Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

Latest Update
DAT Version 4820
DAT Release Date 08/02/2006
Threats Detected 202807
New Detections 3
Enhanced Detections 296

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Trojan (1)
  Dropper (1)
    Enfal.dr
Virus (2)
   (2)
    SymbOS/Commwarrior.o!exe
    SymbOS/Commwarrior.o!sis

Enhanced Detections:

Program (16)
   (1)
    Generic PUP.a
  Adware (5)
    Adware-SaveNow
    Adware-BB
    Adware-NaviPromo
    Adware-Exactsearch
    Adware-ClickSpring
  Dialer (1)
    Dialer-211
  Downloader (2)
    Adware-LinkMaker.dldr
    AdwareDropper-B.dldr
  Dropper (4)
    Adware-BB.dr
    Adware-SaveNow.dr
    Adware-ExactSearch.dr
    MySearch.dr
  Internet Relay Chat (1)
    IRC-Bircd
  Malware Tool (1)
    PWCrack-MPass
  Win32 (1)
    AdwareDropper-B
Trojan (237)
   (4)
    Generic BackDoor.d
    Generic Keylogger
    Generic.f
    Generic AdClicker.o
  - (4)
    IRC-Bun
    IRC-OhShootBot
    IRC/Flood.mirc
    IRC-Deport
  Application extension (4)
    PWS-Legmir.dll
    Puper.dll
    PWS-Goldun.dll
    AdClicker-BA.dll
  Configurator (2)
    ServU.cfg
    Linux/Stacheldraht.cfg
  Denial Of Svc (1)
    IRC/Flood.i
  Downloader (13)
    IRC-Bun.dldr
    IRC/Flood.s.dldr
    IRC/Flood.s.ldr
    IRC/Flood.r.ldr
    ServU.ldr
    PWS-Banker.dldr.d
    Downloader-AAP
    PWS-Banker.dldr
    Downloader-ABU
    Downloader-ACG
    Downloader-ZQ
    Downloader-ATG
    Downloader-ASH
  Dropper (22)
    IRC/Flood.bq.dr
    IRC/Flood.gen.dr
    IRC/Flood.br.dr
    IRC/Flood.bg.dr
    IRC/Flood.s.dr
    IRC/Flood.b.dr
    IRC/Flood.w.dr
    IRC/Flood.aq.dr
    IRC/Flood.v.dr
    IRC-Demfire.dr
    IRC/Flood.bz.dr
    IRC/Flood.ch.dr
    IRC/Flood.cf.dr
    IRC/Flood.cd.dr
    IRC/Flood.r.dr
    IRC/Flood.cu.dr
    IRC/Flood.da.dr
    ServU.dr
    IRC/Flood.cw.dr
    MultiDropper-QW
    IRC/Flood.ao.dr
    IRC/Flood.dv.dr
  Exploit (61)
    Exploit-ByteVerify
    Linux/Exploit-SendMail
    Linux/Exploit-Bind
    Linux/Exploit-Cgiexp
    Linux/Exploit-Kerio
    Linux/Exploit-Shellcode
    Linux/Exploit-Freeze
    Linux/Exploit-Sqlexp
    Linux/Exploit-Adminer
    Linux/Exploit-Ciscer
    Linux/Exploit-Mulexp
    Linux/Exploit-BOrifice
    Linux/Exploit-Httpd
    Linux/Exploit-Gdslock
    Linux/Exploit-TearDrop
    Linux/Exploit-OpenSSH
    Linux/Exploit-Nhttpd
    Linux/Exploit-Modgz
    Linux/Exploit-SSPing
    Linux/Exploit-Openssl
    Linux/Exploit-Imspd
    Linux/Exploit-Rsync
    Linux/Exploit-Apache
    Linux/Exploit-Honeymoon
