Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

UPDATES - October 21, 2008

by roddy32 Oct 20, 2008 9:38PM PDT
TrojanHunter 5.0 Ruleset Update - Oct 20, 2008

An updated TrojanHunter ruleset is available. This update adds 30 new trojan definitions:

Agent.3053
Agent.3052
Agent.3051
Agent.3050
Bulknet.118
Delf.1111
Delf.1110
Delf.1109
FakeAlert.205
FraudTool.AntiSpywarePro.102
Monder.325
Monder.324
Monder.323
Oderoor.105
PWSteal.Magania.314
TrojanClicker.Agent.396
TrojanClicker.Delf.209
TrojanDownloader.Agent.2716
TrojanDownloader.CodecPack.124
TrojanDownloader.CodecPack.123
TrojanDownloader.Obfuscated.155
TrojanDownloader.Tibs.309
TrojanDownloader.Tiny.365
TrojanDownloader.Zlob.1664
TrojanDownloader.Zlob.1663
TrojanDownloader.Zlob.1662
TrojanDropper.Delf.765
TrojanDropper.VB.353
UltimateDefender.108
VB.1293

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.

You should have 194086 rules.

False possible positive fixed, should see 194085 now
http://www.misec.net/forum/board/RulesetUpdates/1224562854

Discussion is locked

23 Posts
- Collapse + Expand Details
- Collapse -
AntiVir Version: 7.00.07.68
by roddy32 Oct 20, 2008 10:03PM PDT
- Collapse -
Ad-Aware defs update
by roddy32 Oct 20, 2008 10:13PM PDT
0132.0000 - October 21, 2008

New definitions:
====================
PCDefender2008
SymbOS.Trojan.Smsanywher
Win32.Backdoor.Cowrat
Win32.Backdoor.Eklips
Win32.Backdoor.FatBot
Win32.Backdoor.Psyche
Win32.Backdoor.Reklam
Win32.Backdoor.Spyche
Win32.Trojan.Meslice
Win32.Trojan-Dropper.Binder
Win32.TrojanDropper.BingoVid
Win32.TrojanDropper.Ppink
Win32.TrojanDropper.Startline
WiniGuard

