Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4566
DAT Release Date 08/24/2005
Threats Detected 145253
New Detections 39
Enhanced Detections 229

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (6)
  Adware (2)
    Adware-Netster
    Adware-MagicSearch
  Dialer (2)
    Dialer-277
    Dialer-276
  Dropper (1)
    Adware-EliteBar.dr
  Tool (1)
    Tool-Hanai
Trojan (25)
   (1)
    Oodle
  Application extension (2)
    AdClicker-DF.dll
    Proxy-Agent.u.dll
  Dialer (1)
    QDial-34
  Downloader (2)
    Downloader-AEJ
    Downloader-AEI
  Dropper (4)
    MultiDropper-NY
    MultiDropper-NY!chm
    BackDoor-CUC.dr
    MultiDropper-NZ
  Exploit (1)
    Linux/Exploit-LDT
  Password Stealer (3)
    PWS-Banker.ah
    PWS-Banker.ae
    PWS-Banker.ae.sys
  Proxy (1)
    Proxy-Agent.u
  Remote Access (1)
    BackDoor-CUC
  Script (8)
    Bat/tray
    Bat/send
    Bat/repo
    Bat/qd320
    Bat/net9
    Bat/net8
    Bat/dt152
    Bat/avk72
  Win32 (1)
    Del-483
Virus (8)
   (1)
    Muv
  Application extension (1)
    W32/Monikey.dll
  Dropper (1)
    3Tunes.dr
  Email (1)
    W32/Mytob.fm@MM
  Generic (1)
    W32/Monikey.gen
  Worm (3)
    VBS/Azoog.worm
    W32/Zotob.worm.e
    W32/Korgo.worm.aj

Enhanced Detections:

