Added detection of new variant of Worm/Autoit, new variants of trojans BackDoor.IRCBot, FakeAlert, Pakes.
October 30, 2008
http://www.grisoft.com/us.download-update
 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
General discussion
UPDATES - October 30, 2008
An updated TrojanHunter ruleset is available. This update adds 28 new trojan definitions:
Adware.NaviPromo.178
Agent.3074
Agent.3073
Bredolab.100
FakeAlert.212
Obfuscated.487
Pakes.534
PWSteal.OnLineGames.1365
PWSteal.QQPass.197
PWSteal.QQPass.196
PWSteal.Steam.111
PWSteal.WOW.351
Sinowal.133
Srizbi.141
TrojanClicker.Agent.398
TrojanDownloader.Agent.2736
TrojanDownloader.Small.2918
TrojanDownloader.Tibs.319
TrojanDownloader.Tibs.318
TrojanDropper.Agent.1032
TrojanDropper.Agent.1031
TrojanDropper.Agent.1030
TrojanDropper.BHO.104
TrojanDropper.Delf.770
TrojanSpy.Zbot.532
UltimateDefender.113
Vapsup.142
VB.1298
Licensed TrojanHunter users can easily update using TrojanHunter's LiveUpdate utility. If you are using the trial version of TrojanHunter, please see http://www.misec.net/trojanhunter/updating/ for instructions on how to update to the latest ruleset.
You should have 195036 rules.
http://www.misec.net/forum/board/RulesetUpdates/1225364851
Discussion is locked
19 Posts
- Collapse
- Collapse -
- Collapse -
Added detection of new variants of trojans DoS, Flooder, Puper, PSW.Ldpinch, PSW.Banker, Downloader.Banload.
October 30, 2008
http://www.grisoft.com/us.download-update
- Collapse -
Opera 9.62 is a recommended security upgrade. Please see the Security section.
Opera 9.62 incorporates the Opera Presto 2.1.1 user agent engine.
Changes since Opera 9.61
Security
*Fixed an issue where History Search could be used to execute arbitrary code, as discovered by Aviv Raff; see our advisory
*The links panel no longer allows cross-site scripting; see our advisory
http://www.opera.com/docs/changelogs/windows/962/
Download
http://www.opera.com/download/
Existing users can update via the program "Help>>>check for updates>>follow the prompts
- Collapse -
PDF/Exploit.Pidief.FO (2), W97M/TrojanDropper.Agent.NBP, Win32/Agent.OJJ (2), Win32/Agent.OJK (2), Win32/AutoRun.ED (3), Win32/AutoRun.FlyStudio.N, Win32/Bagle.QE (2), Win32/Hexzone.F (4), Win32/Hexzone.G (11), Win32/Rootkit.Ressdt.NAJ (2), Win32/VB.NRO (2), Win32/Wigon.ET
http://www.eset.eu/podpora/aktualizacia-3569?lng=en
http://www.eset.eu/support/update-xy1
- Collapse -
