Spyware, Viruses, & Security forum

General discussion

UPDATES - October 26, 2006

by roddy32 / October 25, 2006 7:25 PM PDT
BOClean FILEDATE: 10/26/06 - 04:10:35 (US EDT) (08:10:35 UTC)
FIFTEEN new nasties for a total of 16212 UNIQUE infectors (190,697 variants including trojans, worms, bots, hijackers, downloaders, spam proxies, rootkits, adware, spyware, keyloggers, "dialers" and other malware in total) covered in today's update for BOClean 4.22. BOClean 4.21 and earlier are no longer supported and MUST be upgraded.
http://www.nsclean.com/trolist.html
Discussion is locked
You are posting a reply to: UPDATES - October 26, 2006
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: UPDATES - October 26, 2006
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Update AVG 7.5 - AVI 268.13.11/ 498
by roddy32 / October 25, 2006 8:34 PM PDT
Collapse -
AVG Anti-Virus 7 Update - AVI 268.13.12 / IAVI 0499
by Marianna Schmudlach / October 26, 2006 12:48 AM PDT

--- AVG Anti-Virus Update ---
(10/26/2006)

********************************
** AVG Anti-Virus 7 **
********************************

--- information about Update ---

Update Summary:

- added new variants of I-Worm/Stration

Collapse -
AVG Anti-Virus 7 Update - AVI 268.13.13 / IAVI 0500
by Marianna Schmudlach / October 26, 2006 12:49 AM PDT

--- AVG Anti-Virus Update ---
(10/26/2006)

********************************
** AVG Anti-Virus 7 **
********************************

--- information about Update ---

Update Summary:

- added new variants of I-Worm/Stration

Collapse -
AVG Anti-Virus 7 Update - AVI 268.13.14 / IAVI 0501
by Marianna Schmudlach / October 26, 2006 7:02 AM PDT

--- AVG Anti-Virus Update ---
(10/26/2006)

********************************
** AVG Anti-Virus 7 **
********************************

--- information about Update ---

Update Summary:

- added new variants of I-Worm/Stration
- added new variants of trojan PSW.Banker

Collapse -
Corrupt Update
by auggief / October 26, 2006 7:05 AM PDT

When I did this last update, it was corrupted and the only way I could handle it was to uninstall and reinstall AVG Free

Collapse -
TrojanHunter 4.6 Ruleset Update - Oct 25, 2006
by roddy32 / October 25, 2006 9:19 PM PDT

An updated TrojanHunter ruleset is available. This update adds at least 69 new trojan definitions:

Agent.900
Agent.899
IM-Worm.Licat.108
PWSteal.Nilage.109
TrojanClicker.Agent.172
TrojanDownloader.Agent.846
TrojanDownloader.Delf.466
TrojanDownloader.Small.896
TrojanProxy.Slaper.102
Worm.Warezof.198
Worm.Warezof.197
Worm.Warezof.196
Worm.Warezof.195
Worm.Warezof.194
Worm.Warezof.193
ZlobDropper.362
ZlobDropper.361
ZlobDropper.360
TrojanClicker.Agent.171
Adware.BHO.135
Adware.LinkOptimizer.124
Adware.PurityScan.327
Adware.VB.105
Adware.Virtumonde.283
Adware.Virtumonde.282
Agent.898
Delf.457
Hoax.Renos.195
Hupigon.549
Hupigon.548
Hupigon.547
PWSteal.Agent.220
PWSteal.Delf.242
PWSteal.Hangame.119
PWSteal.Hangame.118
PWSteal.Hangame.117
PWSteal.Nilage.108
PWSteal.Nilage.107
PWSteal.Sinowal.131
PWSteal.WOW.210
Rbot.1228
Rootkit.Vanti.134
SDBot.846
Small.327
Small.326
Small.325
TrojanDownloader.AdLoad.365
TrojanDownloader.Agent.845
TrojanDownloader.Delf.465
TrojanDownloader.Delf.464
TrojanDownloader.Delf.463
TrojanDownloader.Nurech.105
TrojanDownloader.Zlob.663
TrojanDropper.Agent.380
TrojanDropper.Peerad.100
TrojanSpy.Bancos.398
TrojanSpy.Banker.1305
TrojanSpy.Haxspy.124
Worm.Antinny.104
Worm.Antinny.103
Worm.Antinny.102
Worm.Warezof.192
Adware.LinkOptimizer.123
Adware.LinkOptimizer.122
Agent.897
Agent.896
Agent.895
Agent.894
Gload.101

Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.