    Linux/Exploit-Gildo
    Linux/Exploit-Su
    Linux/Exploit-Vertex
    Linux/Exploit-Racezion
    Linux/Exploit-Proftpd
    Linux/Exploit-Snuq
    Linux/Exploit-Niprint
    Linux/Exploit-Ptrace
    Linux/Exploit-Bonk
    Linux/Exploit-Linuxconf
    Exploit-ObscuredHtml
    Linux/Exploit-Mremap
    Exploit-MSExcel.b.gen
    Linux/Exploit-PRCTL
    Linux/Exploit-Race
    Exploit-MSExcel.c
    Linux/Exploit-Imap
    Linux/Exploit-Maxload
    Linux/Exploit-dobrk
    Linux/Exploit-fstring
    Linux/Exploit-Race30
    Linux/Exploit-Mmap
    Linux/Exploit-Bysin
    Linux/Exploit-Moos
    Linux/Exploit-Nios
    Linux/Exploit-Boink
    Linux/Exploit-Bluez
    JS/Exploit-HelpXSite
    Linux/Exploit-Abrox
    Linux/Exploit-Holob
    Linux/Exploit-Lambida
    Linux/Exploit-Epoll
    Linux/Exploit-Lizard
    Linux/Exploit-Teso
    Linux/Exploit-Ghost
    Linux/Exploit-Odm
    Linux/Exploit-Ftpd
  Flooder (1)
    Linux/FDoS-A
  Generic (8)
    IRC/Flood.gen.b
    PWS-JA.gen
    Exploit-MSExcel.d.gen
    Exploit-MSExcel.f.gen
    PWS-Banker.gen.bb
    PWS-Banker.gen.t
    Downloader-ZQ.gen
    Linux/Nuke.gen
  Generic Worm (1)
    W32/Sdbot.worm.gen.ax
  Heuristic (3)
    New RootKit
    New Malware.n
    New Linux Malware
  Internet Relay Chat (25)
    IRC-Zcrew
    IRC-Caid
    IRC/Flood.b
    IRC/Flood.cl
    IRC-Contact
    IRC/Flood.j
    IRC/Flood.aq
    IRC/Flood.ao
    IRC/Flood.er
    IRC/Flood.ch
    IRC/Flood.ch.hidewin
    IRC/Flood.ci
    IRC/Flood.cs
    IRC-Mutin
    IRC-Fyle
    IRC/Flood.dd
    IRC-Myst
    IRC/Flood.dn
    IRC/Flood.dq
    IRC/Flood.ec
    IRC/Flood.ef
    IRC/Flood.en
    IRC-Daur
    IRC/Flood.ej
    IRC-Xevol
  Linux (5)
    Linux/DDoS-Mstream
    Linux/Kaot
    Linux/Stacheldraht.a
    Linux/Stacheldraht.Telnet
    Linux/Stacheldraht.b
  Malware Tool (8)
    Linux/Rootkit-M
    Linux/Rootkit-I
    Linux/Rootkit-A
    Linux/Rootkit-E
    Linux/Rootkit-C
    Linux/Rootkit-B
    Linux/Rootkit-D
    SunOS/Rootkit-B
  mIRC client (5)
    IRC/Flood.v.mirc
    IRC/Flood.cd.mirc
    IRC/Flood.cf.mirc
    IRC/Flood.bz.mirc
    IRC/Flood.ao.mirc
  Password (2)
    PWS-LegMir
    PWS-LDPinch
  Password Stealer (8)
    PWS-QQRob
    PWS-JA
    PWS-Banker!1d2e
    PWS-Banker.gen.ac
    PWS-Banker.gen.ba
    PWS-Banker.gen.i
    PWS-Goldun.sys
    PWS-WoW
  Proxy (1)
    Proxy-Agent.at
  Remote Access (39)
    BackDoor-ACH
    IRC/Flood.c.dr
    Linux/RootKit-BTM
    BackDoor-AWQ.b
    SunOS/Rootkit-A
    Linux/BackDoor-Cym
    Unix/BackDoor-BFishy