MSIL/Agent.NAE, PDF/Exploit.Pidief.NDH, SWF/Exploit.CVE-2007-0071 (10), VBS/Runner.BJ, Win32/Adware.AdzgaloreBiz (2), Win32/Adware.Antivirus2008, Win32/Adware.ISM (6), Win32/Adware.Look2Me (2), Win32/Adware.UltimateDefender (2), Win32/Adware.Vapsup (4), Win32/Adware.Vapsup.AX (2), Win32/Adware.XPAntivirus, Win32/Agent.NPX (2), Win32/Agent.NPY (2), Win32/Agent.OEQ, Win32/Agent.OJK, Win32/AutoRun.FakeAlert.J (2), Win32/AutoRun.FlyStudio.O, Win32/AutoRun.YM (2), Win32/BHO.NJH, Win32/Delf.NQY, Win32/Dialer.U, Win32/GreyBird, Win32/Hupigon, Win32/IRCBot.AJZ, Win32/Patched.NAC, Win32/PcClient, Win32/PcClient.NCD, Win32/PSW.OnLineGames.NMP, Win32/PSW.OnLineGames.NMY (8), Win32/PSW.OnLineGames.ODJ (2), Win32/PSW.QQRob.NAQ, Win32/Qhost, Win32/Qhost.NGE (2), Win32/Spy.Banker.CHC, Win32/StartPage.NIK, Win32/Tifaut.A (6), Win32/TrojanClicker.VB.NEY, Win32/TrojanDownloader.Delf.PGD (2), Win32/TrojanDownloader.FakeAlert.GU, Win32/TrojanDownloader.FakeAlert.OS, Win32/TrojanDownloader.FakeAlert.OT, Win32/TrojanDownloader.FakeAlert.OU, Win32/TrojanDownloader.FakeAlert.OV, Win32/TrojanDownloader.FakeAlert.OW, Win32/TrojanDownloader.FakeAlert.OX, Win32/TrojanDownloader.FakeAlert.OY (2), Win32/TrojanDownloader.FakeAlert.OZ (2), Win32/TrojanDownloader.FakeAlert.PA (2), Win32/TrojanDownloader.Small.OGS (2), Win32/TrojanDownloader.Zlob.CTN (20), Win32/TrojanDownloader.Zlob.CTO (2), Win32/TrojanDropper.Agent.NJV (2), Win32/TrojanDropper.Agent.NOY, Win32/TrojanDropper.Delf.NJK, Win32/TrojanDropper.Delf.NJL (2), Win32/TrojanDropper.VB.NFF, Win32/TrojanDropper.VB.NFG, Win32/TrojanDropper.VB.NFH, Win32/Virut.NBI, Win32/Wigon.ET, Win32/Wigon.GP, Win32/Wigon.GR (5), Win32/Wigon.GS, Win32/Wigon.GT (3)
http://www.eset.eu/podpora/aktualizacia-3570?lng=en
http://www.eset.eu/support/update-xy1
- Collapse -
Win32/Adware.Agent.NJL (2), Win32/Adware.Antivirus2008, Win32/Adware.BHO.NEZ, Win32/Adware.BHO.NFA (2), Win32/Adware.BHO.NFB, Win32/Adware.CiDHelp, Win32/Adware.GooochiBiz (11), Win32/Adware.RegistrySmart (3), Win32/Adware.RK, Win32/Adware.WhenU.SaveNow, Win32/Agent.ETH, Win32/AutoRun.ABH (2), Win32/AutoRun.Autoit.J (3), Win32/AutoRun.Delf.I (3), Win32/AutoRun.Hupigon.B (2), Win32/Bagle.QC, Win32/BHO.HEY (2), Win32/BHO.NHB (2), Win32/BHO.OM (2), Win32/Delf.NRC (2), Win32/Exploit.MS08-067.B (2), Win32/Nuwar.Gen, Win32/Obfuscated.NCG, Win32/PcClient (3), Win32/PcClient.NCE, Win32/PSW.Agent.NCN, Win32/PSW.Delf.NLS (2), Win32/PSW.Delf.NMM, Win32/PSW.Delf.NNA (2), Win32/PSW.OnLineGames.NNU (4), Win32/PSW.OnLineGames.NXI (3), Win32/PSW.OnLineGames.NXL, Win32/PSW.OnLineGames.ODJ (2), Win32/PSW.OnLineGames.XTT (3), Win32/PSW.WOW.CIJ, Win32/PSW.WOW.NFA (2), Win32/PSWTool.Dialupass.A, Win32/PSWTool.OpenPass.C (2), Win32/Rootkit.Agent.NGY, Win32/Spy.Agent.NJY, Win32/Spy.Banker.PRW (2), Win32/Spy.Banker.PRX (2), Win32/Spy.Delf.NHV, Win32/Spy.Delf.NLX (2), Win32/Spy.Goldun.AXT, Win32/Spy.Goldun.NDP, Win32/Spy.Goldun.NDQ, Win32/Spy.Pophot, Win32/Spy.Pophot.NAO, Win32/TrojanClicker.Agent.NEB, Win32/TrojanDownloader.Agent.OKW (2), Win32/TrojanDownloader.Agent.OKX (2), Win32/TrojanDownloader.FakeAlert.IY, Win32/TrojanDownloader.FakeAlert.PB, Win32/TrojanDownloader.Small.AFXY (2), Win32/TrojanDownloader.Swizzor (4), Win32/TrojanDownloader.VB.NQS, Win32/TrojanDownloader.Zlob.CTM, Win32/TrojanDownloader.Zlob.CTP, Win32/TrojanDownloader.Zlob.CTQ (2), Win32/TrojanDownloader.Zlob.CTR (2), Win32/TrojanDownloader.Zlob.CTS, Win32/TrojanDropper.Agent.NOZ, Win32/TrojanProxy.Small.NCA, Win32/VB.NRS, Win32/Wigon, Win32/Wigon.ET, Win32/Wigon.GU, Win32/Wigon.GV
http://www.eset.eu/podpora/aktualizacia-3571?lng=en
http://www.eset.eu/support/update-xy1
- Collapse -
Anti-Malware Network module (revised)
Community module - 4.8
http://www.emsisoft.com/a2/changelog/free/
http://www.emsisoft.com/en/support/malware/
- Collapse -
331,456 variants of these including trojans, worms, bots, hijackers,
downloaders, spam proxies, rootkits, adware, spyware, keyloggers,
"dialers" and other malware in total) covered in today's update for
BOClean 4.27.
Please also note that if you ever miss an update (or several) the update
you collect includes ***ALL*** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.comodo.com/boclean/trolist.html
- Collapse -
infectors (331,527 variants of these including
trojans,worms,bots,hijackers,downloaders,spam proxies, rootkits, adware,
spyware,keyloggers,"dialers" and other malware in total) covered in
today's update for BOClean 4.27.
Please also note that if you ever miss an update (or several) the update
you collect includes **ALL** previous update information. There is no
need to go hunting down other updates. The current one is always complete.
http://www.comodo.com/boclean/trolist.html
- Collapse -
New definitions:
====================
Win32.Backdoor.Beizhu
Win32.Backdoor.Doker
Win32.Backdoor.Genlot
Win32.Backdoor.Hacarun
Win32.Flooder.Oscar
Win32.Flooder.RoomDestroyer
Win32.Rootkit.Pakes
Win32.Rootkit.SMA
Win32.Rootkit.Small
Win32.Rootkit.Vanti
Win32.SpamTool.Delf
Win32.SpamTool.Myspamce
Win32.TrojanDownloader.Cosno
Win32.TrojanDownloader.Reanimator
Win32.Worm.Aspxor
Win32.Worm.Chode
Win32.Worm.Detnat
Win32.Worm.FlyStudio
Win32.Worm.Gimmiv
Win32.Worm.Guap
Win32.Worm.Heher
Win32.Worm.Huhk
Win32.Worm.Joleee
Win32.Worm.Netop
Win32.Worm.Panoil
Win32.Worm.Shypan
Win32.Worm.Xatch
Win32.Worm.Yalat
Updated definitions:
====================
Antivirus XP 2008
Antivirus2009
IEAntiVirus
PCPrivacyCleaner
SwiftCleaner
TotalSecure2009
Win32.Backdoor.AfCore
Win32.Backdoor.Agent
Win32.Backdoor.Agobot
Win32.Backdoor.AimBot
Win32.Backdoor.Akbot
Win32.Backdoor.Amanda
Win32.Backdoor.Amitis
Win32.Backdoor.Antilam
