Spyware, Viruses, & Security forum

General discussion

UPDATES - March 3, 2009

by roddy32 / March 2, 2009 8:24 PM PST
BOClean FILE DATE: 2009-03-03 10:34:43 (UTC)

TWENTY NINE new nasties for a total of 71,145 **UNIQUE**
infectors (341,038 variants of these including
trojans,worms,bots,hijackers,downloaders,spam proxies, rootkits, adware,
spyware,keyloggers,"dialers" and other malware in total) covered in
today's update for BOClean 4.27.

Please also note that if you ever miss an update (or several) the update
you collect includes **ALL** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.comodo.com/boclean/trolist.html
Discussion is locked
You are posting a reply to: UPDATES - March 3, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: UPDATES - March 3, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
TrojanHunter 5.0 Ruleset Update - Mar 2, 2009
by roddy32 / March 2, 2009 8:32 PM PST

An updated TrojanHunter ruleset is available. This update adds 97 new trojan definitions:

Agent.3675
Agent.3674
Agent.3673
Agent.3672
Agent.3671
Agent.3670
Agent.3669
Agent.3668
Agent.3667
Agent.3666
Agent.3665
Agent.3664
Agent.3663
Agent.3662
Buzus.337
Buzus.336
Diamin.145
Genome.109
Genome.108
Genome.107
Genome.106
Genome.105
Genome.104
IEbooot.102
Inject.391
Inject.390
Monder.544
Obfuscated.508
Pakes.619
PcClient.278
PcClient.277
PWSteal.Agent.472
PWSteal.OnLineGames.1524
PWSteal.OnLineGames.1523
PWSteal.OnLineGames.1522
PWSteal.OnLineGames.1521
PWSteal.OnLineGames.1520
PWSteal.WOW.391
PWSteal.WOW.390
PWSteal.WOW.389
PWSteal.WOW.388
PWSteal.WOW.387
Rbot.1742
Rbot.1741
Rootkit.Agent.455
Rootkit.Agent.454
Rootkit.TDSS.184
Rootkit.TDSS.183
Rootkit.Vanti.166
Rootkit.Vanti.165
SDBot.1268
Slefdel.110
Slefdel.109
Slefdel.108
Small.791
Small.790
Small.789
Small.788
StartPage.359
TrojanClicker.Foxwar.102
TrojanDownloader.Agent.3090
TrojanDownloader.Agent.3089
TrojanDownloader.Agent.3088
TrojanDownloader.Agent.3087
TrojanDownloader.Agent.3086
TrojanDownloader.Agent.3085
TrojanDownloader.Agent.3084
TrojanDownloader.Banload.1560
TrojanDownloader.Banload.1559
TrojanDownloader.Banload.1558
TrojanDownloader.Banload.1557
TrojanDownloader.Delf.1516
TrojanDownloader.Small.3025
TrojanDownloader.Small.3024
TrojanDownloader.Small.3023
TrojanDownloader.Small.3022
TrojanDownloader.Small.3021
TrojanDownloader.Small.3020
TrojanDownloader.Zlob.1727
TrojanDownloader.Zlob.1726
TrojanDownloader.Zlob.1725
TrojanDropper.Agent.1219
TrojanDropper.Small.561
TrojanDropper.VB.497
TrojanDropper.VBS.102
TrojanDropper.Wlord.100
TrojanProxy.Delf.156
TrojanProxy.Glukelira.102
TrojanProxy.Slaper.122
TrojanProxy.Small.293
TrojanSpy.Agent.547
TrojanSpy.Goldun.419
TrojanSpy.IeSpy.119
TrojanSpy.IeSpy.118
VB.1416
VB.1415
Vundo.1557

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.

