Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

Latest Update
DAT Version 4775
DAT Release Date 06/01/2006
Threats Detected 194126
New Detections 19
Enhanced Detections 411

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
StarOffice/StarDust.intd Low-Profiled Low-Profiled

New Detections:

Program (1)
  Unix (1)
    Unix/QuickDNS
Trojan (14)
   (2)
    Spy-Agent.bb
    SoftStop.lnk
  Application extension (1)
    BackDoor-DAC.dll
  Dropper (1)
    MultiDropper-QS
  Keylogger (1)
    Keylog-Naras
  Linux (2)
    Linux/Gata
    Linux/BackDoor
  ProcKill (1)
    ProcKill-DU
  Remote Access (4)
    BackDoor-DAF
    BackDoor-DAC.sys
    BackDoor-DAC
    BackDoor-DAE
  Script (1)
    VBS/Exploit
  Win32 (1)
    SoftStop
Virus (4)
  Damaged (1)
    W32/Sality.dam
  Generic (1)
    W32/MyWife.gen
  Linux (1)
    Linux/Afa
  Macro (1)
    StarOffice/StarDust.intd

Enhanced Detections:

Program (10)
  Adware (3)
    Adware-PurityScan
    Adware-Exactsearch
    Adware-CDNHelper
  Configuration settings (1)
    ServU.ini
  Dropper (1)
    Adware-ExactSearch.dr
  Keylogger (1)
    Keylog-Ardamax.dr
  Password (1)
    PWCrack-Cain
  Win32 (3)
    Winfixer
    Remote Shutdown
    Generic HTool.a
Trojan (375)
   (5)
    Generic Downloader.bd
    Generic BackDoor.bb
    SymbOS/Flexispy
    Generic AdClicker.i
    Brunme
  - (2)
    Vundo.dldr
    Spam-Mailbot
  Application extension (2)
    BackDoor-EX.dll
    Brunme.dll
  Client (31)
    BackDoor-JE.cli
    BackDoor-JC.cli
    BackDoor-HQ.cli
    BackDoor-CA.cli
    BackDoor-HK.cli
    BackDoor-FT.cli
    BackDoor-DK.cli
    BackDoor-CJ.cli
    BackDoor-AB.cli
    BackDoor-AI.cli
    BackDoor-GC.cli
    BackDoor-CI.cli
    BackDoor-FB.cli
    BackDoor-EX.cli
    BackDoor-M.cli
    BackDoor-CQ.cli
    BackDoor-CM.cli
    BackDoor-EJ.cli
    BackDoor-IZ.cli
    BackDoor-AT.cli
    BackDoor-AO.cli
    BackDoor-BN.cli
    BackDoor-CY.cli
    BackDoor-EQ.cli
    BackDoor-CN.cli
    BackDoor-BL.cli
    BackDoor-HY.cli
    BackDoor-CU.cli
    BackDoor-CS.cli
    BackDoor-AW.cli
    BackDoor-GX.cli
  Configuration settings (1)
    BackDoor-GI.ini
  Configurator (6)
    ProcKill-Q.cfg
    BackDoor-CA.cfg
    BackDoor-AI.cfg
    BackDoor-FB.cfg
    BackDoor-CY.cfg
    BackDoor-GX.cfg
  Damaged (1)
    BackDoor-CA.dam
  Damaged Dropper (1)
    BackDoor-CV.dr.dam
  Dialer (1)
    QDial-43
  Downloader (10)
    Downloader-AWR
    Downloader-AAP
    Downloader-YO
    Downloader-YY
    Downloader-ACH
    BackDoor-BL.ldr
    Downloader-ZQ
    PWS-Banker.dldr.b
    Downloader-ASH
    Downloader-AWM
  Dropper (15)
    BackDoor-AGS.dr
    BackDoor-GI.dr
    BackDoor-HQ.dr
    BackDoor-IX.dr
    BackDoor-GY.dr
    BackDoor-FH.dr
    BackDoor-BL.dr
    BackDoor-P.dr
    QDial-43.dr
    BackDoor-AT.dr
    BackDoor-GQ.dr
    BackDoor-AB.dr
    Puper.dr
    BackDoor-DJ.dr
    BackDoor-GK.dr
  Exploit (5)
    Exploit-WebDav.b
    Exploit-phpBB!hilight
    Exploit-CodeBase.chm
    Exploit-MS05-039
    Exploit-1Table
  Generic (9)
    BackDoor-GZ.gen
    Generic Downloader.gen.bf
    Perl/Exploit.gen