You should have 89603 rules
http://www.misec.net/forum/board/RulesetUpdates/1161826380

Collapse -
F-Prot
by roddy32 / October 25, 2006 10:28 PM PDT
Latest virus signature files:
Application/Script viruses and Trojans 26th October 2006
Document/Office/Macro viruses 26th October 2006
The latest versions of F-Prot Antivirus can detect a total of 330159 worms, viruses and other malicious programs with these latest virus signature files.
http://www.f-prot.com/products/currentversions.html
Collapse -
BOCLean INTRADAY update notice
by roddy32 / October 26, 2006 12:27 AM PDT
FILEDATE: 10/26/06 - 09:33:16 (US EDT) (13:33:16 UTC)
SEVEN MORE new nasties for a total of 16219 UNIQUE infectors (190,745 variants including trojans, worms, bots, hijackers, downloaders, spam proxies, rootkits, adware, spyware, keyloggers, "dialers" and other malware in total) covered in today's update for BOClean 4.22. BOClean 4.21 and earlier are no longer supported and MUST be upgraded.
http://www.nsclean.com/trolist.html
Collapse -
Ad-aware Definition File Update [SE1R129] 26.10.06
by Marianna Schmudlach / October 26, 2006 1:45 AM PDT

SE1R129 26.10.2006 is now available, new definition file for Ad-Aware SE.

Due to the fact that FunWeb has made requested changes in the behavior of their program, their TAC (Threat Analysis Chart) has been reduced. FunWeb is currently under a two week probation period

New definitions:
====================
Adware.AskBar_HOLD +6
AntispywareSoldier +4
PestCapture + 6
SpyDefence + 5
SpyNoMore + 3
Win32.Trojan.Klone + 3
Win32.Trojan.MatrixHasYou +36
Win32.Worm.Warezov +8

Updated definitions:
====================
Adware.Adhelper +3
Adware.BHO(generic) +7
Adware.DesktopMedia +2
Adware.DollarRevenue
Adware.VB
Adware.WeirWeb
Adware.ZenoSearch +2
ErrorSafe +16
Lop +15
Malware.Hacktool
SahAgent +6
SurfSideKick +3
Tracking Cookie +3
Win32.Backdoor.Agent +8
Win32.Dialer.Trojan +3
Win32.Generic.PWS +19
Win32.Nukers
Win32.Trojan.Agent +16
Win32.Trojan.Delf +4
Win32.Trojan.Downloader + 24
Win32.Trojan.Hexdoor
Win32.Trojan.Qhost +3
Win32.Trojan.Spy +2
Win32.Trojan.StartPage
Win32.TrojanClicker +4
Win32.TrojanDownloader.Agent +8
Win32.TrojanDownloader.ConHook
Win32.TrojanDownloader.Delf +10
Win32.TrojanDownloader.Small +4
Win32.TrojanDownloader.Swizzor.br +9
Win32.Trojandownloader.Zlob +15
Win32.TrojanDropper +4
Win32.TrojanProxy.Agent
Win32.Trojan-PSW.Lineage +13
Win32.TrojanSpy.Banker +5
Win32.TrojanSpy.Goldun +4
Win32.Worm.MSNMaker +3
Win32.Worm.Viking +5
Winfixer
Virtumonde +50
Zango + 9

MD5 checksum is 2a9042d3cf6e21ff55bc9a23293a1e5b

http://www.lavasoftsupport.com/index.php?showtopic=4340

Collapse -
Marianna, there's ANOTHER update for 26.10.2006.
by Harv / October 26, 2006 6:30 AM PDT

Internal Build 160.

