Ad-aware Definition File Update [SE1R102] 03.04.06

  • Thread starter Thread starter Randy Knobloch
  • Start date Start date
Just a heads up that there have been several reports of possible
Win32.Backdoor.CiaDoor f/p's. This has been called to Lavasoft Research's
attention for investigation.

Win32.Backdoor.CiaDoor Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{248dd892-bb45-11cf-9abc-0080c7e7b78d}

Win32.Backdoor.CiaDoor Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{248dd890-bb45-11cf-9abc-0080c7e7b78d}

Win32.Backdoor.CiaDoor Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{248dd896-bb45-11cf-9abc-0080c7e7b78d}

Win32.Backdoor.CiaDoor Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{248dd897-bb45-11cf-9abc-0080c7e7b78d}
 
Corrine said:
Just a heads up that there have been several reports of possible
Win32.Backdoor.CiaDoor f/p's. This has been called to Lavasoft Research's
attention for investigation.

Win32.Backdoor.CiaDoor Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{248dd892-bb45-11cf-9abc-0080c7e7b78d}

Win32.Backdoor.CiaDoor Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{248dd890-bb45-11cf-9abc-0080c7e7b78d}

Win32.Backdoor.CiaDoor Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{248dd896-bb45-11cf-9abc-0080c7e7b78d}

Win32.Backdoor.CiaDoor Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{248dd897-bb45-11cf-9abc-0080c7e7b78d}
Click to expand...

Thank you, Corrine - I will post the info at AumHa and elsewhere of this.

Randy

--
siljaline

MS - MVP Windows (IE/OE) & Security, AH-VSOP
_________________________________________
Security Tools Updates
http://aumha.net/viewforum.php?f=31

Reply to group, as return address
is invalid that we may all benefit.
 
Randy Knobloch said:
Thank you, Corrine - I will post the info at AumHa and elsewhere of this.

Randy
Click to expand...


You're welcome, Randy.

This was confirmed and a replacement Build was loaded on the servers. Make
sure you have the following:

Reference Number : SE1R102 03.04.2006
Internal build : 118
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PROFESSIONAL\defs.ref
File size : 599106 Bytes
Total size : 1970168 Bytes
Signature data size : 1933111 Bytes
Reference data size : 36545 Bytes
Signatures total : 54567
CSI Fingerprints total : 2097
CSI data size : 65592 Bytes
Target categories : 15
Target families : 865

MD5 checksum of the file defs.ref:
0007df903d7dfe74ac9c8c26692ea2c4
 
An update to the previously released update is out. The False Positives
have been rectified :

Reference Number : SE1R102 03.04.2006
Internal build : 118

Steve Wechsler (akaMowGreen)
MS - MVP 2003-2006
===============
*-343-* FDNY
Never Forgotten
===============
 
Back
Top