Spyware, Viruses, & Security forum

General discussion

UPDATES - November 25, 2009

by Donna Buenaventura / November 24, 2009 7:19 PM PST
Discussion is locked
You are posting a reply to: UPDATES - November 25, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: UPDATES - November 25, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
MBAM #3228
by Donna Buenaventura / November 24, 2009 7:20 PM PST
Collapse -
MBAM #3231
by roddy32 / November 25, 2009 2:15 AM PST
In reply to: MBAM #3228
Collapse -
AVG AVI: 270.14.82/ 2525
by Donna Buenaventura / November 24, 2009 7:21 PM PST

Added detection of new variant of Worm/VB.ACPB, new variants of trojans SHeur2.BUNM, BackDoor.Generic12.KOO, Generic15.BPLH, Generic15.BPFT, BackDoor.Hupigon5.AFPK.
November 25, 2009
http://www.avg.com/us-en/download-update

Collapse -
AVG - AVI: 270.14.83/ 2526
by roddy32 / November 25, 2009 7:37 AM PST
Collapse -
NOD32 - Update 4635 (20091125)
by Donna Buenaventura / November 24, 2009 7:22 PM PST
Update 4635 (20091125)
2009-11-25 11:49
BAT/KillFiles.NBX (3), BAT/TrojanDownloader.Ftp.NGW, HTML/Phishing.Gen, INF/Autorun, JS/SpamTool.Agent.A, PDF/Exploit.Pidief.OTY, VBS/CDEject.A, Win32/Adware.Cinmus, Win32/Adware.GreenAV (2), Win32/Adware.GreenAV.AA, Win32/Adware.GreenAV.AB (2), Win32/Adware.InternetAntivirus (3), Win32/Adware.InternetAntivirus.AA, Win32/Adware.SecurityTool (2), Win32/Adware.WiniGuard.AA, Win32/Adware.WiniGuard.AE (2), Win32/Agent.NVT, Win32/Agent.OQF, Win32/Agent.OQV, Win32/Agent.QJH, Win32/Agent.QJI (3), Win32/Agent.QJJ, Win32/Agent.WPI, Win32/AntiAV.NDM, Win32/AutoRun.Delf.ED (2), Win32/AutoRun.FlyStudio.UN, Win32/AutoRun.FlyStudio.UO, Win32/AutoRun.FlyStudio.UP, Win32/AutoRun.FlyStudio.UQ, Win32/AutoRun.FlyStudio.UR, Win32/AutoRun.IRCBot.BY, Win32/AutoRun.IRCBot.CX (3)
More in http://www.eset.eu/podpora/aktualizacia-4635?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - Update 4636 (20091125)
by roddy32 / November 24, 2009 11:28 PM PST
2009-11-25 15:28
BAT/Qhost.NDI (2), BAT/Runner.G, IRC/SdBot (2), VBS/AutoRun.DN (2), Win32/Adware.AdvancedVirusRemover.B (2), Win32/Adware.GeneralAV (8), Win32/Adware.Virtumonde.NGJ, Win32/Agent.QHZ, Win32/Agent.QJK, Win32/Agent.QJL (4), Win32/Agent.QJM (2), Win32/Agent.QJN (2), Win32/Agent.WPY, Win32/AutoRun.Agent.TA, Win32/AutoRun.Delf.CC, Win32/AutoRun.Delf.EE (2), Win32/AutoRun.FlyStudio.US, Win32/AutoRun.FlyStudio.UT, Win32/AutoRun.FlyStudio.UU, Win32/AutoRun.IRCBot.BM (3), Win32/AutoRun.IRCBot.BY (2), Win32/AutoRun.IRCBot.CX (3), Win32/AutoRun.IRCBot.DI (3), Win32/AutoRun.IRCBot.DJ (2), Win32/AutoRun.KS, Win32/AutoRun.Qhost.Y (4), Win32/AutoRun.VB.FX, Win32/BHO.NVJ, Win32/Brontok.CS, Win32/Delf.OVS (4), Win32/FlyStudio.NYT, Win32/FlyStudio.NYU, Win32/Hatob.E (2), Win32/Injector.ACF, Win32/IRCBot.AMC (2), Win32/Koobface.NBH, Win32/Koobface.NCF (3), Win32/Koobface.NCK (6), Win32/Koobface.NCL (2), Win32/Koobface.NCM (2), Win32/LockScreen.CA, Win32/Losfondup.A, Win32/Mebroot.CU (2), Win32/Merond.O, Win32/Merond.W, Win32/Naprat.B, Win32/Patched.CK, Win32/Peerfrag.DO (2), Win32/Peerfrag.DP, Win32/Peerfrag.DR, Win32/Peerfrag.EC (2), Win32/Peerfrag.FI (2), Win32/Pinit.AB, Win32/Pinit.Y, Win32/Popwin.NCN (2), Win32/Popwin.NCO, Win32/Popwin.NCP, Win32/PSW.Agent.NJL, Win32/PSW.Delf.NTX, Win32/PSW.LdPinch.NEL (3), Win32/PSW.OnLineGames.NMP, Win32/PSW.OnLineGames.NNU (4), Win32/PSW.OnLineGames.ODJ, Win32/PSW.Papras.AV, Win32/PSW.QQPass.NFK, Win32/PSW.VKont.AB, Win32/Qhost (2), Win32/Qhost.NQC (4), Win32/Refpron.CP (3), Win32/RJump.A, Win32/Skintrim.BZ, Win32/Skintrim.CA, Win32/Small.CVQ, Win32/SpectorPro.AC (2), Win32/Spy.Ambler.AV, Win32/Spy.Ambler.M, Win32/Spy.Banbra.NXF, Win32/Spy.Banker.PPH, Win32/Spy.Banker.QXO (3), Win32/Spy.Banker.RWM (2), Win32/Spy.Banker.RWN (2), Win32/Spy.Banker.SEQ (2), Win32/Spy.Banker.SGZ, Win32/Spy.Delf.NZW (2), Win32/Spy.Delf.NZZ, Win32/Spy.VB.NFE, Win32/Spy.Zbot.UN (2), Win32/TCPZ.D, Win32/TrojanDownloader.Banload.OHP (3), Win32/TrojanDownloader.Delf.PDP, Win32/TrojanDownloader.Delf.PDQ (2), Win32/TrojanDownloader.FakeAlert.AED, Win32/TrojanDownloader.FakeAlert.AOP, Win32/TrojanDownloader.VB.OFO, Win32/TrojanDropper.Agent.OLK, Win32/TrojanDropper.Agent.OLL (2), Win32/TrojanDropper.Agent.OLM, Win32/VB.OQE (2), Win32/Votwup.C
http://www.eset.eu/podpora/aktualizacia-4636?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
NOD32 - Update 4637 (20091125)
by roddy32 / November 25, 2009 7:42 AM PST
2009-11-25 23:33