Updated definitions:
====================
AdRotator
Adware.Agent
Adware.BHO(generic)
Adware.Ejik
Adware.MyWay
Adware.NaviPromo
Adware.NetAdware
Adware.SmartShopper
Adware.SuperJuan
Adware.VirtualNetwork
AntiMalware2009
AntispywareProXP
AntiVirus 2008
Antivirus2009
Ardamax Keylogger
Dialer
FakeAlert
I-Kerberos
Malware Protector 2008
MSAntivirus
MyWebSearch
PCPrivacyCleaner
Perflogger
PowerAntiVirus2009
SecureExpertCleaner
SpyGuarder
Toolbar.iWon
TotalSecure2009
WhenU.SaveNow
Win32.AdWare.Cinmus
Win32.Backdoor.Agent
Win32.Backdoor.Agobot
Win32.Backdoor.Bandok
Win32.Backdoor.Bifrose
Win32.Backdoor.Bot
Win32.Backdoor.ceBot
Win32.Backdoor.Celofot
Win32.Backdoor.CiaDoor
Win32.Backdoor.Delf
Win32.Backdoor.FC
Win32.Backdoor.Frauder
Win32.Backdoor.GGDoor
Win32.Backdoor.GrayBird
Win32.Backdoor.HacDef
Win32.Backdoor.Hupigon
Win32.Backdoor.IRCBot
Win32.Backdoor.Joleee
Win32.Backdoor.MocBot
Win32.Backdoor.MoSucker
Win32.Backdoor.NewRest
Win32.Backdoor.Nuclear
Win32.Backdoor.Oderoor
Win32.Backdoor.PcClient
Win32.Backdoor.Poison
Win32.Backdoor.PoisonIvy
Win32.Backdoor.Prorat
Win32.Backdoor.Prosti
Win32.Backdoor.RBot
Win32.Backdoor.SDBot
Win32.Backdoor.Shark
Win32.Backdoor.Sinowal
Win32.Backdoor.Small
Win32.Backdoor.TDSS
Win32.Backdoor.Turkojan
Win32.Backdoor.UltimateDefender
Win32.Backdoor.VanBot
Win32.Backdoor.VB
Win32.Backdoor.Xhaker
Win32.Dialer.Trojan
Win32.Exploit.Pidief
Win32.Generic.PWS
Win32.Generic.Worm
Win32.IMFlooder.VB
Win32.Monitor.WinSpy
Win32.P2PWorm.Agent
Win32.Rootkit.Agent
Win32.Trojan.Agent
Win32.Trojan.AntiAVG
Win32.Trojan.Autorun
Win32.Trojan.BHO
Win32.Trojan.Boaxxe
Win32.Trojan.Buzus
Win32.Trojan.Crypt
Win32.Trojan.Delf
win32.Trojan.Dnschanger
Win32.Trojan.ExplorerHijack
Win32.Trojan.Fraudpack
Win32.Trojan.IFramer
Win32.Trojan.Ikmet
Win32.Trojan.Inject
Win32.Trojan.Jevafus
Win32.Trojan.KillFiles
Win32.Trojan.Kobcka
Win32.Trojan.Mailfinder
Win32.Trojan.Midgare
Win32.Trojan.Monder
Win32.Trojan.Noupdate
Win32.Trojan.Obfuscated
Win32.Trojan.Packed
Win32.Trojan.Pakes
Win32.Trojan.Qhost
Win32.Trojan.Shutdowner
Win32.Trojan.Silentbanker
Win32.Trojan.Skintrim
Win32.Trojan.Small
Win32.Trojan.Smallgame
Win32.Trojan.Spy
Win32.Trojan.StartPage
Win32.Trojan.SubSys
Win32.Trojan.TDss
Win32.Trojan.Vaklik
Win32.Trojan.Vapsup
Win32.Trojan.VB
Win32.Trojan.Virtl
Win32.TrojanClicker
Win32.TrojanClicker.BHO
Win32.TrojanClicker.Delf
Win32.TrojanClicker.Small
