Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

Latest Update
DAT Version 4732
DAT Release Date 04/03/2006
Threats Detected 184442
New Detections 18
Enhanced Detections 238

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (2)
  Dropper (1)
    Spyware-StaffCop.dr
  Spyware (1)
    Spyware-StaffCop
Trojan (13)
  Downloader (5)
    Downloader-AVO
    PWS-JI.dldr
    Downloader-AVS
    Downloader-AVR
    Downloader-AVQ
  Dropper (1)
    MultiDropper-QL
  Flooder (2)
    Unix/FDoS-Cirad
    Unix/FDoS-Xort
  Remote Access (5)
    BackDoor-CYT
    BackDoor-CXO
    BackDoor-CYV
    BackDoor-CYU
    BackDoor-CYS
Virus (3)
   (1)
    SymbOS/Commwarrior.c!ezboot
  Generic (1)
    SymbOS/Lasco.gen!sis
  Win32 (1)
    W32/Generic.Delphi.d

Enhanced Detections:

Malware (1)
  Palm (1)
    SymbOS/SendTool!sis
Program (12)
  - (1)
    Iroffer
  Adware (4)
    Adware-Virtumundo
    Adware-PigSearch
    Adware-Newweb
    Adware-PestTrap
  Downloader (1)
    Downloader-TL
  Keylogger (1)
    Keylog-TypeRecord
  Registry (1)
    Qoolaid
  Tool (3)
    Clearlogs
    Tool-NetCat
    Tool-SRunner
  Win32 (1)
    Winfixer
Trojan (153)
   (45)
    SymbOS/Blankfont.a!sis
    SymbOS/Blankfont.b!sis
    SymbOS/Multidropper.a!sis
    SymbOS/Blankfont.c!sis
    SymbOS/Multidropper.e!sis
    SymbOS/Multidropper.c!sis
    SymbOS/Multidropper.g!sis
    SymbOS/Multidropper.b!sis
    SymbOS/Multidropper.f!sis
    SymbOS/Multidropper.d!sis
    SymbOS/Multidropper.k!sis
    SymbOS/Multidropper.j!sis
    SymbOS/Multidropper.i!sis
    SymbOS/Multidropper.h!sis
    Generic BackDoor.bb
    SymbOS/Multidropper.l!sis
    Generic.dc
    SymbOS/Multidropper.q!sis
    SymbOS/Multidropper.ba!sis
    FakeAlert-B
    SymbOS/Multidropper.ax!sis
    SymbOS/Multidropper.av!sis
    SymbOS/Multidropper.r!sis
    SymbOS/Multidropper.at!sis
    SymbOS/Multidropper.au!sis
    SymbOS/Multidropper.az!sis
    SymbOS/Multidropper.aw!sis
    SymbOS/Multidropper.ak!sis
    SymbOS/Multidropper.ai!sis
    SymbOS/Multidropper.ar!sis
    SymbOS/Multidropper.aq!sis
    SymbOS/Multidropper.ap!sis
    SymbOS/Multidropper.ao!sis
    SymbOS/Multidropper.an!sis
    SymbOS/Multidropper.am!sis
    SymbOS/Multidropper.al!sis
    SymbOS/Multidropper.aj!sis
    SymbOS/Multidropper.ah!sis
    SymbOS/Multidropper.af!sis
    SymbOS/Multidropper.ad!sis
    SymbOS/Multidropper.x!sis
    SymbOS/Multidropper.ag!sis
    SymbOS/Multidropper.ae!sis
    SymbOS/Multidropper.ac!sis
    SymbOS/Multidropper.u!sis
  - (3)
    Crasher
    NTRootKit-W
    Spam-Mailbot
  Application extension (3)
    BackDoor-BAC.dll
    PWS-Goldun.dll
    BackDoor-CXO.dll
  Configurator (3)
    ProcKill-Q.cfg
    Belnow.cfg
    BackDoor-CEP.cfg
  Downloader (9)
    PWS-Banker.dldr
    Downloader-ACG
    Downloader-ACH
    Downloader-ZQ
    Downloader-ASH
    Downloader-AQW
    Downloader-ARL
    Downloader-QO
    PWS-LegMir.dldr
  Dropper (8)
    MultiDropper-CP
    PWS-Legmir.dr
    BackDoor-AWQ.b.dr
    BackDoor-CEP.dr
    Allsum.dr
    BackDoor-COC.dr
    Downloader-PS.dr
    PWS-Goldun.dr
  Exploit (4)
    Exploit-ByteVerify
    Exploit-CreateTxtRng
    Exploit-ByteVerify.a
    Exploit-QtPICT
  Flooder (1)
    FDoS-Spabot
  Generic (7)
    BackDoor-TC.gen
    PWS-Banker.gen.q
    PWS-QQPass.gen
    PWS-Banker.gen.g
    PWS-Banker.gen.t
    JS/Exploit-BO.gen
    PWS-Banker.gen.v
  Heuristic (3)