    Exploit-OleData.gen
    PWS-Banker.gen.bb
    PWS-Banker.gen.t
    BackDoor-CX.gen
    PWS-Banker.gen.x
    PWS-Banker.gen.v
  Generic Server (2)
    BackDoor-DB.svr.gen
    BackDoor-AB.svr.gen
  Generic Worm (1)
    W32/Sdbot.worm.gen.ax
  Heuristic (2)
    New Malware.u
    New Malware.j
  Malware Tool (2)
    Spam-DarkMail
    Linux/Rootkit-D
  mIRC Worm (1)
    IRC/Jane.worm
  Password (1)
    PWS-LDPinch
  Password Stealer (9)
    PWS-Banker.ad
    PWS-Banker.gen.ac
    PWS-Banker.gen.ba
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-Popo
    W32/Loosky!pws
    PWS-WoW
    PWS-Lineage
  Plugin component (1)
    BackDoor-EE.plugin
  Process (2)
    ProcKill-AE
    ProcKill-AF
  ProcKill (22)
    ProcKill-BW
    ProcKill-H
    ProcKill-F
    ProcKill-BT
    ProcKill-BO
    ProcKill-BJ
    ProcKill-AU
    ProcKill-AL
    ProcKill-AC
    ProcKill-AA
    ProcKill-S
    ProcKill-Q
    ProcKill-P
    ProcKill-M
    ProcKill-L
    ProcKill-K
    ProcKill-J
    ProcKill-F.cln
    ProcKill-D
    ProcKill-C
    ProcKill-CG
    ProcKill-BX
  Proxy (2)
    Proxy-FBSR
    Proxy-Raser
  Remote Access (164)
    Backdoor-CY
    Backdoor-Q
    BackDoor-HF
    BackDoor-BL
    BackDoor-AWQ.b
    BackDoor-DX
    Backdoor-AI.svr
    BackDoor-FQ
    Backdoor-ER
    BackDoor-JQ
    BackDoor-JH
    BackDoor-IV
    BackDoor-IU
    BackDoor-IR
    BackDoor-IL
    BackDoor-HX
    BackDoor-HL
    BackDoor-HB
    BackDoor-GQ
    BackDoor-GI
    BackDoor-JR
    BackDoor-JP
    BackDoor-JN
    BackDoor-JB
    BackDoor-IS
    BackDoor-IK
    BackDoor-ID
    BackDoor-IC
    BackDoor-IB
    BackDoor-IA
    BackDoor-HZ
    BackDoor-HU
    BackDoor-HT
    BackDoor-HS
    BackDoor-HQ
    BackDoor-HP
    BackDoor-GY
    BackDoor-GH
    BackDoor-FX
    BackDoor-FG
    BackDoor-FF
    BackDoor-EU
    BackDoor-AQ
    Wincrash.svr
    BackDoor-HC
    Backdoor-HJ
    Backdoor-CT
    Backdoor-IW
    BackDoor-JD
    Backdoor-EE
    BackDoor-EX
    BackDoor-II
    BackDoor-IF
    BackDoor-HI
    BackDoor-HG
    BackDoor-GX
    BackDoor-GV
    BackDoor-GU
    BackDoor-GB
    BackDoor-FZ
    BackDoor-FL
    BackDoor-FI
    BackDoor-FD
    BackDoor-EZ
    BackDoor-EM
    BackDoor-CL
    BackDoor-AU
    BackDoor-DAB
    BackDoor-JL
    BackDoor-GM
    BackDoor-DB
    BackDoor-FT
    BackDoor-W
    BackDoor-BQ
    BackDoor-AM
    BackDoor-BD
    BackDoor-DR
    BackDoor-FS
    BackDoor-JM
    BackDoor-GS
    BackDoor-EL
    BackDoor-AE
    BackDoor-U
    BackDoor-R
    BackDoor-K
    BackDoor-F
    BackDoor-CR
    BackDoor-CP
    BackDoor-GR
    BackDoor-EI
    BackDoor-EB
    BackDoor-DU
    BackDoor-JK
    BackDoor-JI
    BackDoor-IX
    BackDoor-EK
    BackDoor-EH
    BackDoor-ED
    BackDoor-DY
    BackDoor-DW
    BackDoor-CH
    BackDoor-CF
    BackDoor-IG
    BackDoor-FY
    BackDoor-DT
    BackDoor-IE
    BackDoor-CC
    BackDoor-BZ
    BackDoor-BV
    BackDoor-AO
    BackDoor-DK
    BackDoor-BY
    BackDoor-BP
    BackDoor-BK
    BackDoor-AD
    BackDoor-AA
    BackDoor-DS
    BackDoor-DH
    BackDoor-GN
    BackDoor-GF
    BackDoor-GE
    BackDoor-FW