Marianna, when I Select a scan mode, I've been unchecking Search for low-risk threats. Since they are low-risk, my thinking is that it's a waste of time scanning for them. What is your opinion on this subject?

Collapse -
One More Newer Build 161.. As To "Low Risk Threats'..
by Grif Thomas Forum moderator / October 26, 2006 7:02 AM PDT

..Not Marianna, but I enable the "Low Risk Threats" scanning but disable the "Neglible Risk Entries" option.(Generally MRU's are detected in this section which aren't a problem for me.) If there happens to be a problem scanning with "Low Risk Threats" enabled, (slow downs or hangs), then I will disable it.. Short of that, I leave it enabled so it will detect any junk on the machine.
_____________________________

Showing in my "Details" screen:


Definitions File Loaded:

Reference Number : SE1R129 26.10.2006
Internal build : 161
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 824451 Bytes
Total size : 2657846 Bytes
Signature data size : 2608407 Bytes
Reference data size : 48927 Bytes
Signatures total : 71159
CSI Fingerprints total : 4290
CSI data size : 184147 Bytes
Target categories : 15
Target families : 1004
________

Hope this helps.

Grif

Collapse -
Thanks for the advice, Grif.
by Harv / October 26, 2006 8:07 AM PDT

Ad-Aware scans always stop at TypeLib and resume about a minute later. But, I'll heed your advice and leave low-risk threats checked.

Lately, I notice that when there's an Ad-aware update, there are more than one for the same date. What gives?

Collapse -
(NT) (NT) They're Just Fickled I Guess??
by Grif Thomas Forum moderator / October 26, 2006 3:34 PM PDT
Collapse -
Harv, Thanks :)
by Marianna Schmudlach / October 26, 2006 7:10 AM PDT

yes, there is another update because of F\P

Have a look here:

A new definition file now available for download.

SE1R129 26.10.2006

This fixes the false positive in Errorsafe

MD5 checksum is 213555c0ab7f6166be064ac037f5d80a

Please accept our sincerest apologies.


http://www.lavasoftsupport.com/index.php?showtopic=4342

My built is now: 161.

I also have disabled: "Neglible Risk Entries" option.

Collapse -
Ad-aware - SE1R129 26.10.2006 is now available,
by Marianna Schmudlach / October 26, 2006 7:32 AM PDT

SE1R129 26.10.2006 is now available, new definition file for Ad-Aware SE.

This fixes the false positive in Errorsafe

MD5 checksum is 213555c0ab7f6166be064ac037f5d80a

Collapse -
I Believe/Suggest We Need to Include Adaware Build #......
by tobeach / October 26, 2006 5:02 PM PDT

in the description of the release in addition to the R129 & date. With so many re-releases of new build under same R # & date, particularly for those who check for update only once per week or so....if they don't have newer build # available they may well run a week or more with the FP version. Even if they check here, they need to be sure which is the "right" one to have. If it can't be in the copy & paste part, perhaps in the post subject? Note not much room left already in the 60 character limit.
I think this would help. Happy

Collapse -
avast! 4.x VPS (released: 26.10.2006, version: 0643-5)
by roddy32 / October 26, 2006 2:30 AM PDT
Popular Forums
icon
Computer Help 51,912 discussions
icon
Computer Newbies 10,498 discussions
icon
Laptops 20,411 discussions
icon
Security 30,882 discussions
icon
TVs & Home Theaters 21,253 discussions
icon
Windows 10 1,672 discussions
icon
Phones 16,494 discussions
icon
Windows 7 7,855 discussions
icon
Networking & Wireless 15,504 discussions

REVIEW

Meet the drop-resistant Moto Z2 Force

The Moto Z2 Force is really thin, with a fast processor and great battery life. It can survive drops without shattering.