Win32.Backdoor.Aphexdoor
Win32.Backdoor.Arin
Win32.Backdoor.Ashley
Win32.Backdoor.Assasin
Win32.Backdoor.Backdoor
Win32.Backdoor.Bancodor
Win32.Backdoor.Bandok
Win32.Backdoor.Banito
Win32.Backdoor.BeastDoor
Win32.Backdoor.Bifrose
Win32.Backdoor.BlackHole
Win32.Backdoor.Blhouse
Win32.Backdoor.BlueFire
Win32.Backdoor.Bo
Win32.Backdoor.BO2k
Win32.Backdoor.Bot
Win32.Backdoor.Cakl
Win32.Backdoor.ceBot
Win32.Backdoor.Ceckno
Win32.Backdoor.Celofot
Win32.Backdoor.CiaDoor
Win32.Backdoor.CmjSpy
Win32.Backdoor.ControlTotal
Win32.Backdoor.Coredoor
Win32.Backdoor.Danton
Win32.Backdoor.DarkMoon
Win32.Backdoor.DarkSky
Win32.Backdoor.Death
Win32.Backdoor.Delf
Win32.Backdoor.Deplotoz
Win32.Backdoor.Destrukor
Win32.Backdoor.DKangel
Win32.Backdoor.DragonBot
Win32.Backdoor.DsBot
Win32.Backdoor.DskLite
Win32.Backdoor.Dumador
Win32.Backdoor.EasyClick
Win32.Backdoor.EggDrop
Win32.Backdoor.Eklips
Win32.Backdoor.Emogen
Win32.Backdoor.Farfli
Win32.Backdoor.FatBot
Win32.Backdoor.FearLess
Win32.Backdoor.FireBird
Win32.Backdoor.FireFly
Win32.Backdoor.Flux
Win32.Backdoor.ForBot
Win32.Backdoor.Frauder
Win32.Backdoor.Gaduka
Win32.Backdoor.Gbot
Win32.Backdoor.GGDoor
Win32.Backdoor.GirlInRed
Win32.Backdoor.GrayBird
Win32.Backdoor.Grobodor
Win32.Backdoor.HacDef
Win32.Backdoor.Hackarmy
Win32.Backdoor.Hackdoor
Win32.Backdoor.Hamweq
Win32.Backdoor.Havar
Win32.Backdoor.Haxdoor
Win32.Backdoor.Himic
Win32.Backdoor.Hupigon
Win32.Backdoor.Inject
Win32.Backdoor.IRC.Cloner
Win32.Backdoor.IRCBot
Win32.Backdoor.IrcContact
Win32.Backdoor.Iroffer
Win32.Backdoor.Jaan
Win32.Backdoor.JokerDoor
Win32.Backdoor.Kbot
Win32.Backdoor.Konik
Win32.Backdoor.Leniv
Win32.Backdoor.Lithium
Win32.Backdoor.Litmus
Win32.Backdoor.LittleWitch
Win32.Backdoor.Masot
Win32.Backdoor.mIRC-based
Win32.Backdoor.MoSucker
Win32.Backdoor.Nepoe
Win32.Backdoor.Netbus
Win32.Backdoor.NetDevil
Win32.Backdoor.NetShadow
Win32.Backdoor.NinjaSpy
Win32.Backdoor.Nuclear
Win32.Backdoor.Nucleroot
Win32.Backdoor.Optix
Win32.Backdoor.Pahador
Win32.Backdoor.Pakes
Win32.Backdoor.PcClient
Win32.Backdoor.Peanut
Win32.Backdoor.Plimus
Win32.Backdoor.Poison
Win32.Backdoor.PoisonIvy
Win32.Backdoor.PopWin
Win32.Backdoor.Portless
Win32.Backdoor.Prorat
Win32.Backdoor.RBot
Win32.Backdoor.SDBot
Win32.Backdoor.Sinowal
Win32.Backdoor.TDSS
Win32.Backdoor.VanBot
Win32.Backdoor.VB
Win32.Backdoor.Zapulko
Win32.Dialer.Xdial
Win32.Flooder.Agent
Win32.Generic.PWS
Win32.Generic.Worm
Win32.Hoax.Renos
Win32.IMFlooder.Delf
Win32.IMFlooder.DFMA
Win32.IMFlooder.VB
Win32.Monitor.WinSpy
Win32.Monitor.XPCSpy
Win32.Nuker.Spacoom
Win32.P2PWorm.Agent
Win32.P2PWorm.Delf
Win32.P2PWorm.Kapucen
Win32.P2PWorm.Malas
Win32.P2PWorm.Niklas
Win32.P2PWorm.Sambud
Win32.P2PWorm.SpyBot