Win32.TrojanClicker.VB
Win32.TrojanDownloader.Adload
Win32.TrojanDownloader.Agent
Win32.TrojanDownloader.Bagle
Win32.TrojanDownloader.Banload
Win32.TrojanDownloader.BHO
Win32.TrojanDownloader.Busky
Win32.TrojanDownloader.CodecPack
Win32.TrojanDownloader.Dadobra
Win32.TrojanDownloader.Delf
Win32.TrojanDownloader.Exchanger
Win32.TrojanDownloader.FakeAlert
Win32.TrojanDownloader.Femad
Win32.TrojanDownloader.FlyStudio
Win32.TrojanDownloader.FraudLoad
Win32.TrojanDownloader.Hmir
Win32.TrojanDownloader.Humor
Win32.TrojanDownloader.Injecter
Win32.TrojanDownloader.Mutant
Win32.TrojanDownloader.NewMedia
Win32.TrojanDownloader.Obfuscated
Win32.TrojanDownloader.Peregar
Win32.TrojanDownloader.QQHelper
Win32.TrojanDownloader.Small
Win32.TrojanDownloader.Swizzor.bo
Win32.TrojanDownloader.Tibs
Win32.TrojanDownloader.Tiny
Win32.TrojanDownloader.VB
Win32.Trojandownloader.Zlob
Win32.TrojanDropper
Win32.Trojan-Dropper.BHO
Win32.Trojan-Dropper.Crypter
Win32.Trojan-Dropper.Cutwail
Win32.Trojan-Dropper.Danseed
Win32.Trojan-Dropper.Delf
Win32.Trojan-Dropper.Dorn
Win32.TrojanDropper.FakeAV
Win32.TrojanDropper.Flystud
Win32.TrojanDropper.KGen
Win32.Trojan-Dropper.Kobcka
Win32.Trojan-Dropper.MSWord.Agent
Win32.Trojan-Dropper.MuDrop
Win32.Trojan-Dropper.Muldrop
Win32.TrojanDropper.Multidropper
Win32.TrojanDropper.Mutant
Win32.TrojanDropper.Parsi
Win32.TrojanDropper.Small
Win32.Trojan-Dropper.Tiny
Win32.TrojanDropper.VB
Win32.TrojanProxy.Agent.dl
Win32.TrojanProxy.Dlena
Win32.TrojanPWS.ICQ
Win32.Trojan-PWS.IMMultiPass
Win32.TrojanPWS.LdPinch
Win32.TrojanPWS.Magania
Win32.Trojan-PWS.Mapler
Win32.TrojanPWS.OnlineGames
Win32.TrojanPWS.Papras
Win32.TrojanPWS.QQPass
Win32.Trojan-PWS.QQShou
Win32.TrojanPWS.Small
Win32.TrojanPWS.Steam
Win32.Trojan-PWS.Tibia
Win32.TrojanPWS.VB
Win32.TrojanPWS.WebMoner
Win32.TrojanPWS.WOW
Win32.TrojanRansom.Hexzone
Win32.TrojanSpy.Banbra
Win32.TrojanSpy.Bancos
Win32.TrojanSpy.Banker
Win32.TrojanSpy.Delf
Win32.TrojanSpy.Flux
Win32.TrojanSpy.Goldun
Win32.TrojanSpy.Pophot
Win32.TrojanSpy.Proagent
Win32.TrojanSpy.Small
Win32.TrojanSpy.VB
Win32.TrojanSpy.Zbot
Win32.Worm.Agent
Win32.Worm.Allaple
Win32.Worm.AutoIt
Win32.Worm.Autorun
Win32.Worm.Kelvir
Win32.Worm.Kolab
Win32.Worm.Mytob
Win32.Worm.Rokut
Win32.Worm.Slenfbot
Win32.Worm.Sohanad
Win32.Worm.Warezov
Win32.Worm.VB
Win32.Worm.Zhelatin
Virtumonde
VirusProtectPro
XPSecurityCenter

