Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4628
DAT Release Date 11/15/2005
Threats Detected 159197
New Detections 12
Enhanced Detections 198

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (1)
  Spyware (1)
    Spyware-Keycollect
Trojan (4)
  Dropper (1)
    W97M/Spy-Peep.dr
  Exploit (1)
    Linux/Exploit-Bluez
  Win32 (2)
    Qoolaid
    AdClicker-DQ
Virus (7)
  Dropper (4)
    W32/Sober.s.dr
    W32/Sober.v.dr
    W32/Sober.u.dr
    W32/Sober.t.dr
  Dropper Generic (1)
    W32/Sober.dr.gen
  E-mail (2)
    W32/Sober.u@MM
    W32/Sober.v@MM

Enhanced Detections:

Internet Worm (2)
  E-mail (2)
    W32/Sober.e@MM
    W32/Sober.j@MM
Program (19)
  Adware (8)
    Adware-HotBar
    Adware-Apropos
    Adware-ISTBar
    Adware-Ndware
    Adware-STIEBar
    Adware-CashFiesta
    Adware-abetterintrnt
    Adware-Qoolaid
  Application extension (3)
    Adware-Apropos.dll
    Dialer-Generic.dll
    Adware-SpyBlocs.dll
  Dialer (3)
    Dialer-Generic
    Dialer-Generic.e
    Dialer-221
  Generic (2)
    Dialer-RAS.av.gen
    Dialer-RAS.dv.gen
  Joke (1)
    Joke-FakeStart
  Win32 (2)
    RemAdm-RemoteAdmin
    AdClicker-CU
Trojan (125)
   (14)
    Generic BackDoor.d
    AdClicker-AT
    AdClicker-AS
    AdClicker-AW
    AdClicker-AV
    Generic component
    Generic BackDoor.bb
    Generic.dc
    AdClicker-BN
    Generic PWS.q
    Generic.cb
    AdClicker-BS
    AdClicker-BF
    AdClicker-BE
  - (2)
    AdClicker-O
    AdClicker-AJ
  Application extension (4)
    Downloader-DA.dll
    Spy-Tofger.dll
    BackDoor-AWQ.dll
    PWS-QQPass.dll
  Downloader (1)
    PWS-Banker.dldr
  Dropper (4)
    BackDoor-CKB.dr
    MultiDropper-OR
    AdClicker-AS.dr
    AdClicker-BS.dr
  Email (1)
    W32/Sober.q
  Exploit (46)
    Linux/Exploit-SendMail
    Linux/Exploit-Bind
    Linux/Exploit-Cgiexp
    Linux/Exploit-Kerio
    Linux/Exploit-Shellcode
    Linux/Exploit-Freeze
    Linux/Exploit-Sqlexp
    Linux/Exploit-Adminer
    Linux/Exploit-Ciscer
    Linux/Exploit-Mulexp
    Linux/Exploit-BOrifice
    Linux/Exploit-Httpd
    Linux/Exploit-Gdslock
    Linux/Exploit-TearDrop
    Linux/Exploit-OpenSSH
    Linux/Exploit-Nhttpd
    Linux/Exploit-Modgz
    Linux/Exploit-SSPing
    Linux/Exploit-Openssl
    Linux/Exploit-Imspd
    Linux/Exploit-Rsync
    Linux/Exploit-Apache
    Linux/Exploit-Gildo
    Linux/Exploit-Su
    Linux/Exploit-Vertex
    Linux/Exploit-Racezion
    JS/Exploit-CrossSite
    Linux/Exploit-Proftpd
    Linux/Exploit-Snuq
    Linux/Exploit-Niprint
    Linux/Exploit-Ptrace
    Linux/Exploit-Bonk
    Linux/Exploit-Linuxconf
    Linux/Exploit-Race
    Linux/Exploit-Maxload
    Linux/Exploit-dobrk
    Linux/Exploit-fstring
    Linux/Exploit-Race30
