Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

Latest Update
DAT Version 4839
DAT Release Date 08/28/2006
Threats Detected 207031
New Detections 19
Enhanced Detections 258

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (8)
   (1)
    Generic PUP.d
  Adware (1)
    Adware-Ncast
  Client (1)
    RemAdm-Ivy.cli
  Keylogger (1)
    Keylog-SaveKeys
  Spyware (2)
    Spyware-Wiretap
    Spyware-PCProwler
  Win32 (2)
    Generic Downloader.bo
    RemAdm-Ivy.srv
Trojan (8)
   (1)
    SexGame
  Damaged (1)
    MultiDropper-RC.dam
  Disk erasing (1)
    QZap375
  Dropper (1)
    Proxy-Thrap.dr
  Malware Tool (1)
    Spam-Caprobad
  Remote Access (2)
    BackDoor-DJG
    Backdoor-DJH
  Win32 (1)
    Generic Dropper.ah
Virus (3)
  E-mail worm (1)
    W32/Womble@MM
  Win32 (2)
    W32/USBToy.b
    MSIL/Noopys

Enhanced Detections:

Program (12)
  Adware (4)
    Adware-PortalScan
    Adware-YayaBands
    Adware-DesktopMedia
    Adware-EliteMedia
  Dropper (2)
    Adware-UCMore.dr
    Adware-Softomate.dr
  Proxy (1)
    Proxy-Thrap
  Win32 (5)
    SrvAny
    Reboot-Generic
    Winfixer
    OneToolbar
    Generic Dialer.ba
Trojan (161)
   (48)
    Generic BackDoor.d
    Generic.cf
    HLL.7158
    Virri10
    Virri5
    Undernets.txt
    Virri11
    Undernets
    Terminate
    TBrain
    Spider
    QSD24
    PCB
    QScare
    PkgFormat
    Lozilka
    KIW
    Hack
    FormatA
    Glide
    Adinf
    HLL.Big
    SymbOS/MultiDropper.bq!sis
    SymbOS/MultiDropper.bo!sis
    SymbOS/MultiDropper.bx!sis
    SymbOS/MultiDropper.bp!sis
    SymbOS/MultiDropper.bz!sis
    SymbOS/MultiDropper.bs!sis
    SymbOS/MultiDropper.br!sis
    SymbOS/MultiDropper.bf!sis
    SymbOS/MultiDropper.bw!intd
    SymbOS/MultiDropper.bj!sis
    SymbOS/MultiDropper.bh!sis
    SymbOS/MultiDropper.bn!sis
    SymbOS/MultiDropper.cb!sis
    Generic BackDoor.bb
    SymbOS/MultiDropper.bv!sis
    SymbOS/MultiDropper.bt!sis
    SymbOS/MultiDropper!sis
    SymbOS/MultiDropper.bu!sis
    SymbOS/MultiDropper.bl!sis
    SymbOS/MultiDropper.bk!sis
    SymbOS/MultiDropper.bi!sis
    SymbOS/MultiDropper.bg!sis
    Generic.f
    Generic AdClicker.q
    Spy-Agent.ac
    SymbOS/MultiDropper.ca!sis
  Application extension (5)
    PWS-Legmir.dll
    BackDoor-AWQ.dll
    BackDoor-CKB.dll
    PWS-WoW.dll
    PWS-Lineage.dll
  Application extension Generi (1)
    Puper.dll.gen
  Configurator (2)
    Generic PWS.b.cfg
    BackDoor-CEP.cfg
  Dialer (1)
    QDial-45
  Disk erasing (6)
    QZap115
    QZap154
    QZap67
    QZap194
    QZap111
    QZap114
  Downloader (12)
    PWS-Banker.bl.dldr
    QDial-45.dldr
    PWS-Banker.dldr.d
    BackDoor-CMQ.dldr
    Downloader-AFW
    PWS-Banker.dldr
    Downloader-AVV
    Downloader-ZQ
    PWS-Banker.dldr.c
    Downloader-ASH
    Downloader-AXO
    Downloader-QM
  Dropper (5)
    PWS-Legmir.dr
    BackDoor-CKB.dr
    BackDoor-CEP.dr
    PWS-Banker.dr.a
    Allsum.dr
  Exploit (1)
    Exploit-MSExcel.b.gen
  File Deletion (1)
    Enimen
  Generic (11)
    VB-QDel.gen
    PWS-Banker.gen.ad
    PWS-Banker.gen.bb
    PWS-Banker.gen.l
    PWS-Banker.gen.o
    PWS-Banker.gen.g
    BackDoor-CKB.gen
    ServU-Daemon.gen.ba
    Spam-Mailbot.gen
    PWS-Banker.gen.bc
    PWS-LegMir.gen.e
  Generic Worm (1)
    W32/Sdbot.worm.gen.ax
  Heuristic (2)
    New Malware.n
    New Malware.u
  Malware Tool (4)
    Yamin.kit
    TBTrj.kit
    THC.kit
    Spam-Gadina
