McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4640
DAT Release Date	11/30/2005
Threats Detected	162496
New Detections	24
Enhanced Detections	340

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (5)

(1)

Tool/av2

Adware (1)

Joke (1)

Win32 (2)

Clipsvr

Trojan (10)

(1)

Apropos

Application extension (1)

Downloader (3)

Downloader-UA.f

Malware Tool (1)

RootKit-SMECore

Proxy (1)

Tool (1)

Win32 (2)

Del-490

DMeco

Virus (9)

(2)

Generic (2)

W32/IRCbot.gen.f

Peer To Peer (3)

W32/Platinum!p2p

Script (1)

Bat/evan

Worm (1)

Enhanced Detections:

- (1)

Trojan (1)

Haher

Malware (2)

Exploit (1)

Exploit-CodeBase

Trojan (1)

Program (45)

(3)

- (1)

Adware (15)

Adware-Virtumundo

Adware-Superbar

Adware-Websearch

Adware-PromulGate

Adware-SideSearch

Adware-SearchAid

Adware-DealHelper

Adware-ClickSpring

Adware-abetterintrnt

Application extension (2)

Clearsearch.dll

Dialer (2)

Downloader (3)

PosX

Adware-Websearch.dldr

Dropper (8)

Adware-NetPals.dr

Adware-SideSearch.dr

Adware-BroadCastPC.dr

Adware-SafeSurf.dr

Adware-BkdSpace.dr

Generic Adware.dr

Adware-WinAd.dr

Generic (1)

Keylogger (1)

Keylog-Ardamax.dr

Registry (1)

ZapChast

StartPage (1)

Tool (1)

Win32 (6)

iGetNet

HideExec

RemAdm-ProcLaunch

Trojan (112)

(5)

Generic BackDoor.d

Generic component

Generic BackDoor.bb

Adware (1)

Application extension (4)

BackDoor-BAC.dll

PWS-Banker.j.dll

Generic Proxy.dll

Client (3)

BackDoor-AFZ.cli

BackDoor-CPJ.cli

IRC/BackDoor-Sub7.cli

Configuration settings (1)

HackerDefender.ini

Configurator (1)

Downloader (5)

PWS-Banker.dldr

Dropper (3)

BackDoor-AVW.dr

BackDoor-AWQ.b.dr

MultiDropper-OR

Dropper Worm (1)

W32/Sdbot.worm.dr

Exploit (3)

Exploit-ContentType

Exploit-ObscuredHtml

Exploit-MS03-037

Generic (9)

Generic Downloader.gen.be

BackDoor-AVW.gen

PWS-Banker.gen.ba

PWS-Banker.gen.bb

PWS-Banker.gen.j

PWS-Banker.gen.i

PWS-Banker.gen.g

PWS-Banker.gen.t

Downloader-ZQ.gen

Generic Worm (1)

W32/Sdbot.worm.gen.ax

Heuristic (2)

JavaScript (1)

Macro (4)

Password (1)

Password Stealer (4)

Plugin component (1)

Orifice2K.plugin

Proxy (3)

Remote Access (11)

Generic BackDoor.k

Script (1)

Server (3)

BackDoor-AFZ.svr

BackDoor-ARR.svr

Win32 (44)

Generic Downloader.b

Generic BackDoor.f

Generic Downloader.c

Pokey.b

Promises

Generic BackDoor.e

Dpbot

Halloway

HackerDefender.sys

HideOut

Drone

Generic Downloader.ak

DRevenge

Generic Downloader.ad

Generic Downloader.p

Puper

Generic Downloader.u

Generic AdClicker.b

Generic Dropper.i

Generic Downloader.ab

Druogna

Generic Downloader.ac

Qoolaid

Hangup

Project

Generic Downloader.f

Generic Downloader.h

Virus (180)

(2)

HLL.sub

Damaged (26)

XM/Laroux.cf.dam

XM/Laroux.dam.au

W97M/Tristate.aw.dam

X97M/Laroux.dam.ho

XM/Laroux.dam.bp

X97M/Laroux.dam.ae

XM/Laroux.dam.af

XM/Laroux.dam.k

XM/Laroux.dam.j

XM/Laroux.dam.g

XM/Laroux.a.dam

PP97M/Tristate.dam

PP97M/Tristate.aw.dam

W97M/Tristate.dam

X97M/Laroux.dam.is

X97M/Laroux.dam.bp

X97M/Laroux.dam.cz

X97M/Laroux.dam.e

XM/Laroux.dam.cz

XM/Laroux.dam.ae

XM/Laroux.dam.e

X97M/Tristate.dam

X97M/Tristate.aw.dam

Damaged Generic (4)

X97M/Laroux.dam.ho.gen

X97M/Laroux.dam.e.gen

XM/Laroux.dam.e.gen

X97M/Laroux.dam.bp.gen

Damaged Worm (1)

W32/Sdbot.worm.dam

Dropper (5)

AM/Supersonic.dr.b

AM/Supersonic.dr.a

AM/Supersonic.dr

E-mail (1)

W32/Sober@MM!M681

E-mail worm (2)

Email (17)

W32/Sober.k@MM!zip

W32/Sober.p@MM!zip

W32/Sober.d@MM!zip

W32/Sober.e@MM!zip

W32/Sober.j@MM!zip

W32/Sober.l@MM!zip

W32/Sober.o@MM!zip

W32/Sober.g@MM!zip

Email Generic (3)

W32/Rontokbro.gen@MM

W32/Loosky.gen@MM

W32/Bagz.gen@MM

File Infector (2)

Floppy (1)

W32/Generic!floppy

Generic (24)

X97M/Barisada.gen

X97M/Toraja.gen

XM/Laroux.ho.gen

W97M/Toraja.gen

X97M/Laroux.dx.gen

XM/Laroux.e.gen

X97M/Laroux.a.gen

X97M/Laroux.e.gen

XM/Laroux.a.gen

X97M/Manalo.gen

W97M/Shiver.gen

X97M/Laroux.au.gen

X97M/Laroux.ho.gen

X97M/Laroux.dm.gen

PP97M/Tristate.gen

X97M/Shiver.gen

Generic Worm (18)

W32/IRCbot.worm.gen

W32/Sdbot.worm.gen.as

W32/Sdbot.worm.gen.br

W32/Sdbot.worm.gen.bg

W32/Sdbot.worm.gen.n

W32/Sdbot.worm.gen.l

W32/Sdbot.worm.gen.j

W32/Sdbot.worm.gen.h

W32/Sdbot.worm.gen.bk

W32/Sdbot.worm.gen.bs

W32/Sdbot.worm.gen.aw

W32/Spybot.worm.gen.o

W32/Sdbot.worm.gen.by

W32/Sdbot.worm.gen.y

W32/Sdbot.worm.gen.z

W32/Sdbot.worm.gen.ac

W32/Sdbot.worm.gen.t

W32/Sdbot.worm.gen.q

Heuristic (1)

Intended (2)

X97M/Bonker.b.intd

X97M/Bonker.intd

Internet Worm (1)

W32/Sdbot.worm!MS05-039

Macro (64)

X97M/Tristate.gen

W97M/Tristate.gen

remnants-X97M/Toraja

Malware Tool (1)

Script (1)

Win32 (4)