IRC/SdBot, JS/Exploit.Pdfka.AMA, JS/Exploit.Pdfka.ANP, JS/Exploit.Pdfka.NOA, VBS/TrojanDownloader.Agent.NBU (2), VBS/TrojanDownloader.Agent.NBV, Win32/Adware.Agent.NMZ, Win32/Adware.AntivirusPlus, Win32/Adware.BHO.IEHelper (2), Win32/Adware.PrivacyCenter.AD (3), Win32/Adware.ScreenBlaze.AA, Win32/Adware.SecurityTool (2), Win32/Adware.SmartProtector, Win32/Adware.SpyDajaba (2), Win32/Adware.SuperJuan.O, Win32/Adware.SystemSecurity, Win32/Adware.Virtumonde.NGI (2), Win32/Adware.WindowsPolicePro.AB (2), Win32/Agent.OBB (2), Win32/Agent.OQF, Win32/Agent.QHZ, Win32/Agent.QJO, Win32/AutoRun.IRCBot.CX, Win32/AutoRun.IRCBot.DI (3), Win32/AutoRun.VB.HP, Win32/AutoRun.VB.HQ, Win32/Bagle.TC (5), Win32/BHO.NPE, Win32/Bifrose.NDU, Win32/Cakl.NAG, Win32/Delf.NOC, Win32/Delf.ODK, Win32/Delf.OVN, Win32/Injector.AIY, Win32/IRCBot.APU, Win32/IRCBot.NBF, Win32/KillAV.NGT, Win32/Koobface.NCF, Win32/Koobface.NCK, Win32/Koutodoor.DW, Win32/Koutodoor.DX, Win32/Koutodoor.EP (2), Win32/Koutodoor.ET (2), Win32/Kryptik.BFB, Win32/Kryptik.BFC, Win32/Mebroot, Win32/Mebroot.CV, Win32/Oficla.AP, Win32/Oficla.BT, Win32/Olmarik.QB, Win32/PSW.Delf.NTV (2), Win32/PSW.Delf.NTX, Win32/PSW.Lineage.DN (3), Win32/PSW.OnLineGames.OOW, Win32/PSW.VKont.DL, Win32/PSW.VKont.Y, Win32/PSW.WOW.NNJ (3), Win32/PSW.Yahoo.YPager.R, Win32/Refpron.CN, Win32/Spatet.A, Win32/Spy.Banbra.NTN, Win32/Spy.Bancos.NOR, Win32/Spy.Banker.QXO, Win32/Spy.Banker.RWL, Win32/Spy.Banker.RWO (2), Win32/Spy.Banker.RWP (4), Win32/Spy.Banker.RWQ (3), Win32/Spy.Banker.RWR (2), Win32/Spy.Bankpatch.CR, Win32/Spy.Delf.OAA (2), Win32/Spy.Zbot.JF (3), Win32/Spy.Zbot.UN (2), Win32/StartPage.NOQ, Win32/TCPZ.D, Win32/TrojanClicker.Delf.NBK (2), Win32/TrojanDownloader.Agent.PID, Win32/TrojanDownloader.Agent.PNV, Win32/TrojanDownloader.Agent.POX, Win32/TrojanDownloader.Agent.POY (2), Win32/TrojanDownloader.Agent.POZ (2), Win32/TrojanDownloader.Banload.OHO, Win32/TrojanDownloader.FakeAlert.AFQ, Win32/TrojanDownloader.FakeAlert.AOX (2), Win32/TrojanDownloader.FakeAlert.APG, Win32/TrojanDownloader.Mebload.M, Win32/TrojanDownloader.Swizzor, Win32/TrojanDownloader.Ufraie.A, Win32/TrojanDropper.Agent.OLN (2), Win32/TrojanDropper.Delf.NRH (2), Win32/TrojanDropper.VB.NLV, Win32/TrojanProxy.Small.NCJ (3), Win32/Wigon.HT (2)
http://www.eset.eu/podpora/aktualizacia-4637?lng=en
http://www.eset.eu/support/update-xy1
Collapse -
AntiVir VDF Version: 7.10.01.77
by Donna Buenaventura / November 24, 2009 7:22 PM PST
Collapse -
AntiVir Version: 7.10.01.106
by roddy32 / November 25, 2009 7:33 AM PST
Collapse -
ClamAV #10069
by Donna Buenaventura / November 24, 2009 7:23 PM PST