    BackDoor-BI
    BackDoor-O
    BackDoor-L
    BackDoor-I
    BackDoor-H
    BackDoor-D
    BackDoor-EW
    BackDoor-EV
    BackDoor-ET
    BackDoor-EO
    BackDoor-EN
    BackDoor-JG
    BackDoor-IT
    BackDoor-IO
    BackDoor-CV
    BackDoor-GW
    BackDoor-CWW
    BackDoor-CMQ
    BackDoor-CK
    BackDoor-BH
    BackDoor-BF
    BackDoor-BA
    BackDoor-AV
    BackDoor-HR
    BackDoor-HM
    BackDoor-HH
    BackDoor-HA
    BackDoor-GD
    BackDoor-AS
    BackDoor-M
    BackDoor-FU
    BackDoor-FM
    BackDoor-FJ
    BackDoor-FE
    BackDoor-FC
    BackDoor-X
    BackDoor-P
    BackDoor-BR
    BackDoor-BI.pak
    BackDoor-BG
    BackDoor-BE
    BackDoor-CKB
  Self-extracting archive (1)
    BackDoor-AE.sfx
  Server (57)
    BackDoor-JC.svr
    BackDoor-IN.svr
    BackDoor-GH.svr
    BackDoor-JE.svr
    BackDoor-HK.svr
    BackDoor-GQ.svr
    BackDoor-FT.svr
    BackDoor-EE.svr
    BackDoor-CJ.svr
    BackDoor-JF.svr
    BackDoor-IZ.svr
    BackDoor-HY.svr
    BackDoor-CA.svr
    BackDoor-GC.svr
    BackDoor-CI.svr
    BackDoor-AT.svr
    BackDoor-AB.svr
    BackDoor-CS.svr
    BackDoor-GA.svr
    BackDoor-EJ.svr
    BackDoor-CE.svr
    BackDoor-AP.svr
    BackDoor-GP.svr
    BackDoor-CD.svr
    BackDoor-BX.svr
    BackDoor-BN.svr
    BackDoor-BJ.svr
    BackDoor-DH.svr
    BackDoor-DD.svr
    BackDoor-CY.svr
    BackDoor-CC.svr
    BackDoor-BW.svr
    BackDoor-AM.svr
    BackDoor-DQ.svr
    BackDoor-CZ.svr
    BackDoor-GK.svr
    BackDoor-EQ.svr
    BackDoor-CN.svr
    BackDoor-BL.svr
    BackDoor-EX.svr
    BackDoor-HS.svr
    BackDoor-DN.svr
    BackDoor-DL.svr
    BackDoor-DK.svr
    BackDoor-CV.svr
    BackDoor-AJ.svr
    BackDoor-CU.svr
    BackDoor-CQ.svr
    BackDoor-CP.svr
    BackDoor-CO.svr
    BackDoor-CM.svr
    BackDoor-BB.svr
    BackDoor-AW.svr
    BackDoor-GX.svr
    BackDoor-FH.svr
    BackDoor-BC.svr
    BackDoor-BA.svr
  Win32 (19)
    DollarRevenue
    BackDoor-AB
    Puper
    Generic Downloader.be
    Generic BackDoor.be
    Generic BackDoor.bd
    Generic BackDoor.bc
    Generic BackDoor.ba
    Kurofoo
    ProcKill
    Uploader-AF
    Generic Downloader.y
    Generic RootKit.a
    Generic PWS.o
    Zquest
    Generic BackDoor.u
    Generic Downloader.ab
    Generic Downloader.h
    Generic AdClicker.d
Virus (26)
  Application extension (1)
    W32/Loosky.dll
  Damaged (1)
    W32/Netsky.dam
  Downloader (1)
    W32/Loosky.dldr
  Dropper (2)
    W32/Areses.dr
    W32/Loosky.dr
  Email (1)
    W32/Loosky.e@MM
  Email Generic (1)
    W32/Loosky.gen@mm
  File Infector (1)
    W32/Naras
  Generic (1)
    W32/Loosky.gen
  Generic Worm (10)
    W32/Sdbot.worm.gen.bg
    W32/Gaobot.worm.gen.bj
    W32/Sdbot.worm.gen.ar
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.cc
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.bi
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.bj
    W32/Sdbot.worm.gen.ac
  Trojan (1)
    BackDoor-T
  Unix (1)
    UNIX/Dakness
  Win32 (4)
    New Win32
    Generic BackDoor.bf
    W32/Loosky!proxy
    W32/Loosky!backdoor
  Worm (1)
    W32/Melo.worm.gen