  Password (2)
    PWS-LegMir
    PWS-QQPass
  Password Stealer (11)
    Generic PWS.b
    PWS-Gamania
    PWS-QQRob
    PWS-JA
    PWS-Banker.bl
    PWS-Banker.gen.ba
    PWS-Banker.gen.i
    PWS-Zhengtu
    PWS-Hangame
    PWS-WoW
    PWS-Lineage
  Proxy (2)
    Proxy-FBSR
    Proxy-Agent.o
  Remote Access (10)
    BackDoor-AWQ.b
    BackDoor-CKB.sys
    BackDoor-DIZ
    BackDoor-CKB!rootkit
    BackDoor-CPY
    BackDoor-CTA
    Generic BackDoor.l
    BackDoor-CRK
    BackDoor-CMQ
    BackDoor-CEP
  Script (2)
    Virri3.bat
    Virri6 or 7
  Spam (1)
    Spam-Loot
  Win32 (33)
    Generic VB
    Generic Downloader.a
    Generic Delphi
    Generic Downloader.c
    DollarRevenue
    Generic Dropper.af
    Generic MultiDropper.n
    HackerDefender.sys
    Generic VB.b
    Generic Uploader.a
    FakeAlert-C
    Puper
    Generic Downloader.bl
    Generic StartPage.f
    Generic Dropper.ag
    Generic BackDoor.be
    Generic BackDoor.bc
    Generic Downloader.af
    Generic Dropper.ad
    Generic Downloader.q
    Generic PWS.o
    Generic QLowZones.a
    Generic Dropper.i
    Generic Del.c
    Generic BackDoor.u
    Generic Downloader.ab
    Vundo
    Generic Downloader.aq
    Generic AdClicker.p
    Del-500
    Generic Dropper.w
    LogOff
    Generic AdClicker.d
Virus (85)
   (7)
    HLLT.Ppz.8586
    HLLT.Ppz.8516
    HLLT.Ppz.8515
    HLLT.Ppz.8514
    HLLT.Ppz.7864
    HLLT.2783
    HLL.Membrain
  Companion (1)
    HLL.cmp.18287
  Companion Dropper (1)
    HLL.cmp.18287.dr
  Companion Dropper Unpacked (1)
    HLL.cmp.18287.dr.unp
  Damaged Worm (2)
    W32/Gaobot.worm.dam
    W32/Sdbot.worm.dam
  Dropper Worm (1)
    W32/Sdbot.worm.dr
  E-mail (1)
    W32/Mytob.bh@MM
  Email (33)
    W32/Stration@MM
    W32/Mytob.ak@MM
    W32/Mytob.am@MM
    W32/Mytob.ar@MM
    W32/Mytob.aq@MM
    W32/Mytob.ex@MM
    W32/Rontokbro.a@MM
    W32/Rontokbro.b@MM
    W32/Mytob.gk@MM
    W32/Mytob.cu@MM
    W32/Mytob.ce@MM
    W32/Mytob.dg@MM
    W32/Mytob.dc@MM
    W32/Mytob.r@MM
    W32/Mytob.di@MM
    W32/Mytob.df@MM
    W32/Mytob.dj@MM
    W32/Mytob.v@MM
    W32/Mytob.u@MM
    W32/Mytob.t@MM
    W32/Mytob.y@MM
    W32/Mytob.cz@MM
    W32/Mytob.dm@MM
    W32/Mytob.ah@MM
    W32/Mytob.dq@MM
    W32/Mytob.dt@MM
    W32/Mytob.ag@MM
    W32/Mytob.an@MM
    W32/Mytob.ec@MM
    W32/Mytob.ef@MM
    W32/Mytob.eo@MM
    W32/Mytob.er@MM
    W32/Mytob.ep@MM
  Email Generic (2)
    W32/Rontokbro.gen@MM
    W32/Mytob.gen@MM
  Generic (1)
    W32/Rontokbro.gen!htm
  Generic Worm (13)
    W32/Gaobot.worm.gen.e
    W32/Sdbot.worm.gen.bg
    W32/Sdbot.worm.gen.l
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.ca
    W32/Sdbot.worm.gen.bs
    W32/Sdbot.worm.gen.ai
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.bi
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.y
    W32/Sdbot.worm.gen.z
    W32/Sdbot.worm.gen.t
  Heuristic (1)
    New Malware.b
  Intended (1)
    W32/Balog.intd
  Internet Worm (3)
    W32/Generic.worm!p2p
    W32/Sdbot.worm!MS05-039
    W32/Sdbot.worm!MS06-040
  Overwriting (1)
    HLL.ow
  Parasitic (1)
    HLLP.8875
  Unpacked (8)
    HLLT.2783.unp
    HLLP.8875.unp
    HLLT.Ppz.8586.unp
    HLLT.Ppz.8516.unp
    HLLT.Ppz.8515.unp
    HLLT.Ppz.8514.unp
    HLLT.Ppz.7864.unp
    HLLT.Krile.5017.unp
  Win32 (6)
    W32/USBToy
    W32/Detnat.b
    W32/Detnat.a
    W32/Detnat.c
    W32/Generic.x
    W32/Generic.m
  Worm (1)
    W32/Dedler.worm