You should have 209197 rules.
http://www.misec.net/forum/board/RulesetUpdates/1236059502

Collapse -
TrojanHunter 5.0 Ruleset Update - Mar 3, 2009
by roddy32 / March 3, 2009 7:01 AM PST

An updated TrojanHunter ruleset is available. This update adds 102 new trojan definitions:

Agent.3688
Agent.3687
Agent.3686
Agent.3685
Agent.3684
Agent.3683
Agent.3682
Agent.3681
Agent.3680
Agent.3679
Agent.3678
Agent.3677
Agent.3676
Dialer.333
Dialer.332
FraudTool.AntiVirus360.106
Httpbot.100
Hupigon.1306
Hupigon.1305
Hupigon.1304
Hupigon.1303
Iframer.102
Monder.545
Prefsap.101
PWSteal.LdPinch.908
PWSteal.LdPinch.907
PWSteal.LdPinch.906
PWSteal.LdPinch.905
PWSteal.Magania.538
PWSteal.Magania.537
PWSteal.Magania.536
PWSteal.Magania.535
PWSteal.Magania.534
PWSteal.Magania.533
PWSteal.Magania.532
PWSteal.OnLineGames.1530
PWSteal.OnLineGames.1529
PWSteal.OnLineGames.1528
PWSteal.OnLineGames.1527
PWSteal.OnLineGames.1526
PWSteal.OnLineGames.1525
PWSteal.QQPass.223
PWSteal.QQPass.222
PWSteal.QQPass.221
PWSteal.QQPass.220
PWSteal.QQPass.219
PWSteal.WOW.392
Rbot.1743
Rootkit.Agent.456
Rootkit.Mag.100
Rootkit.Small.107
Rootkit.Small.106
Rootkit.TDSS.185
Shark.136
Small.794
Small.793
Small.792
TDSS.149
TDSS.148
Tedroo.109
Tedroo.108
TrojanDownloader.AdLoad.469
TrojanDownloader.Agent.3095
TrojanDownloader.Agent.3094
TrojanDownloader.Agent.3093
TrojanDownloader.Agent.3092
TrojanDownloader.Agent.3091
TrojanDownloader.Cntr.134
TrojanDownloader.Delf.1518
TrojanDownloader.Delf.1517
TrojanDownloader.FraudLoad.564
TrojanDownloader.FraudLoad.563
TrojanDownloader.Onestage.100
TrojanDownloader.Small.3028
TrojanDownloader.Small.3027
TrojanDownloader.Small.3026
TrojanDownloader.VB.1062
TrojanDownloader.VB.1061
TrojanDownloader.Zlob.1730
TrojanDownloader.Zlob.1729
TrojanDownloader.Zlob.1728
TrojanDropper.Agent.1221
TrojanDropper.Agent.1220
TrojanDropper.Pincher.113
TrojanDropper.Pincher.112
TrojanDropper.Small.562
TrojanProxy.Glukelira.103
TrojanSpy.Zbot.806
TrojanSpy.Zbot.805
TrojanSpy.Zbot.804
TrojanSpy.Zbot.803
TrojanSpy.Zbot.802
TrojanSpy.Zbot.801
TrojanSpy.Zbot.800
TrojanSpy.Zbot.799
Worm.AutoRun.434
Worm.AutoRun.433
Worm.AutoRun.432
Zdoogu.110
Zdoogu.109
Zdoogu.108
Zdoogu.107

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.

You should have 209413 rules.
http://www.misec.net/forum/board/RulesetUpdates/1236119569