Win32.P2PWorm.VB
Win32.PWS.Yahoo.YPager
Win32.Rootkit.Agent
Win32.Rootkit.Clbd
Win32.Rootkit.Fuzen
Win32.Rootkit.HideProc
Win32.Rootkit.KernelBot
Win32.Rootkit.Podnuha
Win32.Rootkit.Qandr
Win32.Rootkit.Ressdt
Win32.SpamTool.Agent
Win32.SpamTool.Blen
Win32.SpamTool.VB
Win32.Trojan.Agent
Win32.Trojan.BHO
Win32.Trojan.Buzus
Win32.Trojan.Delf
win32.Trojan.Dnschanger
Win32.Trojan.Fraudpack
Win32.Trojan.Inject
Win32.Trojan.KillAV
Win32.Trojan.Midgare
Win32.Trojan.Monder
Win32.Trojan.Multis
Win32.Trojan.Nosok
Win32.Trojan.Obfuscated
Win32.Trojan.Pakes
Win32.Trojan.Patched
Win32.Trojan.Small
Win32.Trojan.Vaklik
Win32.Trojan.Vapsup
Win32.Trojan.VB
Win32.Trojan.Vxgame
Win32.TrojanClicker.Costrat
Win32.TrojanClicker.Delf
Win32.TrojanClicker.Flyst
Win32.TrojanClicker.Galepo
Win32.TrojanClicker.Pamere
Win32.TrojanClicker.Small
Win32.TrojanClicker.VB
Win32.TrojanDownloader.Adload
Win32.TrojanDownloader.Agent
Win32.TrojanDownloader.Bagle
Win32.TrojanDownloader.Banload
Win32.TrojanDownloader.Cntr
Win32.TrojanDownloader.CodecPack
Win32.TrojanDownloader.ConHook
Win32.TrojanDownloader.Dadobra
Win32.TrojanDownloader.Delf
Win32.TrojanDownloader.Doldow
Win32.TrojanDownloader.Exchanger
Win32.TrojanDownloader.FraudLoad
Win32.TrojanDownloader.Hmir
Win32.TrojanDownloader.IMLoader
Win32.TrojanDownloader.Injecter
Win32.TrojanDownloader.Mutant
Win32.TrojanDownloader.Obfuscated
Win32.TrojanDownloader.Pux
Win32.TrojanDownloader.Quyl
Win32.TrojanDownloader.Small
Win32.TrojanDownloader.Suurch
Win32.TrojanDownloader.Tiny
Win32.TrojanDownloader.VB
Win32.Trojandownloader.Zlob
Win32.Trojan-Dropper.Delf
Win32.TrojanDropper.ExeBinder
Win32.TrojanDropper.KGen
Win32.Trojan-Dropper.MuDrop
Win32.TrojanDropper.Pincher
Win32.TrojanDropper.Small
Win32.TrojanDropper.VB
Win32.TrojanProxy.Agent.dl
Win32.Trojan-PSW.Delf
Win32.TrojanPWS.Delf
Win32.TrojanPWS.LdPinch
Win32.TrojanPWS.Lmir
Win32.TrojanPWS.Magania
Win32.TrojanPWS.OnlineGames
Win32.Trojan-PWS.Tibia
Win32.TrojanPWS.VB
Win32.TrojanPWS.WOW
Win32.TrojanSpy.Bancos
Win32.TrojanSpy.Banker
Win32.TrojanSpy.Pophot
Win32.TrojanSpy.Zbot
Win32.Worm.Agent
Win32.Worm.Allaple
Win32.Worm.Anilogo
Win32.Worm.Antinny
Win32.Worm.AutoIt
Win32.Worm.Autorun
Win32.Worm.Braban
Win32.Worm.Bropia
Win32.Worm.CodBot
Win32.Worm.Delf
Win32.Worm.Downloader
Win32.Worm.Fasong
Win32.Worm.Feebs
Win32.Worm.Fesber
Win32.Worm.Fujack
Win32.Worm.Gaobot
Win32.Worm.Kolab
Win32.Worm.Kolabc
Win32.Worm.Koobface
Win32.Worm.Korgo
Win32.Worm.Mabezat
Win32.Worm.Mobler
Win32.Worm.Muha
Win32.Worm.Myfip
Win32.Worm.Myspch
Win32.Worm.Mytob
Win32.Worm.Nimda
Win32.Worm.Otwycal
Win32.Worm.Padobot
Win32.Worm.Polip
Win32.Worm.PornRun
Win32.Worm.Prex
Win32.Worm.QQPass
Win32.Worm.Qucan
Win32.Worm.RJump
