General discussion

UPDATES - May 16, 2008

BOClean FILE DATE : 2008-05-16 09:53:27 (UTC)

TWENTY SIX new nasties for a total of 55741 *UNIQUE*
infectors (319,388 variants of these including
trojans,worms,bots,hijackers,downloaders,spam proxies, rootkits, adware,
spyware,keyloggers,"dialers" and other malware in total) covered in
today's update for BOClean 4.26.

Please also note that if you ever miss an update (or several) the update
you collect includes *ALL* previous update information. There is no
need to go hunting down other updates. The current one is always complete
http://www.nsclean.com/trolist.html
Discussion is locked
Follow
Reply to: UPDATES - May 16, 2008
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: UPDATES - May 16, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
TrojanHunter 5.0 Ruleset Update - May 15, 2008

An updated TrojanHunter ruleset is available. This update adds at least 32 new trojan definitions:

FraudTool.AntiSpywareExpert.101
FraudTool.XPShield.100
HackTool.Zbrute.100
Hoax.Renos.355
IRCBot.743
Monitor.Winvestigator.100
PWSteal.OnLineGames.1028
PWSteal.OnLineGames.1027
PWSteal.OnLineGames.1026
PWSteal.OnLineGames.1025
PWSteal.Papras.104
Small.682
TrojanClicker.Agent.339
TrojanDownloader.Agent.2279
TrojanDownloader.Agent.2278
TrojanDownloader.Agent.2277
TrojanDownloader.Banload.1402
TrojanDownloader.Dadobra.183
TrojanDownloader.Delf.1358
TrojanDownloader.FraudLoad.146
TrojanDownloader.Small.2571
TrojanDownloader.Small.2570
TrojanDownloader.Tibs.214
TrojanDropper.Agent.859
TrojanDropper.Injecter.100
TrojanDropper.JPG.100
TrojanProxy.Small.236
TrojanSpy.Banker.2312
TrojanSpy.WinSpy.134
VB.1214
Worm.Agent.162
Worm.Zhelatin.511

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.

You should have 172154 rules.

Also added later 172213 for LiveUpdate only

Adware.Vapsup.243
BHO.284
Buzus.133
http://www.misec.net/forum/board/RulesetUpdates/1210913658

- Collapse -
ClamAV #7134

Latest ClamAV? stable release is: 0.93
Latest ClamAV? RC release is: n/a
Total number of signatures: 286269
ClamAV Virus Databases:
main.cvd ver. 46 released on 06 Apr 2008 18:57 +0000
daily.cvd ver. 7134 released on 16 May 2008 10:51 +0000
http://www.clamav.net/

- Collapse -
AVG - AVI 269.23.16/ 1446
- Collapse -
AVG - AVI 269.23.16/ 1448

Added detection of new variant of Worm/Autoit, Worm/Spybot, new variants of trojans Agent, Downloader.Swizzor, PSW.OnlineGames.
May 16, 2008
http://www.grisoft.com/us.news

- Collapse -
NOD32 - 3104 (20080516)

2008-05-16 11:31
BAT/Agent.NAG (2), PDF/Exploit.PDF-URI.B (2), PDF/Exploit.Pidief.AD, PDF/Exploit.Pidief.AK (3), PDF/Exploit.Pidief.AP (3), PDF/Exploit.Pidief.AQ (2), PDF/Exploit.Pidief.BD, PDF/Exploit.Pidief.N, PDF/Exploit.Pidief.NAV, PDF/Exploit.Pidief.NAW, PDF/Exploit.Pidief.NAX, PDF/Exploit.Pidief.NAY, PDF/Exploit.Pidief.NAZ, PP97M/TrojanDropper.Agent.NAU, W97M/TrojanDropper.Agent.BS (2), W97M/TrojanDropper.Agent.CL, Win32/Adware.Vapsup (3), Win32/Agent.NED (3), Win32/Agent.NKU (6), Win32/Agent.NUP, Win32/Agent.NUU, Win32/AutoRun.NG (6), Win32/AutoRun.NH (3), Win32/Inject.BED (3), Win32/KillFiles.NBA (2), Win32/Monitor.ActMon (5), Win32/Pacex.Gen (3), Win32/PcClient, Win32/Poison (3), Win32/PSW.OnLineGames.NMP (2), Win32/PSW.OnLineGames.NMY (4), Win32/PSW.OnLineGames.NNU (4), Win32/PSW.OnLineGames.NOP (4), Win32/PSW.OnLineGames.NWA (2), Win32/PSW.OnLineGames.OAT, Win32/PSW.OnLineGames.OAU, Win32/PSW.OnLineGames.ODJ (2), Win32/PSW.Small.NAF, Win32/Qhost (3), Win32/Qhost.AKN (3), Win32/Qhost.NDD (4), Win32/Qhost.NDE, Win32/Rootkit.Agent.ABU, Win32/SpamTool.Agent.NAS, Win32/Spy.Agent.BJR, Win32/Spy.Agent.NGO (2), Win32/Spy.Agent.NGP (2), Win32/TrojanDownloader.Agent.NYU (2), Win32/TrojanDownloader.Injecter.PQ, Win32/TrojanDownloader.Small.OCH (2), Win32/TrojanDownloader.Zlob.BXS (2), Win32/TrojanDownloader.Zlob.BXT (2), Win32/TrojanDownloader.Zlob.BXV (16), Win32/TrojanDropper.Agent.EPF (3), Win32/TrojanProxy.Agent.NDY (4)
http://www.eset.eu/podpora/aktualizacia-3104?lng=en
http://www.eset.eu/support/update-xy1

- Collapse -
BOClean FILEDATE: 2008-05-16 13:03:57 (UTC)
TWENTY new nasties for a total of 55761 *UNIQUE* infectors (
319,412 variants of these including trojans, worms, bots, hijackers,
downloaders, spam proxies, rootkits, adware, spyware, keyloggers,
"dialers" and other malware in total) covered in today's update for
BOClean 4.26.

Please also note that if you ever miss an update (or several) the update
you collect includes ***ALL*** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.nsclean.com/trolist.html
- Collapse -
NOD32 - 3106 (20080516)
2008-05-16 20:38
Win32/Adware.AdMedia (4), Win32/Adware.Ejik.NAG (4), Win32/Adware.Virtumonde (2), Win32/AutoRun.NI (3), Win32/Delf.CDO (2), Win32/Jaan.L (4), Win32/PSW.OnLineGames.NNM (8), Win32/Spy.Banker.HLJ (2), Win32/Spy.Banker.LCS, Win32/Spy.Banker.LGQ (2), Win32/Spy.Banker.LZA (2), Win32/Spy.Banker.OUP (2), Win32/Spy.Banker.OUQ, Win32/Spy.Banker.OUR (2), Win32/Spy.Banker.OUS (2), Win32/Spy.Banker.OUT (2), Win32/Spy.Banker.OUU (2), Win32/Spy.VB.NCR, Win32/TrojanDownloader.Small.OBW, Win32/TrojanDownloader.Small.OCI, Win32/TrojanDownloader.Small.OCJ (2), Win32/TrojanDownloader.Wigon.P, Win32/TrojanDownloader.Zlob.BTY, Win32/TrojanDownloader.Zlob.BXX (17), Win32/TrojanDropper.VB.NDE, Win32/TrojanProxy.Small.NBA
http://www.eset.eu/podpora/aktualizacia-3106?lng=en
http://www.eset.eu/support/update-xy1
- Collapse -
avast! 4.x VPS (released: 16.5.2008, version: 080516-1)
- Collapse -
avast! 4.x VPS (released: 16.5.2008, version: 080516-2)
- Collapse -
a-squared signature update
- Collapse -
a-squared signature update (2)
- Collapse -
Ad-Aware 2007
0082.0000, 0083.0000 are now available for Ad-Aware 2007

