McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4698
DAT Release Date	02/16/2006
Threats Detected	178271
New Detections	20
Enhanced Detections	273

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
OSX/Leap	Low-Profiled	Low-Profiled

New Detections:

Program (3)

Application extension (1)

Dropper (1)

Adware-ZSearch.dr

Win32 (1)

Crack-MediaMonkey

Trojan (11)

Downloader (3)

W32/Bagle.dv.dldr

Dropper (1)

Generic (2)

Exploit-MS06-006.gen

Exploit-MS06-004.gen

Password Stealer (1)

Proxy (1)

Remote Access (2)

Win32 (1)

Virus (6)

(1)

Dropper (1)

W32/Bagle.dv.dr

Internet Worm (1)

OSX/Leap

Overwriting (1)

W32/HLL.ow.149286

Peer To Peer Worm (1)

W32/Steam.worm!p2p

Win32 (1)

Enhanced Detections:

Internet Worm (1)

E-mail (1)

W32/Bagle.gen@MM

Program (23)

Adware (9)

Adware-BrowserAid

Adware-Virtumundo

Adware-Websearch

Adware-PassiveCow

Adware-Cometsys

Adware-AdBlaster

Damaged (1)

Dialer (1)

Downloader (2)

Adware-POP.dldr

Adware-Websearch.dldr

Dropper (2)

Adware-BroadCastPC.dr

Adware-SurfSideKick.dr

Generic (1)

Dialer-RAS.gen.aa

Registry (3)

NDotNet

ZapChast

Reg-DetectKeys18

Spyware (1)

Win32 (3)

Generic Adware.aa

Generic Dialer.ba

Trojan (94)

(11)

Phish-PostCard.eml.a

Generic BackDoor.bb

Phish-BankFraud.eml.g

Phish-BankFraud.eml.d

Phish-BankFraud.eml.a

Phish-BankFraud.eml.f

Phish-BankFraud.eml.e

Phish-BankFraud.eml.c

Phish-BankFraud.eml.b

- (2)

Application extension (5)

BackDoor-BAC.dll

BackDoor-CPI.dll

BackDoor-AZF.dll

Downloader-ADB.dll

Demonstration (1)

JS/Exploit-Script.demo

Downloader (4)

PWS-Banker.dldr

Downloader Generic (1)

Dropper (3)

BackDoor-CKB.dr

MultiDropper-PS

Email Generic (1)

W32/Feebs.gen@MM

Exploit (5)

Exploit-ContentType

Exploit-CTCalendar

Exploit-ANIFile.eml

Exploit-MS06-005

Generic (12)

Generic Downloader.gen.be

PWS-Banker.gen.ba

PWS-Banker.gen.bb

PWS-Banker.gen.b

PWS-Banker.gen.l

PWS-Banker.gen.i

PWS-Banker.gen.h

PWS-Banker.gen.g

PWS-Banker.gen.t

Exploit-WinampPLS.b.gen

PWS-Banker.gen.v

BackDoor-BAC.gen.b

Heuristic (2)

Password (1)

Password Stealer (14)

PWS-JA

Proxy (1)

Proxy-Cidra.eml!zip

Remote Access (9)

BackDoor-BAC.gen.d

BackDoor-BAC.sys

StartPage (1)

Win32 (21)

Generic Downloader.c

HackerDefender.sys

Generic BackDoor.c

Puper

Generic StartPage.j

Generic Downloader.s

Generic BackDoor.be

Liewar

Generic QLowZones.a

Generic Dropper.i

Generic BackDoor.u

Generic Downloader.ab

Generic Downloader.f

Generic AdClicker.c

Virus (155)

Application extension (3)

W32/Sality.n.dll

W32/Sality.m.dll

Damaged (1)

Damaged Worm (1)

W32/Gaobot.worm.dam

Dropper (1)

Dropper Worm (1)

W32/Kelvir.worm.dr

E-mail (1)

W32/Bagle.do@MM

E-mail worm (2)

W32/Bagle.du@MM

W32/Bagle.dp!M328

Email (2)

W32/Mytob.gf@MM

W32/Loosky.e@MM

Email Generic (3)

JS/Fortnight.gen@M

W32/Mytob.gen@MM

W32/Loosky.gen@MM

Floppy (1)

W32/Generic!floppy

Generic (3)

W32/Bagle!eml.gen

W32/Mytob.gen!eml

W32/Mydoom.gen!eml

Generic Peer To Peer (1)

W32/Woned.gen!p2p

Generic Worm (25)