Latest ClamAV stable release is: 0.95.3
Total number of signatures: 658631
ClamAV Virus Databases:
main.cvd ver. 51 released on 14 May 2009 10:28 :0400
daily.cvd ver. 10069 released on 25 Nov 2009 00:38 :0500
http://www.clamav.net/

Collapse -
ClamAV #10073
by roddy32 / November 25, 2009 7:26 AM PST
In reply to: ClamAV #10069

Latest ClamAV? stable release is: 0.95.3
Total number of signatures: 659289
ClamAV Virus Databases:
main.cvd ver. 51 released on 14 May 2009 10:04 :0400
daily.cvd ver. 10073 released on 25 Nov 2009 17:47 :0500
http://www.clamav.net/

Collapse -
a-squared signature update
by Donna Buenaventura / November 24, 2009 7:24 PM PST
Collapse -
more
by roddy32 / November 25, 2009 6:42 AM PST
Collapse -
BitDefender defs v7.29133
by Donna Buenaventura / November 24, 2009 7:25 PM PST
Collapse -
Spybot-S&D
by Donna Buenaventura / November 24, 2009 7:48 PM PST
2009-11-25
Adware

++ Cuckoo ++ Tencent.AdressBar
Malware
+ Fraud.AntivirusPlus ++ Fraud.ControlCenter ++ Fraud.LinkSafeness + Fraud.MSAntispyware2009 ++ Fraud.PersonalProtector + Fraud.ProAntispyware2009 + Fraud.Sysguard + Fraud.XPAntivirus + Smitfraud-C. + WareOut + Win32.Downloader.dequ + Win32.FraudLoad.edt ++ Win32.Podmena ++ Win32.Presto ++ Win32.VB.bpbu ++ Win32.VB.usr
Pups
+ Live-Player
Trojans
++ Backdoor.FakeUtility + Virtumonde.sci + Virtumonde.sdn ++ Win32.Agent.hbt ++ Win32.Ambler + Win32.KillAV.hd ++ Win32.OnLineGames.mfbi ++ Win32.OnLineGames.mfcc ++ Win32.OnLineGames.unaj ++ Win32.OnLineGames.uozk ++ Win32.OnLineGames.urvu ++ Win32.Qibongi ++ Win32.Satasery + Win32.TDSS.rtk + Win32.ZBot
Total: 1756620 fingerprints in 681017 rules for 5073 products.
http://www.safer-networking.org/en/updatehistory/index.html

NOTE: Don't forget to re-immunize after updating.
Collapse -
CA AV defs v35.1.7141
by roddy32 / November 24, 2009 10:04 PM PST
Collapse -
Ad-Aware defs v0149.0101
by roddy32 / November 24, 2009 10:18 PM PST
0149.0101 - November 25, 2009

New definitions:
====================

Win32.Backdoor.Donbot
Win32.Backdoor.Ircnite
Win32.Backdoor.Kykyshka
Win32.Backdoor.Maravia
Win32.FraudTool.AdditionalGuard
Win32.FraudTool.KeepCop
Win32.FraudTool.WindowsPCDefender
Win32.Hoax.BadJokeSojfuse
Win32.Rootkit.Zybr
Win32.TrojanPWS.Kykymber
Win32.TrojanPWS.Qicqspy

Updated definitions:
====================


List too long to post

MD5 checksum for core.aawdef is 86e782479470a22840bf63667e4df897
http://www.lavasoft.com/mylavasoft/securitycenter/blog/01490101-latest-definitions-adaware-combating-virus-spyware-malware-rogue
Collapse -
The Cleaner Database v1208
by roddy32 / November 24, 2009 11:37 PM PST
Collapse -
The Cleaner Database v1210
by roddy32 / November 25, 2009 8:21 AM PST
Collapse -
SUPERAntiSpyware #4311
by roddy32 / November 25, 2009 12:54 AM PST
Collapse -
SUPERAntiSpyware #4312
by roddy32 / November 25, 2009 6:32 AM PST
In reply to: SUPERAntiSpyware #4311
Collapse -
Quick Heal defs
by roddy32 / November 25, 2009 1:20 AM PST
Collapse -
McAfee Daily #5813
by roddy32 / November 25, 2009 1:45 AM PST
Collapse -
avast! 25.11.2009 version: 091125-1
by roddy32 / November 25, 2009 1:59 AM PST
Collapse -
NAV Weekly
by roddy32 / November 25, 2009 6:13 AM PST
Collapse -
NAV Daily
by roddy32 / November 25, 2009 6:19 AM PST
Daily Updates
Symantec AntiVirus
Norton AntiVirus 2006/2007

Virus Definitions created 11/25/2009
Virus Definitions released 11/25/2009
Defs Version: 111125d
Sequence Number: 102907
Extended Version: 11/25/2009 rev. 4
Total Detections (Threats & Risks): 5387044

Multiple Daily Updates
Symantec Endpoint Protection 11
Norton AntiVirus 2008 and newer

Virus Definitions created 11/25/2009
Virus Definitions released 11/25/2009
Defs Version: 111125d
Sequence Number: 102907
Extended Version: 11/25/2009 rev. 4
Total Detections (Threats & Risks): 5387044
http://www.symantec.com/business/security_response/definitions/download/index.jsp
Collapse -
CounterSpy/VIPRE #5529
by roddy32 / November 25, 2009 7:01 AM PST
Collapse -
avast! 4 Home/Pro v4.8.1367 - November 25, 2009
by roddy32 / November 25, 2009 8:46 AM PST
Collapse -
NoScript v1.9.9.17 - November 25, 2009
by roddy32 / November 25, 2009 8:59 AM PST
What's new

x Fixed residual crash issue when favicons need to be redirected to HTTPS
x Enhanced ClearClick compatibility with Photbucket

Legend
[+] new feature, [x] bug fix, [-] removed feature, [=] repackaging or cosmetic change

http://noscript.net/changelog

Download
http://noscript.net/getit

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!