Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4436
DAT Release Date 03/01/2005
Threats Detected 117526
New Detections 30
Enhanced Detections 126

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (6)
  Application extension (1)
    Tool-ByShell.dll
  Demonstration (1)
    Demo-Alma
  Tool (4)
    Tool-ByShell
    Tool-WriteSec
    Tool-Proxy
    Tool-Confluenc
Trojan (14)
  Application extension (1)
    PWS-Hook.dll
  Downloader (2)
    Downloader-WB
    Downloader-WC
  Exploit (2)
    Exploit-SetWindow
    Exploit-ASN
  Internet Relay Chat (2)
    IRC/Flood.tool.b
    IRC/Flood.tool.c
  Password Stealer (5)
    PWS-IV
    PWS-QQTen
    PWS-Lineage!chm
    PWS-Hook
    PWS-Guard
  Remote Access (1)
    BackDoor-QW.patch
  StartPage (1)
    StartPage-GO
Virus (10)
  Dropper (2)
    W32/Toto.dr.b
    W32/Toto.dr.a
  E-mail (1)
    W32/Bagle.bn@MM
  E-mail worm (1)
    W32/Mydoom.bi@MM
  Email (3)
    W32/Zellome@M
    W32/Mydoom.bi@MM!zip
    W32/Infoyou@MM!pwdzip
  Generic Worm (1)
    W32/Sdbot.worm.gen.ae
  Win32 (1)
    W32/Toto.a
  Worm (1)
    W32/Bropia.worm.u

Enhanced Detections:

Internet Worm (1)
  E-mail (1)
    W32/Bagle.gen@MM
Program (37)
  Demonstration (9)
    Demo-InConEx
    Demo-VecnaComp
    Demo-VPCHammer
    Demo-LDE
    Demo-ProcHide
    Demo-Invisible
    Demo-VecnaBot
    Demo-Paradox
    Demo-NTRing
  Malware Tool (5)
    VTool/spa4
    VTool/spa2
    VTool/spa5
    VTool/spa3
    VTool/spa
  Remote Access (1)
    ServU-Daemon
  Tool (21)
    Tool-AVPX
    Tool-Pervert
    Tool-PGP2TXT
    Tool-RSAKey
    Tool-Tracer
    Tool-PGPDump
    Tool-TXT2DEN
    Tool-Huff
    Tool-HideWind
    Tool-AVPOffset
    Tool-VecnaLink
    Tool-Chiton
    Tool-IRXPro
    Tool-DumpAIT
    Tool-FTransf
    Tool-ServUCRC
    Tool-CACLs
    Tool-SetTime
    Tool-Qing
    Tool-SpeedTest
    Tool-UPolyX
  Win32 (1)
    MSKILL
Trojan (34)
  Application extension (3)
    PWS-Narod.dll
    BackDoor-CNX.dll
    BackDoor-CKG.dll
  Client (1)
    BackDoor-CBC.cli
  Downloader (5)
    Downloader-UU
    Downloader-IQ
    Downloader-VY
    Downloader-HI
    Downloader-QG
  Downloader Generic (1)
    W32/Bagle.dldr
  Dropper (3)
    BackDoor-CBC.dr
    MultiDropper-KH
    Downloader-QG.dr
  Exploit (3)
    Exploit-DcomRpc
    JS/Exploit-HelpXSite
    Exploit-LHA Overflow
  Password (1)
    PWS-Bancban
  Password Stealer (2)
    PWS-Postb
    PWS-QQRob
  Proxy (2)
    Proxy-FBSR
    Proxy-Agent.c
  Remote Access (3)
    BackDoor-CBC
    BackDoor-AOZ
    BackDoor-CNX
  Server (1)
    BackDoor-CBC.svr
  StartPage (1)
    StartPage-FY
  Trojan (1)
    HotWorld
  Win32 (7)
    Generic BackDoor.b
    Generic Delphi
    HackerDefender.sys
    Generic Downloader.r
    QLowZones-2
    QHosts-18
    Generic Downloader.h
Virus (54)
  - (1)
    W32/Bagle.bc@MM
  Damaged (1)
    W32/Toto.dam
  Damaged Worm (1)
    W32/Sdbot.worm.dam
  E-mail (3)
    W32/Bagle.bj@MM
    W32/Bagle.aq@MM
    W32/Bagle.ai@MM
  E-mail worm (7)
    W32/Bagle.bk@MM
    W32/Bagle.bl@MM
    W32/Bagle.bg@MM
    W32/Bagle.bb@mm
    W32/Bagle.bd@MM
    W32/Bagle.ag@MM
    W32/Bagle.ae@MM
  Email (12)
    W32/Mydoom.bh@MM!zip
    W32/Mydoom.p@MM!zip
    W32/Mydoom.r@MM!zip
    W32/Mydoom.bg@MM!zip
    W32/Mydoom.bh@MM
    W32/Mydoom.bb@MM!zip
    W32/Mydoom.bd@MM!zip
    W32/Mydoom.bc@MM!zip
    W32/Mydoom.be@MM!zip
    W32/Mydoom.o@MM!zip
    W32/Mydoom.u@MM!zip
    W32/Bagle.az@MM
  Generic Worm (7)
    W32/Sdbot.worm.gen
    W32/Sdbot.worm.gen.w
    W32/Gaobot.worm.gen.j
    W32/Sdbot.worm.gen.j
    W32/Gaobot.worm.gen.t
    W32/Sdbot.worm.gen.y
    W32/Sdbot.worm.gen.t
  Internet Worm (3)
    W32/Bropia.worm.g
    W32/Bropia.worm.q
    W32/Bropia.worm.n
  Macro (1)
    W97M/Ostrich.gen
  mIRC Worm (1)
    MIRC/Generic
  Win32 (5)
    New Win32
    W32/Bagle.ba
    W32/Generic.Delphi.b
    W32/Bagle.aw
    W32/Bagle.av
  Worm (12)
    W32/Bropia.worm.r
    W32/Bropia.worm.s
    W32/Bropia.worm.f
    W32/Bropia.worm.k
    W32/Bropia.worm.i
    W32/Bropia.worm.l
    W32/Bropia.worm.j
    W32/Bropia.worm.h
    W32/Bropia.worm.o
    W32/Bropia.worm.p
    W32/Bropia.worm.t
    W32/Bagle.at@MM