    New Malware.d
    New Malware.j
    New Malware.z
  Internet Relay Chat (1)
    IRC/Flood.ev
  Malware Tool (1)
    Spam-Mailbot!RootKit
  Password (3)
    PWS-LegMir
    PWS-QQPass
    PWS-LDPinch
  Password Stealer (8)
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-Goldun.sys
    Generic PWS.j
    PWS-Banker.gen.z
    PWS-Raven
    PWS-WoW
    PWS-Goldun
  Process (2)
    ProcKill-AE
    ProcKill-AF
  ProcKill (22)
    ProcKill-BW
    ProcKill-H
    ProcKill-F
    ProcKill-BT
    ProcKill-BO
    ProcKill-BJ
    ProcKill-AU
    ProcKill-AL
    ProcKill-AC
    ProcKill-AA
    ProcKill-S
    ProcKill-Q
    ProcKill-P
    ProcKill-M
    ProcKill-L
    ProcKill-K
    ProcKill-J
    ProcKill-F.cln
    ProcKill-D
    ProcKill-C
    ProcKill-CG
    ProcKill-BX
  Proxy (2)
    Proxy-Flatsurfer
    Proxy-Agent.as
  Remote Access (8)
    BackDoor-AWQ.b
    SunOS/Rootkit-A
    BackDoor-BAC
    BackDoor-CUR
    Generic BackDoor.l
    BackDoor-CXQ
    Generic BackDoor.m
    BackDoor-CEP
  Win32 (20)
    Generic BackDoor.h
    Generic Delphi
    Generic Downloader.c
    Belnow.b
    Belnow.a
    Belnow.c
    Belnow.d
    Generic Downloader.d
    Tembo
    Generic Downloader.s
    Generic Downloader.y
    Swizzor
    Generic Downloader.q
    Generic Dropper.i
    Generic Downloader.ab
    Kakkeys
    Generic VB.c
    Del-500
    Generic.b
    Generic AdClicker.d
Virus (72)
   (52)
    SymbOS/Appdisabler.c!sis
    SymbOS/Commwarrior.g!ezboot
    SymbOS/Commwarrior.h!sis
    SymbOS/Commwarrior.i!exe
    SymbOS/Commwarrior.i!ezboot
    SymbOS/Cabir.ab!sis
    SymbOS/Cabir!lasco
    SymbOS/Commwarrior.b!exe
    SymbOS/Commwarrior.a!exe
    SymbOS/Commwarrior!ezboot
    SymbOS/Commwarrior.b!sis
    SymbOS/Commwarrior.a!sis
    SymbOS/Appdisabler.b!sis
    SymbOS/Appdisabler.a!sis
    SymbOS/Commwarrior.c!exe
    SymbOS/Commwarrior.c!sis
    SymbOS/Cabir.ac!sis
    SymbOS/Commwarrior.g!exe
    SymbOS/Commwarrior.g!sis
    SymbOS/Commwarrior.i!sis
    SymbOS/Commwarrior.h!exe
    SymbOS/Commwarrior.h!ezboot
    SymbOS/Commwarrior.f!exe
    SymbOS/Commwarrior.f!ezboot
    SymbOS/Commwarrior.f!sis
    SymbOS/Commwarrior.d!ezboot
    SymbOS/Commwarrior.d!exe
    SymbOS/Commwarrior.d!sis
    SymbOS/Commwarrior.e!sis
    SymbOS/Cabir.ae!sis
    SymbOS/Commwarrior.e!exe
    SymbOS/Commwarrior.e!ezboot
    SymbOS/Cabir.k!sis
    SymbOS/Cabir.i!sis
    SymbOS/Cabir.b!sis
    SymbOS/Mabtal.b!sis
    SymbOS/Bootton.c!sis
    SymbOS/Bootton.b!sis
    SymbOS/Singlejump.a!sis
    SymbOS/PBsender.c!sis
    SymbOS/PBsender.a!sis
    SymbOS/PBsender.b!sis
    SymbOS/Cabir.l!sis
    SymbOS/Cabir.j!sis
    SymbOS/Cabir.h!sis
    SymbOS/Cabir.ad!sis
    SymbOS/Appdisabler.d!sis
    SymbOS/Mabtal.a!sis
    SymbOS/Bootton.a!sis
    SymbOS/Cadomesk!sis
    SymbOS/Skudoo.b!sis
    SymbOS/Skudoo.a!sis
  Damaged (1)
    W32/Pate.dam
  Dropper (2)
    SymbOS/Cabir.dr
    SymbOS/Cabir.dr!skulls
  Generic (9)
    SymbOS/Commwarrior.gen
    SymbOS/Commwarrior.gen!sis
    SymbOS/Appdisabler.gen!sis
    SymbOS/Cabir.gen!sis
    SymbOS/Singlejump.gen!sis
    SymbOS/Mabtal.gen!sis
    SymbOS/PBsender.gen!sis
    SymbOS/Bootton.gen!sis
    SymbOS/Skudoo.gen!sis
  Script (1)
    VBS/Gedza
  VbScript (1)
    VBS/VBSWG.gen@MM
  Win32 (5)
    W32/Pate.c
    W32/Pate.a
    Generic!Morphine
    W32/Generic.Delphi.a
    W32/Pate.d
  Worm (1)
    W32/Pate.b