W32/IRCbot.worm.gen

W32/Sdbot.worm.gen.br

W32/Gaobot.worm.gen.l

W32/Sdbot.worm.gen.bg

W32/Spybot.worm.gen.bj

W32/Sdbot.worm.gen.n

W32/Sdbot.worm.gen.l

W32/Sdbot.worm.gen.h

W32/Sdbot.worm.gen.i

W32/Sdbot.worm.gen.g

W32/Sdbot.worm.gen.x

W32/Kelvir.worm.gen

W32/Spybot.worm.gen.j

W32/Sdbot.worm.gen.bs

W32/Sdbot.worm.gen.bz

W32/Sdbot.worm.gen.bp

W32/Sdbot.worm.gen.aw

W32/Spybot.worm.gen.o

W32/Harwig.worm.gen

W32/Sdbot.worm.gen.bh

W32/Sdbot.worm.gen.bi

W32/Sdbot.worm.gen.bj

W32/Sdbot.worm.gen.bw

W32/Sdbot.worm.gen.y

W32/Gaobot.worm.gen.r

Internet Worm (3)

W32/Kelvir.worm.bh

W32/Kelvir.worm.f

Script (1)

W32/Chiton.f.bat

Win32 (66)

W32/Chiton.f.eml

W32/Mydoom.a.eml!zip

W32/Mydoom.b.eml!zip

W32/Myparty.eml

W32/Manymize.eml

W32/Finaldo.eml

W32/Badtrans.eml

W32/Duksten.eml

W32/Holar.c.eml

W32/Sober.k.eml!zip

W32/Netsky.u.eml!exe

W32/Netsky.p.eml!exe

W32/Netsky.k.eml!exe

W32/Netsky.c.eml!exe

W32/Netsky.a.eml!exe

W32/Netsky.t.eml!exe

W32/Netsky.s.eml!exe

W32/Netsky.r.eml!exe

W32/Netsky.l.eml!exe

W32/Netsky.d.eml!exe

W32/Netsky.b.eml!exe

W32/Netsky.eml!dam

W32/Netsky.y.eml!exe

W32/Netsky.x.eml!exe

W32/Netsky.w.eml!exe

W32/Dumaru.eml!zip

W32/Sober.p.eml!zip

W32/Netsky.b.eml!zip

W32/Netsky.a.eml!zip

W32/Netsky.c.eml!zip

W32/Hiton.eml!exe

W32/Hiton.eml!zip

W32/Sober.d.eml!zip

W32/Mydoom.a.eml!exe

W32/Mydoom.g.eml!exe

W32/Mydoom.h.eml!zip

W32/Mydoom.g.eml!zip

W32/Bagle.eml!ms03-032

W32/Sober.e.eml!zip

W32/Sober.f.eml!zip

W32/Bagle.eml!dam

Generic BackDoor.bf

W32/Sober.q!spam

W32/Sober.j.eml!zip

W32/Feebs!rootkit

W32/Loosky!proxy

W32/Loosky!backdoor

W32/Generic.Delphi.a

W32/Mydoom.k.eml!exe

Worm (40)

W32/Kelvir.worm.eo

W32/Kelvir.worm.ex

W32/Kelvir.worm.al

W32/Kelvir.worm.ap

W32/Kelvir.worm.an

W32/Kelvir.worm.ao

W32/Kelvir.worm.am

W32/Kelvir.worm.ec

W32/Kelvir.worm.ax

W32/Kelvir.worm.az

W32/Kelvir.worm.ba

W32/Kelvir.worm.ay

W32/Kelvir.worm.bg

W32/Kelvir.worm.e

W32/Kelvir.worm.ca

W32/Kelvir.worm.ci

W32/Kelvir.worm.i

W32/Kelvir.worm.o

W32/Kelvir.worm.p

W32/Kelvir.worm.l

W32/Kelvir.worm.ch

W32/Kelvir.worm.q

W32/Kelvir.worm.w

W32/Kelvir.worm.cu

W32/Kelvir.worm.da

W32/Kelvir.worm.cz

W32/Kelvir.worm.dd

W32/Kelvir.worm.cq

W32/Kelvir.worm.cv

W32/Kelvir.worm.cx

W32/Kelvir.worm.cy

W32/Kelvir.worm.ac

W32/Kelvir.worm.aj

W32/Kelvir.worm.ai

W32/Kelvir.worm.db

W32/Sdbot.worm.ak

W32/Kelvir.worm.gc

W32/Wallon.worm!eml

W32/Kelvir.worm.dy