Collapse -
AVG - AVI: 270.11.6/1981
by roddy32 / March 2, 2009 9:04 PM PST
Collapse -
AVG - AVI: 270.11.7/1982
by roddy32 / March 3, 2009 5:57 AM PST
Collapse -
NOD32 - 3904 (20090303)
by roddy32 / March 2, 2009 9:14 PM PST
2009-03-03 11:55
ALS/Bursted, BAT/TrojanDownloader.Ftp.NCA, HTML/TrojanDownloader.Agent.NBL, IRC/SdBot, JS/Exploit.Agent.NAI (2), JS/Redirector.S, PDF/Exploit.Pidief.NNT, PDF/Exploit.Pidief.NNU, Win32/Adware.Antivirus2009, Win32/Adware.Antivirus360 (2), Win32/Adware.Coolezweb, Win32/Adware.SpywareProtect2009 (3), Win32/Adware.XPPoliceAntivirus (4), Win32/Agent.NEB, Win32/Agent.NVZ (3), Win32/Agent.OAF, Win32/Agent.OXN (5), Win32/Agent.OYV (2), Win32/Agent.OYW, Win32/Agent.OYX (2), Win32/Agent.OYY (2), Win32/Agent.OYZ, Win32/Autoit.EP.Gen (2), Win32/AutoRun.Agent.KM (2), Win32/AutoRun.FakeAlert.AF, Win32/AutoRun.Qhost.A (2), Win32/Bagle.QT (2), Win32/Boberog.J (2), Win32/CCProxy, Win32/Delf.OBW (2), Win32/Dialer.NGW (2), Win32/FlyStudio.NGG, Win32/Hexzone.AL (4), Win32/Hexzone.AM (5), Win32/Hupigon (7), Win32/Hupigon.NMZ, Win32/IRCBot, Win32/Koobface.NAO, Win32/Olmarik.FT, Win32/Olmarik.GD (2), Win32/Patched.T, Win32/Patched.U, Win32/Patched.V, Win32/PcClient (2), Win32/PerfectKeylogger, Win32/Poison, Win32/PSW.OnLineGames.NMP, Win32/PSW.OnLineGames.NMY, Win32/PSW.Papras, Win32/Spy.Agent.ABZJ, Win32/Spy.Bankpatch.AW, Win32/Spy.Delf.NRI, Win32/Spy.Pophot, Win32/TrojanDownloader.Delf.OMC, Win32/TrojanDownloader.Delf.OQA (2), Win32/TrojanDownloader.Small.NTQ (2), Win32/TrojanDownloader.Small.OJX, Win32/TrojanDownloader.Small.OMQ, Win32/TrojanDownloader.Small.OMR (2), Win32/TrojanDownloader.VB.NVP, Win32/TrojanDownloader.Zlob.CZK, Win32/TrojanProxy.Small.NDE, Win32/VB.NXL, Win32/Waledac.HE
http://www.eset.eu/podpora/aktualizacia-3904?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - 3905 (20090303)
by roddy32 / March 3, 2009 4:19 AM PST
2009-03-03 17:06
IRC/SdBot, JS/TrojanDownloader.Agent.NMJ, JS/TrojanDownloader.Agent.NMK, JS/TrojanDownloader.Agent.NML, JS/TrojanDownloader.Agent.NMM, JS/TrojanDownloader.Agent.NMN, JS/TrojanDownloader.Agent.NMO, JS/TrojanDownloader.Iframe.AJL (2), MSIL/IRCBot.B, PDF/Exploit.Pidief.NNV, PDF/Exploit.Pidief.NNW, PDF/Exploit.Pidief.NNX, PDF/Exploit.Pidief.NNY, PDF/Exploit.Pidief.NNZ, PDF/Exploit.Pidief.NOA, Win32/Adware.AntiVirus1 (3), Win32/Adware.Antivirus2008 (3), Win32/Adware.Antivirus2009, Win32/Adware.Antivirus360 (4), Win32/Adware.BHO.NCX, Win32/Adware.Coolezweb (3), Win32/Adware.MSAntispyware2009 (4), Win32/Adware.SuperJuan, Win32/Adware.TotalVirusProtection (6), Win32/Adware.Virtumonde (2), Win32/Adware.Virtumonde.FP, Win32/Adware.Virtumonde.NDN (3), Win32/Adware.Virtumonde.NEF (2), Win32/Adware.Virtumonde.NEI, Win32/Agent.KVO, Win32/Agent.LYB (2), Win32/Agent.NFQ (3), Win32/Agent.OYP, Win32/Agent.OZC (2), Win32/Agent.OZD, Win32/Agent.WPI (2), Win32/AutoRun.ABH, Win32/AutoRun.Agent.HZ, Win32/AutoRun.Agent.IE (2), Win32/Bifrose.NFW, Win32/Bifrose.NFX, Win32/Delf.NMU, Win32/Delf.OBY, Win32/Hakaglan.I, Win32/Hupigon, Win32/Hupigon.NNA (4), Win32/Inject.NCF, Win32/IRCBot.AML, Win32/Joleee.NG, Win32/Olmarik.FT (2), Win32/Olmarik.GE (4), Win32/Popwin.NAN (2), Win32/PSW.Agent.NIA (4), Win32/PSW.Gamania.NBJ, Win32/PSW.Gamania.NBK, Win32/PSW.OnLineGames.NNM (2), Win32/PSW.OnLineGames.NNU (2), Win32/PSW.OnLineGames.NQM (4), Win32/PSW.OnLineGames.NTF, Win32/PSW.OnLineGames.NTM (2), Win32/PSW.OnLineGames.ODJ (2), Win32/PSW.OnLineGames.XTT, Win32/PSW.VB.NCF (4), Win32/PSW.WOW.NIJ, Win32/Rustock, Win32/Rustock.NGZ (3), Win32/Rustock.NHA, Win32/Small.NDQ, Win32/Small.NDS, Win32/SpamTool.Agent.IP, Win32/Spy.Agent.NMA, Win32/Spy.Banker.PPH, Win32/Spy.Delf.NRJ (2), Win32/Spy.Zbot.GM, Win32/Spy.Zbot.JF (3), Win32/Spy.Zbot.KY, Win32/Spy.Zbot.LA (2), Win32/Spy.Zbot.LB, Win32/Spy.Zbot.LC, Win32/Spy.Zbot.LD (2), Win32/Tifaut.C (2), Win32/TrojanClicker.Agent.NEB, Win32/TrojanDownloader.Agent.ORH (2), Win32/TrojanDownloader.Agent.OVT (2), Win32/TrojanDownloader.Agent.OVU, Win32/TrojanDownloader.Banload.ONO, Win32/TrojanDownloader.Delf.OQB (3), Win32/TrojanDownloader.FakeAlert.PR, Win32/TrojanDownloader.FakeAlert.SM, Win32/TrojanDownloader.FakeAlert.YS, Win32/TrojanDownloader.FakeAlert.ZR (3), Win32/TrojanDownloader.FakeAlert.ZS, Win32/TrojanDownloader.Small.OMS (2), Win32/TrojanDownloader.VB.AWJ, Win32/TrojanDownloader.VB.NQS, Win32/TrojanDownloader.VB.NVP, Win32/TrojanDownloader.Wigon.BS, Win32/TrojanDownloader.Zlob.CZG, Win32/TrojanDropper.Agent.NPO (3), Win32/TrojanDropper.Agent.NVW, Win32/TrojanDropper.Agent.NVX (2), Win32/TrojanProxy.Ranky, Win32/TrojanProxy.Small.NDF, Win32/VB.NXN (6), Win32/Wigon (2), Win32/Wigon.DC, Win32/Wigon.JN (2)
http://www.eset.eu/podpora/aktualizacia-3905?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - 3906 (20090303)
by roddy32 / March 3, 2009 7:31 AM PST
2009-03-03 23:56
IRC/SdBot, PDF/Exploit.Pidief.NOB (7), Win32/Adware.Antivirus2009 (4), Win32/Adware.Antivirus360, Win32/Adware.CiDHelp, Win32/Adware.SpywareProtect2009, Win32/Adware.XPAntivirus, Win32/Agent.NGC, Win32/Agent.NNM, Win32/Agent.NRY, Win32/Agent.OYW, Win32/Agent.OZA (2), Win32/Agent.OZB, Win32/Agent.OZE (3), Win32/Autoit.FK, Win32/AutoRun.FakeAlert.AC, Win32/AutoRun.FakeAlert.AF (2), Win32/AutoRun.FakeAlert.M, Win32/AutoRun.FlyStudio.DL (2), Win32/BHO.NKD, Win32/Boberog.K, Win32/Delf.OBV, Win32/Delf.OBX (2), Win32/Delf.OBZ, Win32/Delf.OCA, Win32/Dialer.NGX (2), Win32/IRCBot.ALK (2), Win32/IRCBot.ALP (2), Win32/Koobface.NAW (2), Win32/Olmarik.D (40), Win32/Olmarik.FT (4), Win32/Prosti, Win32/Prosti.NBW, Win32/PSW.Delf.NOI (2), Win32/PSW.Delf.NOJ (2), Win32/PSW.Delf.NOK (2), Win32/PSW.LdPinch.NEL, Win32/PSW.OnLineGames.NNU (2), Win32/PSW.OnLineGames.OIH (2), Win32/PSW.OnLineGames.OII (2), Win32/PSW.OnLineGames.OIJ (2), Win32/Qhost, Win32/Spy.Bancos.NJZ, Win32/Spy.Banker.QKH (2), Win32/Spy.Banker.QKI, Win32/Spy.Banker.QKJ, Win32/Spy.Zbot.CK, Win32/Spy.Zbot.HR (2), Win32/Spy.Zbot.JF (3), Win32/Spy.Zbot.KZ, Win32/Tinxy.AA (2), Win32/TrojanClicker.VB.NFN (3), Win32/TrojanDownloader.Agent.OVV, Win32/TrojanDownloader.Banload.DOH, Win32/TrojanDownloader.Banload.ONT (2), Win32/TrojanDownloader.Delf.OLI (4), Win32/TrojanDownloader.Delf.OOB, Win32/TrojanDownloader.FakeAlert.TG, Win32/TrojanDownloader.Small.OJH, Win32/TrojanDownloader.Small.OJX (12), Win32/TrojanDownloader.Wigon.BW, Win32/TrojanDropper.Agent.NVU, Win32/TrojanDropper.Agent.NVV, Win32/TrojanDropper.Delf.NKN, Win32/TrojanProxy.Small.NCA (2), Win32/VB.KJY, Win32/VB.NXF, Win32/VB.NXM, Win32/Wigon, Win32/Wigon.JA, Win32/Wigon.JN, X97M/Exploit.CVE-2009-0238.A
http://www.eset.eu/podpora/aktualizacia-3906?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
AntiVir Version: 7.01.02.111
by roddy32 / March 2, 2009 9:23 PM PST
Collapse -
ClamAV # 9065
by roddy32 / March 2, 2009 9:27 PM PST

Latest ClamAV? stable release is: 0.94.2
Total number of signatures: 514639
ClamAV Virus Databases:
main.cvd ver. 50 released on 15 Feb 2009 16:47 :0500
daily.cvd ver. 9065 released on 03 Mar 2009 05:43 :0500
http://www.clamav.net/

Collapse -
AIMFix - 03/01/2009
by roddy32 / March 2, 2009 10:25 PM PST
Collapse -
avast! update 3.3.2009 version: 090303-0
by roddy32 / March 3, 2009 2:06 AM PST
Collapse -
avast! update 3.3.2009 version: 090303-1
by roddy32 / March 3, 2009 6:20 AM PST
Collapse -
avast! update 4.3.2009 version: 090303-2
by roddy32 / March 3, 2009 9:52 AM PST
Collapse -
McAfee Daily #5542
by roddy32 / March 3, 2009 2:50 AM PST
Collapse -
Opera 9.64 released March 3, 2009
by roddy32 / March 3, 2009 3:19 AM PST
Release Notes

Opera 9.64 is a recommended security and stability upgrade, incorporating the Opera Presto 2.1.1 user agent engine. Opera highly recommends all users to upgrade to Opera 9.64 to take advantage of these improvements.

Changes and improvements since Opera 9.63

Security


# Fixed an issue where specially crafted JPEG images ccould be used to execute arbitrary code, as reported by Tavis Ormandy of the Google Security Team; see our advisory
# Fixed an issue where plug-ins could be used to allow cross domain scripting, as reported by Adam Barth; details will be disclosed at a later date.
# Fixed a moderately severe issue; details will be disclosed at a later date.
# Added support for the following platform-specific features:
# DEP (Data Execution Prevention) in Microsoft WindowsXP
Collapse -
Secunia Online Software Inspector
by roddy32 / March 3, 2009 3:50 AM PST

Secunia has updated the Secunia Online Software Inspector (OSI) with new
rules for detecting insecure software.

Run the Secunia OSI to make sure that your system is up-to-date:
http://secunia.com/vulnerability_scanning/online/

What is New:

1) Inspection rules have been updated for Opera.

Collapse -
Panda
by roddy32 / March 3, 2009 4:37 AM PST
Collapse -
SUPERAntiSpyware #3783
by roddy32 / March 3, 2009 6:30 AM PST
Collapse -
SUPERAntiSpyware #3784
by roddy32 / March 3, 2009 9:55 AM PST
In reply to: SUPERAntiSpyware #3783
Collapse -
NAV Daily
by roddy32 / March 3, 2009 7:10 AM PST
Collapse -
a-squared signature updates - 03/04/2009
by roddy32 / March 3, 2009 10:04 AM PST
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?