MD5 checksum is 00952d2d0b9cf8b1098155695ada0bdf for core.aawdef
MD5 checksum is 6ea0508e26a32db6fb4bb9a9d92b13a6 for defs.ref

http://www.lavasoft.com/support/securitycenter/blog/?p=304#more-304
- Collapse -
AVG - AVI: 270.8.2 /1737
by roddy32 Oct 20, 2008 10:31PM PDT
- Collapse -
AVG - AVI: 270.8.2 /1738
by roddy32 Oct 21, 2008 2:59AM PDT
- Collapse -
NOD32 - 3541 (20081021)
by roddy32 Oct 20, 2008 10:46PM PDT
2008-10-21 11:26
HTML/Exploit.IESlice.BT, JS/TrojanDownloader.Agent.NHJ, JS/TrojanDownloader.Agent.NID (2), PDF/Exploit.Pidief.NDD, SWF/TrojanDownloader.Agent.NAD (2), Win32/Adware.AntivirusPlasma, Win32/Adware.Cinmus, Win32/Adware.Vapsup (10), Win32/Adware.XPSecurityCenter (2), Win32/Agent.ODG (7), Win32/Bagle.QA (2), Win32/Delf.NQJ (2), Win32/Injector.DZ (2), Win32/Kryptik.AU, Win32/Pacex.Gen, Win32/PSW.OnLineGames.NMP, Win32/PSW.OnLineGames.NNM (2), Win32/PSW.OnLineGames.NNU (5), Win32/PSW.OnLineGames.NPZ, Win32/PSW.OnLineGames.NRF, Win32/PSW.OnLineGames.NXI (15), Win32/PSW.OnLineGames.NXL, Win32/PSW.OnLineGames.ODJ (4), Win32/PSW.OnLineGames.ODY, Win32/PSW.OnLineGames.XTT (4), Win32/Spy.Agent.NJT, Win32/Spy.Banker.PQZ (2), Win32/Spy.Banker.PRA, Win32/TrojanDownloader.Wigon.AW (2), Win32/TrojanDownloader.Zlob.CRZ, Win32/TrojanDownloader.Zlob.CSA (20), Win32/TrojanDropper.Agent.NJV, Win32/TrojanDropper.VB.NFD (2)
http://www.eset.eu/podpora/aktualizacia-3541?lng=en
http://www.eset.eu/support/update-xy1
- Collapse -
NOD32 - 3542 (20081021)
by roddy32 Oct 21, 2008 1:18AM PDT
2008-10-21 16:11
JS/Exploit.Pdfka.W, JS/TrojanDownloader.Agent.NIE, PDF/Exploit.Pidief.NDE, SWF/TrojanDownloader.Agent.NAD (2), VBS/AutoRun.AR (2), VBS/TrojanDownloader.Agent.NAO, W97M/Exploit.MS07-014.A, W97M/TrojanDropper.Agent.CB, W97M/TrojanDropper.Agent.DF (2), Win32/Adware.BHO.NEP (2), Win32/Adware.Coolezweb (2), Win32/Adware.GooochiBiz (2), Win32/Adware.IeDefender.NHA, Win32/Adware.IESuper, Win32/Adware.NaviPromo (2), Win32/Adware.PCProtectionCenter (3), Win32/Adware.UltimateDefender (2), Win32/Adware.Vapsup (9), Win32/Adware.Vapsup.AU, Win32/Adware.Virtumonde (3), Win32/Adware.Virtumonde.FP, Win32/Adware.WSearch (2), Win32/Agent.NPS, Win32/Agent.ODG (7), Win32/Agent.ODK, Win32/Agent.OIK (3), Win32/Agent.OIL, Win32/AutoRun.ADC, Win32/AutoRun.ADE, Win32/AutoRun.Agent.R, Win32/AutoRun.Delf.I (4), Win32/AutoRun.Delf.K, Win32/AutoRun.Delf.L (2), Win32/AutoRun.FakeAlert.F, Win32/BHO.NIS (2), Win32/BHO.NIT, Win32/BHO.NIU, Win32/BlackHole, Win32/Delf.NKR (3), Win32/Delf.NKS, Win32/Delf.NKT (2), Win32/Delf.NQK, Win32/Delf.NQL, Win32/Delf.NQM, Win32/Dialer.GFP (2), Win32/Dialer.InstantAccess.NAE, Win32/Hupigon (4), Win32/Hupigon.NGU, Win32/Hupigon.NJQ, Win32/IRCBot.AJX, Win32/Obfuscated.NCE, Win32/PcClient (3), Win32/Prosti.NAH (2), Win32/PSW.Agent.NIA (4), Win32/PSW.Agent.NIM, Win32/PSW.Legendmir.NFY, Win32/PSW.Legendmir.NGG, Win32/PSW.OnLineGames.NMP, Win32/PSW.OnLineGames.NMY, Win32/PSW.OnLineGames.NNM (4), Win32/PSW.OnLineGames.NQM (2), Win32/PSW.OnLineGames.NRD (4), Win32/PSW.OnLineGames.NRF (4), Win32/PSW.OnLineGames.NRS (2), Win32/PSW.OnLineGames.ODY (6), Win32/PSW.WOW.CAN, Win32/PSW.WOW.CEE, Win32/PSW.WOW.CEZ (3), Win32/Rootkit.Agent.ABU, Win32/Spy.Agent.NJB, Win32/Spy.Banker.PQG (2), Win32/Spy.Delf.NLM, Win32/Spy.Delf.NLN (2), Win32/Spy.Spybox.B (2), Win32/TrojanClicker.Agent.NEB, Win32/TrojanDownloader.Agent.OJE (2), Win32/TrojanDownloader.Agent.OJF, Win32/TrojanDownloader.FakeAlert.GU (2), Win32/TrojanDownloader.FakeAlert.IQ, Win32/TrojanDownloader.FakeAlert.NB, Win32/TrojanDownloader.FakeAlert.NC (4), Win32/TrojanDownloader.Small.OGF, Win32/TrojanDownloader.VB.NQS, Win32/TrojanDownloader.Zlob.CSB, Win32/TrojanDownloader.Zlob.CSC, Win32/TrojanDownloader.Zlob.CSD (20), Win32/TrojanDownloader.Zlob.CSE (6), Win32/TrojanDropper.Agent.NOU, Win32/TrojanDropper.Delf.NJE (2), Win32/VB.DZK (2), Win32/VB.NRD (2), Win32/VB.NRE (2), Win32/Wigon.GJ (2), X97M/TrojanDropper.Agent.AE
http://www.eset.eu/podpora/aktualizacia-3542?lng=en
http://www.eset.eu/support/update-xy1
- Collapse -
NOD32 - 3543 (20081021)
by roddy32 Oct 21, 2008 3:07AM PDT
2008-10-21 17:48
Win32/Adware.WSearch (4), Win32/Agent.OIM (2), Win32/AutoRun.Autoit.F (2), Win32/CCProxy (2), Win32/Dialer.GFP, Win32/Hupigon, Win32/Mebroot.V (2), Win32/PcClient (6), Win32/Prosti.NAI (3), Win32/PSW.OnLineGames.NMP, Win32/PSW.OnLineGames.NRQ (2), Win32/PSW.Small.NAF, Win32/PSW.WOW.CDN, Win32/Spy.BZub, Win32/Spy.BZub.NFR (2), Win32/TrojanClicker.Agent.NEB, Win32/TrojanClicker.Delf.NEP, Win32/TrojanDownloader.FakeAlert.ND (5), Win32/TrojanDownloader.FakeAlert.NE (2), Win32/TrojanDownloader.Small.AJXS, Win32/TrojanProxy.Small.NCG (2), Win32/VB.NRF, Win32/VB.ZD
http://www.eset.eu/podpora/aktualizacia-3543?lng=en
http://www.eset.eu/support/update-xy1
- Collapse -
NOD32 - 3544 (20081021)
by roddy32 Oct 21, 2008 7:57AM PDT
2008-10-21 21:50
Win32/Adware.BHO.NEQ (2), Win32/Adware.XLGuarder.D, Win32/Adware.XLGuarder.E, Win32/AutoRun.Agent.S (2), Win32/Delf.MNO, Win32/Delf.NQN (3), Win32/PcClient (3), Win32/PcClient.PML (2), Win32/Prosti.C, Win32/PSW.Agent.NIM, Win32/PSW.OnLineGames.NRD (8), Win32/PSW.OnLineGames.NRI, Win32/PSW.OnLineGames.ODW, Win32/PSW.QQRob.NBK, Win32/Spy.Banker.PRB (2), Win32/Spy.Banker.PRC (2), Win32/TrojanDownloader.Small.AWA
http://www.eset.eu/podpora/aktualizacia-3544?lng=en
http://www.eset.eu/support/update-xy1
- Collapse -
McAfee Daily #5410
by roddy32 Oct 20, 2008 11:15PM PDT