    Linux/Exploit-Mmap
    Linux/Exploit-Bysin
    Linux/Exploit-Moos
    Linux/Exploit-Nios
    Linux/Exploit-Teso
    Linux/Exploit-Ghost
    Linux/Exploit-Odm
    Linux/Exploit-Ftpd
  Generic (7)
    Generic Downloader.gen.bd
    Generic Downloader.gen.be
    PWS-Banker.gen.ba
    PWS-Banker.gen.bb
    RemAdm-RemoteAdmin.gen.ba
    ServU-Daemon.gen.ba
    JS/Exploit-BO.gen
  Heuristic (2)
    New Malware.n
    New Malware.j
  Internet Relay Chat (1)
    IRC/Flood.em
  Password (1)
    PWS-LDPinch
  Password Stealer (3)
    PWS-Lineage!chm
    PWS-LegMir!chm
    PWS-Lineage
  Proxy (2)
    Proxy-FBSR
    Proxy-Agent.a
  Remote Access (7)
    BackDoor-AQF
    BackDoor-ARR
    BackDoor-AWQ.b
    BackDoor-CCT
    BackDoor-TW!chm
    BackDoor-CSL
    Generic BackDoor.k
  Win32 (30)
    AdClicker-AA
    AdClicker-V
    AdClicker-Q
    AdClicker-Y
    AdClicker-T
    AdClicker-N
    AdClicker-K
    HackerDefender
    AdClicker-AI
    AdClicker-J
    AdClicker-AF
    AdClicker-L
    AdClicker-AE
    AdClicker-AK
    Generic PWS.n
    Generic.e
    Generic BackDoor.be
    Generic BackDoor.ba
    Generic Downloader.u
    Generic Downloader.y
    Generic MSVC.d
    Generic PWS.o
    Generic BackDoor.u
    Generic Downloader.ab
    AdClicker-AL
    Generic StartPage.e
    AdClicker-BW
    DDoS-Boxed
    AdClicker-AN
    Generic Dropper.c
Virus (52)
  Companion (1)
    W32/NGVCK.8192.cmp
  Damaged (1)
    W32/Sober.dam
  Damaged Worm (1)
    W32/Sdbot.worm.dam
  Dropper (3)
    W32/NGVCK.dr
    W32/NGVCK.b.dr
    W32/Sober.dr
  Dropper Generic (1)
    W32/NGVCK.gen.dr
  E-mail (6)
    W32/Sober.c@MM
    W32/Sober.d@MM
    W32/Sober.p@MM
    W32/Sober.r@MM
    W32/Sober.o@MM!M414
    W32/Sober.g@MM
  E-mail worm (3)
    W32/Sober.f@MM
    W32/Sober.b@MM
    W32/Sober.l@MM
  Email (3)
    W32/Sober.m@MM
    W32/Sober.s@MM
    W32/Sober.t@MM
  Email Generic (1)
    W32/Sober.gen@MM
  Email Worm (1)
    W32/Sober.k@MM
  Generic (1)
    W32/IRCbot.gen
  Generic Worm (10)
    W32/IRCbot.worm.gen
    W32/Sdbot.worm.gen.w
    W32/Sdbot.worm.gen.i
    W32/Sdbot.worm.gen.bl
    W32/Sdbot.worm.gen.bz
    W32/Sdbot.worm.gen.aw
    W32/Sdbot.worm.gen.bd
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.bj
    W32/Sdbot.worm.gen.t
  Intended (1)
    W32/NGVCK.intd
  Internet Worm (1)
    W32/Sober.a@MM
  Win32 (17)
    New Win32.g1
    W32/NGVCK
    W32/NGVCK.2389dr
    W32/NGVCK.1365dr
    W32/NGVCK.3072dr
    W32/NGVCK.53x
    W32/NGVCK.1107dr
    W32/NGVCK.1988dr
    W32/NGVCK.2092dr
    W32/NGVCK.3146dr
    W32/NGVCK.3250dr
    W32/NGVCK.3400dr
    W32/NGVCK.1364dr
    W32/NGVCK.2296dr
    W32/NGVCK.1352dr
    W32/NGVCK.919dr
    W32/NGVCK.1840dr
  Worm (1)
    W32/Generic.worm.b