0083.0000 15.05.2008

MD5 for the core.aawdef: 07cede484019c2b72639dc5b2f1db76a
MD5 for the defs.ref file: 29e8293641d137f886433b276f7dcd8e

0082.0000 15.05.2008

MD5 for the core.aawdef file: 7f4c780ba907a6527e3fd893cf3fcba8
MD5 for the defs.ref file: 194eef8d1f03c9a0629410347189c62c


False Positive Fixes for:

Adware.Agent
Win32.Backdoor.RBot
Win32.Backdoor.Cakl
Win32.TrojanSpy.Delf
http://www.lavasoft.com/support/securitycenter/blog/?p=230#more-230

Note: At the time of this posting, there was nothing listed on the right side of the page for the SE version so I don't know if that was updated also or not.
- Collapse -
(NT) The above is a defs update (forgot to note that)
- Collapse -
NOD32 - 3105 (20080516)

2008-05-16 15:15
Win32/Adware.WinFixer, Win32/Agent.NUV (2), Win32/Agent.NUW (2), Win32/Pacex.Gen (4), Win32/PSW.OnLineGames.NFL, Win32/PSW.OnLineGames.OAR, Win32/PSW.OnLineGames.OAV, Win32/PSW.OnLineGames.OAW, Win32/PSW.OnLineGames.OAX, Win32/PSW.OnLineGames.OAY, Win32/Qhost.ANG (2), Win32/Rootkit.Agent.AMX (2), Win32/Socks.NAB (2), Win32/Spy.Agent.CLC (2), Win32/TrojanDownloader.Agent.BKW, Win32/TrojanDownloader.Agent.NYV (2), Win32/TrojanDownloader.Agent.NYW (2), Win32/TrojanDownloader.FakeAlert.CW, Win32/TrojanDownloader.FakeAlert.CX, Win32/TrojanDownloader.Firu, Win32/TrojanDownloader.Small.AWA (2), Win32/TrojanDownloader.Wigon.M, Win32/TrojanDownloader.Wigon.P, Win32/TrojanDownloader.Zlob.BXL, Win32/TrojanDownloader.Zlob.BXW (2), Win32/TrojanDownloader.Zlob.BXX, Win32/TrojanDownloader.Zlob.BXY (2), Win32/TrojanDownloader.Zlob.BXZ, Win32/TrojanProxy.Small.NBS, Win32/TrojanProxy.Small.NP, Win32/VB.NNG
http://www.eset.eu/podpora/aktualizacia-3105?lng=en
http://www.eset.eu/support/update-xy1

- Collapse -
F-Prot - 05/15/2008
- Collapse -
Avast! 4 Home/Pro Version 4.8.1201 - May 16, 2008
- Collapse -
AntiVir Version: 7.00.04.52
- Collapse -
BitDefender 17:49
- Collapse -
Panda
- Collapse -
Windows Defender
New Definition version: 1.33.9651.0
Windows Defender version: 1.1.1593.0 XP
Windows Defender version: 1.1.1505.0 Vista
Windows Defender version: 1.1.1600.0 Vista SP1
Engine Version: 1.1.3520.0

NOTE: Users who have not received the update within the program or MU or WU and wish to update manually, go to http://www.microsoft.com/security/portal/ to download the definitions. That is one of the features of their malware protection center portal... to allow manual download of the definitions for users who have trouble in getting the updates due to some reason or for users who administer computers and want to deploy defs updates offline.

Note that this is not a daily Windows Defender update form the portal.

http://www.microsoft.com/athome/security/spyware/software/default.mspx
- Collapse -
McAfee Daily #5297
- Collapse -
NAV Daily
Daily Updates
Symantec AntiVirus
Norton AntiVirus 2006/2007

Virus Definitions created May 16
Virus Definitions released May 16
Defs Version: 100516s
Sequence Number: 81606
Extended Version: 5/16/2008 rev. 19
Total Viruses Detected: 74102
http://www.symantec.com/avcenter/defs.download.html
- Collapse -
SUPERAntiSpyware #3463/1454

CNET Forums