[quote]
The 5410 dat files have been released early due to a DAT Issue Emergency with the
5409 DAT Files.

The reason for this DAT Issue Emergency is a false detection (PWS-LegMir) on the following file:

Filename: conime.exe
MD5: F96EBC5A624349D81DCC7600A3C5DC43
Association: Microsoft Windows Vista

The VIL has been updated to reflect information on this issue: http://vil.nai.com/vil/content/v_100683.htm

The various 5410 dat file packages can be found at
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

[/quote]

Note:. This quote is from an e-mail notice

DATs 5410 - 10/21/08
Super DATs 5410 - 10/21/08
http://www.mcafee.com/apps/downloads/secur...amp;segment=smb
http://vil.nai.com/vil/datreadme.aspx

- Collapse -
McAfee Daily #5411
by roddy32 Oct 21, 2008 4:47AM PDT
- Collapse -
Opera 9.61 released October 21, 2008
by roddy32 Oct 20, 2008 11:28PM PDT
- Collapse -
ClamAV #8460
by roddy32 Oct 20, 2008 11:59PM PDT

Latest ClamAV? stable release is: 0.94
Total number of signatures: 449032
ClamAV Virus Databases:
main.cvd ver. 48 released on 04 Sep 2008 18:51 +0000
daily.cvd ver. 8460 released on 21 Oct 2008 13:19 +0000
http://www.clamav.net/

- Collapse -
Panda
by roddy32 Oct 21, 2008 12:05AM PDT
- Collapse -
Panda - 10/22/2008
by roddy32 Oct 21, 2008 8:38AM PDT
- Collapse -
F-Prot
by roddy32 Oct 21, 2008 12:41AM PDT

F-PROT Antivirus can as of 21 October 2008 detect a total of 1127783 worms, viruses and other malicious programs with its latest virus signature file.
http://www.f-prot.com/products/currentversions.html

Note: The total detections on the site are the same as what was posted on 26th August 2008, BUT Although we cannot confirm it, it is very likely that the actual program is being updated automatically at regular intervals even though the webpage isn't.

- Collapse -
AVG "Free" Program update 8.0.0175
by roddy32 Oct 21, 2008 12:53AM PDT
- Collapse -
BOClean FILEDATE: 2008-10-21 14:49:27 (UTC)
by roddy32 Oct 21, 2008 1:13AM PDT
FORTY-SIX new nasties for a total of 63693 *UNIQUE* infectors (
330,537 variants of these including trojans, worms, bots, hijackers,
downloaders, spam proxies, rootkits, adware, spyware, keyloggers,
"dialers" and other malware in total) covered in today's update for
BOClean 4.27.

Please also note that if you ever miss an update (or several) the update
you collect includes ***ALL*** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.comodo.com/boclean/trolist.html
- Collapse -
BOClean FILE DATE : 2008-10-21 16:12:26 (UTC)
by roddy32 Oct 21, 2008 3:23AM PDT
SIXTY NINE new nasties for a total of 63,762**UNIQUE**
infectors (330,634 variants of these including
trojans,worms,bots,hijackers,downloaders,spam proxies, rootkits, adware,
spyware,keyloggers,"dialers" and other malware in total) covered in
today's update for BOClean 4.27.

Please also note that if you ever miss an update (or several) the update
you collect includes **ALL** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.comodo.com/boclean/trolist.html
- Collapse -
Added later to TrojanHunter update
by roddy32 Oct 21, 2008 2:40AM PDT
Also added later 194119 for LiveUpdate only

Agent.3055
Agent.3054
PWSteal.OnLineGames.1308
TDSS.112
TrojanDownloader.Agent.2717
TrojanDownloader.Bagle.160
TrojanDownloader.Renos.118
TrojanDropper.Agent.1023
TrojanDropper.Delf.767
TrojanDropper.Delf.766
TrojanSpy.IeSpy.116
TrojanSpy.Pophot.111
Worm.Agent.173
http://www.misec.net/forum/board/RulesetUpdates;action=display;num=1224562854
- Collapse -
NAV Daily
by roddy32 Oct 21, 2008 3:08AM PDT
- Collapse -
avast! 4.x VPS (released: 21.10.2008, version: 081021-0)
by roddy32 Oct 21, 2008 3:26AM PDT
- Collapse -
a-squared signature update
by roddy32 Oct 21, 2008 4:53AM PDT
- Collapse -
Bit Defender - 10/22/2008 - 00:22
by roddy32 Oct 21, 2008 8:10AM PDT
Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info