Added detection of new variants of trojans Adload, BHO, Dropper.Agent, BackDoor.VB.
October 15, 2008
http://www.grisoft.com/us.download-update
 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
General discussion
UPDATES - October 15, 2008
An updated TrojanHunter ruleset is available. This update adds 31 new trojan definitions:
Agent.2992
Agent.2991
Agent.2990
Agent.2989
Humor.103
Inject.286
Inject.285
Kobcka.109
Obfuscated.477
Pakes.527
PWSteal.Magania.303
Rootkit.Podnuha.120
TDSS.107
TDSS.106
TrojanDownloader.Agent.2706
TrojanDownloader.Agent.2705
TrojanDownloader.Agent.2704
TrojanDownloader.FraudLoad.407
TrojanDownloader.Tiny.364
TrojanDownloader.VB.983
TrojanDropper.Crypter.108
TrojanDropper.Crypter.107
TrojanDropper.Crypter.106
TrojanDropper.Crypter.105
TrojanDropper.Crypter.104
TrojanDropper.Joiner.148
TrojanSpy.VB.277
Vaklik.137
Vapsup.136
Worm.VB.225
Worm.Zhelatin.596
Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.
You should have 193298 rules.
http://www.misec.net/forum/board/RulesetUpdates/1224044783
Discussion is locked
22 Posts
- Collapse
- Collapse -
- Collapse -
Added detection of new variant of Win32/Cryptor, new variants of trojans Adload, Vundo, BackDoor.RBot.
October 15, 2008
http://www.grisoft.com/us.download-update
- Collapse -
infectors (329,981 variants of these including
trojans,worms,bots,hijackers,downloaders,spam proxies, rootkits, adware,
spyware,keyloggers,"dialers" and other malware in total) covered in
today's update for BOClean 4.27.
Please also note that if you ever miss an update (or several) the update
you collect includes **ALL** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.comodo.com/boclean/trolist.html
- Collapse -
330,069 variants of these including trojans, worms, bots, hijackers,
downloaders, spam proxies, rootkits, adware, spyware, keyloggers,
"dialers" and other malware in total) covered in today's update for
BOClean 4.27.
Please also note that if you ever miss an update (or several) the update
you collect includes ***ALL*** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.comodo.com/boclean/trolist.html
- Collapse -
VBS/Starter.Q, Win32/Adware.Antivirus2008 (2), Win32/Adware.GooochiBiz (2), Win32/Adware.Vapsup (7), Win32/Adware.Vapsup.AP, Win32/Adware.Virtumonde (2), Win32/Agent.NHE, Win32/Agent.NOV, Win32/Agent.OHT (2), Win32/Autoit.AG, Win32/AutoRun.Agent.G (2), Win32/AutoRun.Qhost.A, Win32/AutoRun.VB.A (2), Win32/AutoRun.VB.B (2), Win32/Injector.DY (2), Win32/PcClient (6), Win32/PcClient.IHJ, Win32/PSW.LdPinch.NCB (2), Win32/PSW.OnLineGames.NMP, Win32/PSW.OnLineGames.NMY, Win32/PSW.OnLineGames.NNU, Win32/PSW.OnLineGames.ODJ, Win32/PSW.OnLineGames.XTT, Win32/PSW.WOW.NEU (2), Win32/Qhost, Win32/Rbot, Win32/Spy.Agent.PZ (2), Win32/Spy.Banker.PQH (2), Win32/Srizbi (2), Win32/TrojanClicker.VB.NES (2), Win32/TrojanDownloader.Agent.OIP (2), Win32/TrojanDownloader.FakeAlert.IQ, Win32/TrojanDownloader.FakeAlert.IY (2), Win32/TrojanDownloader.FakeAlert.MJ (4), Win32/TrojanDownloader.Zlob.CRF, Win32/TrojanDropper.Agent.NOR (2), Win32/VB.NRA (2), Win32/Wigon
http://www.eset.eu/podpora/aktualizacia-3523?lng=en
http://www.eset.eu/support/update-xy1
- Collapse -