Internet Worm (4)
  E-mail (4)
    W32/Bagle.gen@MM
    W32/Mytob.bk@MM
    W32/Mydoom.u@MM
    W32/Mydoom.v@MM
Program (15)
  - (1)
    PrcView
  Adware (9)
    Adware-TVMedia
    Adware-Lop
    Adware-GogoTools
    Adware-Megasearch
    Adware-PigSearch
    Adware-LFGames
    Adware-WinAd
    Adware-DirectIP
    Adware-EliteBar
  Dialer (1)
    Dialer-262
  Dropper (1)
    Keylog-Ardamax.dr
  Generic (1)
    Adware-Url.gen
  Registry (2)
    Reg-DetectKeys16
    Reg-DetectNames13
Trojan (63)
   (5)
    Generic component
    Generic.ca
    Generic BackDoor.bb
    Generic BackDoor.t
    Generic.f
  Adware (1)
    Adclicker-DF
  Application extension (2)
    Keylog-HKH.dll
    PWS-Banker.ae.dll
  Downloader (3)
    Downloader-AAP
    Downloader-YU
    Downloader-ZX
  Dropper (2)
    MultiDropper-BN
    PWS-Banker.dr.a
  Dropper Generic (1)
    PWS-Banker.gen.dr
  Generic (7)
    IRC/Flood.gen.b
    PWS-Banker.gen.ba
    PWS-Banker.gen.bb
    PWS-Banker.gen.b
    PWS-Banker.gen.i
    ServU-Daemon.gen.ba
    Downloader-PO.gen
  Heuristic (1)
    New Malware.n
  Internet Relay Chat (1)
    IRC-Contact
  Password (1)
    PWS-LegMir
  Password Stealer (3)
    Generic PWS.f
    Generic PWS.j
    PWS-Lineage
  Proxy (1)
    Proxy-FBSR
  Remote Access (9)
    IRC/Flood.c.dr
    IRC-BBot
    BackDoor-ASB
    BackDoor-AWQ.b
    BackDoor-CEB
    BackDoor-TC
    BackDoor-CTO.sys
    BackDoor-CPV
    BackDoor-CKB
  Script (1)
    Bat/dt151
  Spyware (1)
    Keylog-Perfect.dr
  StartPage (1)
    StartPage-FY
  Win32 (23)
    Generic VB
    Generic Downloader.a
    W32/Bagle.x!proxy
    HackerDefender
    Generic Delphi
    Generic Downloader.c
    Generic BackDoor.e
    Generic AdClicker.e
    Generic BackDoor.c
    Generic Downloader.p
    Generic Downloader.s
    Generic BackDoor.ba
    Generic AdClicker.b
    Generic Downloader.x
    Generic PWS.o
    Generic AdClicker.a
    Generic Downloader.ab
    Generic Dropper.k
    Kakkeys
    Generic VB.c
    AdClicker-BA
    DDoS-Boxed
    Generic.da
Virus (147)
   (1)
    Glew.4275
  Dropper (1)
    Jerusalem.dr
  Dropper Email (1)
    W32/Mytob.dr@MM
  E-mail (25)
    W32/Bagle.b@MM
    W32/Mydoom.o@MM
    W32/Mydoom.be@MM
    W32/Mytob.be@MM
    W32/Mytob.bi@MM
    W32/Mytob.bj@MM
    W32/Mytob.bo@MM
    W32/Mytob.bl@MM
    W32/Mytob.br@MM
    W32/Mytob.bw@MM
    W32/Mytob.cc@MM
    W32/Mytob.bf@MM
    W32/Mytob.cg@MM
    W32/Mytob.ch@MM
    W32/Mydoom.bb@MM
    W32/Mydoom.bc@MM
    W32/Mydoom.bd@MM
    W32/Mydoom.bf@MM
    W32/Mytob.cv@MM
    W32/Mytob.da@MM
    W32/Mytob.el@MM
    W32/Mydoom.ap@MM
    W32/Mydoom.ae@MM
    W32/Bagle.ad@MM
    W32/Mytob.eu@MM
  E-mail worm (9)
    W32/Bagle.q@MM
    W32/Bagle.t@MM
    W32/Bagle.u@MM
    W32/Bagle.r@MM
    W32/Bagle.s@MM
    W32/Bagle.z@MM
    W32/Bagle.aa@MM
    W32/Mydoom.n@MM
    W32/Mydoom.ab@MM
  Email (72)
    W32/Bagle.al@MM
    W32/Bagle.a@MM
    W32/Mytob.b@MM
    W32/Mytob.a@MM
    W32/Mytob.ev@MM
    W32/Mytob.as@MM
    W32/Mytob.ap@MM
    W32/Mytob.at@MM
    W32/Mytob.fb@MM
    W32/Mydoom.d@MM
    W32/Mytob.av@MM
    W32/Mytob.au@MM
    W32/Mydoom.ba@MM
    W32/Mydoom.ay@MM
    W32/Mydoom.az@MM
    W32/Mydoom.ax@MM
    W32/Mytob.bg@MM
    W32/Mytob.bx@MM
    W32/Mytob.cd@MM
    W32/Mytob.cp@MM
    W32/Mytob.cn@MM
    W32/Mytob.cj@MM
    W32/Mytob.bm@MM
    W32/Mytob.bn@MM
    W32/Mytob.dh@MM
    W32/Mytob.p@MM
    W32/Mytob.r@MM
    W32/Mytob.e@MM
    W32/Mytob.c@MM
    W32/Mytob.m@MM
    W32/Mytob.g@MM
    W32/Mytob.bt@MM
    W32/Mytob.bp@MM
    W32/Mytob.cm@MM
    W32/Mytob.ct@MM
    W32/Mytob.cf@MM
    W32/Mytob.dd@MM
    W32/Mytob.bz@MM
    W32/Mytob.ca@MM
    W32/Mytob.q@MM
    W32/Mytob.h@MM
    W32/Mytob.n@MM
    W32/Mytob.f@MM
    W32/Mytob.d@MM
    W32/Mytob.u@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.w@MM
    W32/Mytob.co@MM
    W32/Mytob.cs@MM
    W32/Mytob.dk@MM
    W32/Mytob.dz@MM
    W32/Mytob.eb@MM
    W32/Mytob.ee@MM
    W32/Mytob.ab@MM
    W32/Mytob.af@MM
    W32/Mytob.dp@MM
    W32/Mytob.ds@MM
    W32/Mytob.dx@MM
    W32/Mytob.ea@MM
    W32/Mytob.ec@MM
    W32/Mytob.ed@MM
    W32/Mytob.ej@MM
    W32/Mytob.ek@MM
    W32/Mydoom.af@MM
    W32/Mydoom.ad@MM
    W32/Mydoom.ar@MM
    W32/Mydoom.y@MM
    W32/Mytob.es@MM
    W32/Mytob.eq@MM
    W32/Mytob.et@MM
    W32/Mydoom.ac@MM
  Email Generic (2)
    W32/Mydoom.gen@MM
    W32/Mytob.gen@MM
  Email Worm (1)
    W32/Mydoom.r@MM
  Generic (2)
    Generic Downloader.gen.be
    W32/Bagle.gen
  Generic Worm (15)
    W32/Zotob.worm.gen
    W32/IRCbot.worm.gen
    W32/Sdbot.worm.gen.w
    W32/Sdbot.worm.gen.bg
    W32/Gaobot.worm.gen.bj
    W32/Sdbot.worm.gen.ar
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.i
    W32/Sdbot.worm.gen.bd
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.bj
    W32/Sdbot.worm.gen.bw
    W32/Sdbot.worm.gen.ac
    W32/Korgo.worm.gen
  Internet Relay Chat (1)
    W32/IRCbot.worm!MS05-039
  Internet Worm (3)
    W32/Zotob.worm.b
    W32/Zotob.worm.c
    W32/Zotob.worm.d
  Script (1)
    Univ.script/99a
  Win32 (6)
    W32/Bagle.ap
    W32/Bagle.bm
    W32/Bagle.as
    W32/Bagle.bi
    W32/Bagle.ax
    W32/Bagle.ay
  Worm (7)
    W32/Zotob.worm.a
    W32/Mytob.worm!im
    W32/Korgo.worm.ag
    W32/Korgo.worm.ai
    W32/Opanki.worm
    W32/Mydoom.t@MM
    W32/Korgo.worm.ah