    Linux/BackDoor-Note.b
    Linux/BackDoor-Note.a
    Linux/BackDoor-Small
    Linux/Kokain
    Linux/BackDoor-Promptte
    IRC/Flood.o
    Linux/BackDoor-Bluez.b
    Linux/BackDoor-Scalp
    Linux/BackDoor-GMM
    Linux/BackDoor-Caca
    Linux/BackDoor-Cback
    Linux/BackDoor-Iboyz
    Linux/BackDoor-Longueur
    Linux/BackDoor-Sckit
    Linux/BackDoor-Parasite
    Linux/BackDoor-Gbkdor
    Linux/BackDoor-Bouncer
    Linux/BackDoor-Batamhack
    Linux/BackDoor-Regile
    Linux/BackDoor-Chaploit
    Linux/BackDoor-Rev.b
    Linux/BackDoor-Login
    Linux/BackDoor-Rev
    BackDoor-CQS
    Linux/BackDoor-SitC
    Linux/BackDoor-Rooted
    Linux/BackDoor-Livthe
    Linux/BackDoor-Hid3
    Linux/BackDoor-Bluez
    Linux/BackDoor-Oboy
    BackDoor-CKB
    Linux/BackDoor-Pulamea
  Script (2)
    IRC/Flood.ap.bat
    IRC/Flood.bat.c
  Win32 (17)
    Generic Delphi
    Generic Downloader.c
    Generic MultiDropper.n
    Reboot-AW
    Puper
    Del-502
    Generic BackDoor.be
    Generic BackDoor.bd
    Uploader-AF
    Generic Downloader.k
    Generic PWS.o
    Generic BackDoor.u
    Generic Downloader.ab
    ServU
    Generic Downloader.g
    DDoS-Boxed
    Generic AdClicker.d
  Worm (1)
    IRC/Flood.bq
Virus (43)
   (33)
    SymbOS/Commwarrior.g!ezboot
    SymbOS/Commwarrior.h!sis
    SymbOS/Commwarrior.i!exe
    SymbOS/Commwarrior.i!ezboot
    SymbOS/Commwarrior!exe
    SymbOS/Commwarrior.l!sis
    SymbOS/Commwarrior.j!ezboot
    SymbOS/Commwarrior.c!ezboot
    SymbOS/Commwarrior.b!exe
    SymbOS/Commwarrior.a!exe
    SymbOS/Commwarrior!ezboot
    SymbOS/Commwarrior.b!sis
    SymbOS/Commwarrior.a!sis
    SymbOS/Commwarrior.j!sis
    SymbOS/Commwarrior.n!sis
    SymbOS/Commwarrior.c!exe
    SymbOS/Commwarrior.c!sis
    SymbOS/Commwarrior.l!exe
    SymbOS/Commwarrior.m!sis
    SymbOS/Commwarrior.g!exe
    SymbOS/Commwarrior.g!sis
    SymbOS/Commwarrior.i!sis
    SymbOS/Commwarrior.h!exe
    SymbOS/Commwarrior.h!ezboot
    SymbOS/Commwarrior.f!exe
    SymbOS/Commwarrior.f!ezboot
    SymbOS/Commwarrior.f!sis
    SymbOS/Commwarrior.d!ezboot
    SymbOS/Commwarrior.d!exe
    SymbOS/Commwarrior.d!sis
    SymbOS/Commwarrior.e!sis
    SymbOS/Commwarrior.e!exe
    SymbOS/Commwarrior.e!ezboot
  Damaged Worm (1)
    W32/Sdbot.worm.dam
  Email (1)
    W32/Avon@MM
  Generic (1)
    SymbOS/Commwarrior.gen
  Generic Worm (5)
    W32/Gaobot.worm.gen.g
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.ca
    W32/Sdbot.worm.gen.ag
    W32/Sdbot.worm.gen.t
  Worm (2)
    W32/Nugache@MM
    W32/Opanki.worm