PHP/Zapchast.NAI, Win32/Adware.Cinmus (5), Win32/Adware.GooochiBiz (5), Win32/Adware.IeDefender.NHI (3), Win32/Adware.IeDefender.NHJ, Win32/Adware.IeDefender.NHK (2), Win32/Adware.SuperJuan (2), Win32/Adware.Virtumonde (3), Win32/Adware.Virtumonde.NBJ (4), Win32/Adware.VirusResponseLab (2), Win32/Agent.AGEH (2), Win32/Agent.DKR, Win32/Agent.ETH, Win32/Agent.ODG (2), Win32/Agent.OHU (2), Win32/Agent.OHV, Win32/AutoRun.ABH (3), Win32/AutoRun.Agent.A, Win32/AutoRun.Agent.H (2), Win32/AutoRun.Agent.I (2), Win32/AutoRun.Agent.J, Win32/AutoRun.Autoit.C (2), Win32/AutoRun.Delf.H, Win32/AutoRun.FlyStudio.F, Win32/AutoRun.NAH (2), Win32/AutoRun.Qhost.A, Win32/Banwor.NBY (7), Win32/BHO.NIJ, Win32/BHO.NIN (3), Win32/Delf.NNM (2), Win32/Hupigon.EHCW, Win32/PcClient (4), Win32/PSW.Lineage.DN, Win32/PSW.Lineage.NGS, Win32/PSW.OnLineGames.NMP (5), Win32/PSW.OnLineGames.NMY (10), Win32/PSW.OnLineGames.NNM (6), Win32/PSW.OnLineGames.NRS, Win32/PSW.OnLineGames.ODJ (5), Win32/PSW.WOW.CAN, Win32/PSW.WOW.NES (2), Win32/Spy.Delf.NLE, Win32/TrojanClicker.Agent.NEB, Win32/TrojanDownloader.Agent.OFZ (3), Win32/TrojanDownloader.Agent.OIQ (2), Win32/TrojanDownloader.Agent.OIR (2), Win32/TrojanDownloader.Delf.OIJ (2), Win32/TrojanDownloader.FakeAlert.IQ, Win32/TrojanDownloader.FakeAlert.IY (2), Win32/TrojanDownloader.FakeAlert.MK (2), Win32/TrojanDownloader.FakeAlert.ML (2), Win32/TrojanDownloader.Zlob.BXN, Win32/TrojanDownloader.Zlob.CPG, Win32/TrojanDownloader.Zlob.CRG (20), Win32/TrojanDropper.Agent.NJV (2), Win32/TrojanDropper.Agent.NOS, Win32/TrojanDropper.Delf.NIN, Win32/TrojanDropper.Delf.NJB (2), Win32/Wigon
http://www.eset.eu/podpora/aktualizacia-3524?lng=en
http://www.eset.eu/support/update-xy1
- Collapse -
Win32/Adware.Cinmus, Win32/Agent.LYB, Win32/Agent.NLI (8), Win32/Agent.NPP (2), Win32/Agent.NXU, Win32/Agent.OHW (2), Win32/Autoit.EH, Win32/AutoRun.Agent.K, Win32/AutoRun.Agent.L (2), Win32/Bagle.PQ, Win32/Bagle.PW (3), Win32/Bagle.PY, Win32/BHO.NHN (4), Win32/ComputerClubManager, Win32/Delf.CUR (2), Win32/Delf.NQA (2), Win32/Ivefound.AviPlayer (2), Win32/Pacex.Gen, Win32/PSW.OnLineGames.NMY (2), Win32/PSW.OnLineGames.NNM (4), Win32/PSW.OnLineGames.ODJ (2), Win32/Qhost (2), Win32/Qhost.NFX (2), Win32/Qhost.NFY (2), Win32/Sohanad.NCL, Win32/Spy.Banker.PQI (2), Win32/Spy.FlyStudio.ABN, Win32/TrojanClicker.Agent.NCZ (2), Win32/TrojanClicker.Agent.NEM, Win32/TrojanDownloader.Agent.OIS (2), Win32/TrojanDownloader.Bagle.NBF, Win32/TrojanDownloader.Delf.OIK (2), Win32/TrojanDownloader.FakeAlert.IQ, Win32/TrojanDownloader.FakeAlert.MM (2), Win32/TrojanDownloader.Zlob.CRH (20), Win32/TrojanDownloader.Zlob.CRI, Win32/TrojanDownloader.Zlob.CRJ, Win32/TrojanDropper.Agent.NJV, Win32/TrojanDropper.Agent.NOQ, Win32/TrojanDropper.Agent.NOT, Win32/TrojanDropper.Delf.NJC (2), Win32/TrojanProxy.Agent.NEO, Win32/TrojanProxy.Agent.NEP, Win32/VB.DFE (2), Win32/VB.NRB (3), Win32/Wigon.ET
http://www.eset.eu/podpora/aktualizacia-3525?lng=en
http://www.eset.eu/support/update-xy1
- Collapse -
Date: 15 Oct 2008
Time: 12:44 UTC+1
http://www.avira.com/en/pages/index.php
http://www.avira.com/en/threats/section/vdfhistory/index.html
- Collapse -
Virus Signature File
Wednesday, 15 October 2008
http://www.pandasecurity.com/homeusers/downloads/clients/?
- Collapse -
Windows | 1.8MB
Date posted October 15, 2008
Note: Please remember to uncheck any unwanted 3rd party toolbars/programs during installation.
Download: Pick the proper version for Flashplayer for your browser of choice. Do not confuse it with shockwave which is a different program.
http://www.adobe.com/shockwave/download/alternates/
Version check
http://www.adobe.com/products/flash/about/
- Collapse -
F-PROT Antivirus can as of 15 October 2008 detect a total of 1127783 worms, viruses and other malicious programs with its latest virus signature file.
http://www.f-prot.com/products/currentversions.html
Note: Although we cannot confirm it, the total detections on the site are the same as what was posted on 26th August 2008, BUT it is very likely that the actual program is being updated automatically at regular intervals even though the webpage isn't.
- Collapse -
Latest ClamAV? stable release is: 0.94
Total number of signatures: 446462
ClamAV Virus Databases:
main.cvd ver. 48 released on 04 Sep 2008 18:51 +0000
daily.cvd ver. 8430 released on 15 Oct 2008 12:57 +0000
http://www.clamav.net/
- Collapse -
Norton AntiVirus for Mac Defs released October 9
Symantec AntiVirus for Handhelds Defs released September 18
http://www.symantec.com/business/security_response/definitions/download/index.jsp
- Collapse -
Symantec AntiVirus
Norton AntiVirus 2006/2007
Virus Definitions created October 15
Virus Definitions released October 15
Defs Version: 101015c
Sequence Number: 86875
Extended Version: 10/15/2008 rev. 3
Total Detections (Threats & Risks): 2323890
http://www.symantec.com/business/security_response/definitions/download/index.jsp
- Collapse -
[quote]Current versions of the Belarc Advisor automatically check for, fetch, and install Belarc Advisor Security Definition updates at each use. We recommend that you get the latest version of the Advisor from
Belarc Advisor Download
and it will easily keep you up to date. The currently released Belarc Advisor Security Definition updates include all Microsoft security bulletins through October 14, 2008. This update ensures that the System Security Status panel in the computer profile report reflects the true number of missing Microsoft Security Updates.
[/quote]
http://www.belarc.com/advisor_update.html
- Collapse -
Adware
+ AdDestination + Winzix
Keylogger
+ Ardamax (2)
Malware
+ Fraud.SmartAntiVirus2009 (2) + Smitfraud-C. + Swizzor ++ TotalSecure2009 (2)
PUPS
++ SniffPass
Spyware
+ CommonName
Trojan
+ Bifrose.LA + Refpron (2) + Virtumonde.sdn + Win32.Agent.cmn + Win32.Agent.wo ++ Win32.Bifrose.zxe + Win32.Exchanger.ch + Win32.Small.axy + Win32.Sohanad.as ++ Win32.VB.atg ++ Win32.VB.bda ++ Win32.WPA_Kill.AK + Zlob.Downloader + Zlob.Downloader.vdt + Zlob.Downloader.wet
Total: 1148843 fingerprints in 286076 rules for 4310 products.
http://www.safer-networking.org/en/home/index.html
Please remember to Re-Immunize after updating!
- Collapse -
Super DATs 5406 - 10/15/08
http://www.mcafee.com/apps/downloads/secur...amp;segment=smb
http://vil.nai.com/vil/datreadme.aspx
- Collapse -
Definition Version: 1.45.430.0
Engine Version: 1.1.4005.0
Product Info: Windows Defender
Available via Windows updates or the program updater
NOTE: Users who have not received the update within the program or MU or WU and wish to update manually, go to Microsoft Malware Protection Center Portal website to download the definitions. That is one of the features of their malware protection center portal... to allow manual download of the definitions for users who have trouble in getting the updates due to some reason or for users who administer computers and want to deploy defs updates offline.
Note: that this is not a daily Windows Defender update form the portal.
Windows Defender version: 1.1.1593.0 XP-32 bit system
Windows Defender version: 1.1.1505.0 Vista-32 bit system
Windows Defender version: 1.1.1600.0 Vista SP1
- Collapse -
http://www.avast.com/eng/updates.html
http://www.avast.com/eng/vps_history.html
- Collapse -
Signature update
484 Signatures: 243 Trojans, 17 Spywares, 4 Worms, 220 Traces
http://www.emsisoft.com/a2/changelog/free/
http://www.emsisoft.com/en/support/malware/
- Collapse -
Update time: Thu Oct 16 01:21:45 2008
Signature number: 1738029
Update time GMT: 1224102105
Version: 7.21286
http://download.bitdefender.com/updates/bitdefender_v8/plugins/update.txt
- Collapse -
Core Definitions 3599 - 10/15/2008 05:51PM PDT
Trace Definitions 1585 - 10/15/2008 05:51PMPDT
http://www.superantispyware.com/definitions.html
CNET Forums
Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Roadshow Autos
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic