSpyware #3814
by roddy32 / March 25, 2009 8:02 AM PDT
Collapse -
avast! update 25.3.2009 version: 090325-0
by roddy32 / March 25, 2009 8:10 AM PDT
Collapse -
Panda
by roddy32 / March 25, 2009 8:54 AM PDT
Collapse -
NAV Daily
by roddy32 / March 25, 2009 9:02 AM PDT
Collapse -
VIPRE #5059
by roddy32 / March 25, 2009 9:06 AM PDT
Collapse -
CounterSpy #5059
by roddy32 / March 25, 2009 9:07 AM PDT
Collapse -
AVG Program Update 8.0.0284 - March 25, 2009
by roddy32 / March 25, 2009 10:19 AM PDT
Program Update AVG 8.0.0284
New recommended program update is available for download.
March 25, 2009
http://www.avg.com/us.press-releases-news.ndi-22302

Program update AVG 8.5.284 SP3

Fixes & Improvements


* Firewall: TCP server might refuse to connect to a client with a BlockedError listed in its traffic log.
* Firewall: Fixed error reporting in Event Log with AVG installed.
* Firewall: Fixed problem with IPv6 applications' connections problems on Windows XP.
* Firewall: Warning removed in case several default gateways are detected.

http://www.avg.com/us.223026

Note: At the time of this post, this update was only listed on the paid version page.
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?