Win32.Worm.Rokut
Win32.Worm.Runfer
Win32.Worm.Runouce
Win32.Worm.Slenfbot
Win32.Worm.Small
Win32.Worm.Socks
Win32.Worm.Sohanad
Win32.Worm.Trafaret
Win32.Worm.Warezov
Win32.Worm.VB
Win32.Worm.Viking
WinFixer
Virtumonde
VirusRemover2008
MD5 checksum for core.aawdef is 8230302318fdae2cb988beec7bbec164
MD5 checksum for defs.ref is 0d35110ff8cf084cfd8f53b0ae9fa3e4
http://www.lavasoft.com/support/securitycenter/blog/?p=308#more-308
- Collapse -
Latest ClamAV? stable release is: 0.94
Total number of signatures: 455463
ClamAV Virus Databases:
main.cvd ver. 49 released on 22 Oct 2008 22:03 +0000
daily.cvd ver. 8541 released on 30 Oct 2008 02:54 +0000
http://www.clamav.net/
- Collapse -
Date: 30 Oct 2008
Time: 13:00 UTC+1
http://www.avira.com/en/pages/index.php
http://www.avira.com/en/threats/section/vdfhistory/index.html
- Collapse -
Virus Signature File
Thursday, 30 October 2008
http://www.pandasecurity.com/homeusers/downloads/clients/?
- Collapse -
Symantec AntiVirus
Norton AntiVirus 2006/2007
Virus Definitions created October 30
Virus Definitions released October 30
Defs Version: 101030c
Sequence Number: 87434
Extended Version: 10/30/2008 rev. 3
Total Detections (Threats & Risks): 2435660
http://www.symantec.com/business/security_response/definitions/download/index.jsp
- Collapse -
Super DATs 5419 - 10/30/08
http://www.mcafee.com/apps/downloads/secur...amp;segment=smb
http://vil.nai.com/vil/datreadme.aspx
- Collapse -
[quote]Current versions of the Belarc Advisor automatically check for, fetch, and install Belarc Advisor Security Definition updates at each use. We recommend that you get the latest version of the Advisor from
Belarc Advisor Download
and it will easily keep you up to date. The currently released Belarc Advisor Security Definition updates include all Microsoft security bulletins through October 23, 2008. This update ensures that the System Security Status panel in the computer profile report reflects the true number of missing Microsoft Security Updates.[/quote]
http://www.belarc.com/advisor_update.html
- Collapse -
Update time: Fri Oct 31 00:01:15 2008
Signature number: 1851280
Update time GMT: 1225396875
Version: 7.21578
http://download.bitdefender.com/updates/bitdefender_v8/plugins/update.txt
- Collapse -
Core Definitions 3616 - 10/30/2008 03:56PM PDT
Trace Definitions 1602 - 10/30/2008 03:56PM PDT
http://www.superantispyware.com/definitions.html
- Collapse -
Signature update
397 Signatures: 1 Spyware, 396 Trojans
http://www.emsisoft.com/a2/changelog/free/
http://www.emsisoft.com/en/support/malware/
CNET Forums
Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Roadshow Autos
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic