Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4596
DAT Release Date 10/04/2005
Threats Detected 151760
New Detections 40
Enhanced Detections 225

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (14)
   (2)
    IMIServ
    AVGold.url
  Adware (4)
    Adware-XPlugin!chm
    Adware-SrchExplorer
    Adware-KlikSearch
    Adware-GAIN.lnk
  Cookie (3)
    Cookie-TopRebates
    Cookie-SearchPortal
    Cookie-DelfinProject
  Demonstration (1)
    Demo-ZaBypass
  Registry (1)
    Reg-DetectKeys25
  Source code (1)
    PWCrack-Cisco.src
  Win32 (2)
    WinFW
    AVGold
Trojan (23)
   (2)
    ServU Install
    Generic PWS.u
  Adware (1)
    AdClicker-DI
  Downloader (2)
    Downloader-AFP
    Downloader-AFO
  Dropper (1)
    IRC/Flood.eu.dr
  Exploit (9)
    Exploit-Virtools
    Exploit-MTAboom
    Exploit-Bypass
    JS/Exploit-XMLhttp.c
    UNIX/Exploit-Wzdftpd
    Exploit-RealPix
    UNIX/Exploit-Qpopper
    JS/Exploit-Nateon
    UNIX/Exploit-Bugtrac
  Internet Relay Chat (1)
    IRC/Flood.eu
  Remote Access (1)
    BackDoor-CUV
  Script (1)
    Bat/Psyme
  Source code (3)
    Exploit-Virtools.src
    Exploit-RealPlay.src
    Exploit-Imap.src
  StartPage (1)
    StartPage-IB
  Win32 (1)
    Generic Downloader.an
Virus (3)
  Email (3)
    W32/Mytob.ft@MM
    W32/Mytob.fs@MM
    W32/BTest@MM

Enhanced Detections:

Internet Worm (1)
  E-mail (1)
    W32/Mytob.bk@MM
Program (54)
   (1)
    Generic Adware.c
  Adware (29)
    Adware-Virtumundo
    Adware-180SA
    Adware-BDE
    Adware-Look2Me
    Adware-CWS
    Adware-PurityScan
    Adware-BHO.gen
    Adware-Gain
    Adware-SearchAid
    Adware-DogPile
    Adware-WhileUSurf
    Adware-Ezula.lnk
    Adware-Lop
    Adware-SpySheriff
    Adware-BonziBuddy
    Adware-KeenValue
    Adware-Megasearch
    Adware-RXBar
    Adware-MWS
    Adware-MySearch
    Adware-abetterintrnt.inf
    Adware-WinAd
    Adware-ISearch
    Adware-Instafinder
    Adware-EliteBar
    Adware-DCToolbar
    Adware-BroadCastPC
    Adware-abetterintrnt
    Adware-BestSearch
  Application extension (3)
    Clearsearch.dll
    Adware-SafeSurf.dll
    Adware-Ezula.dll
  Demonstration (4)
    Demo-CitiPass
    Demo-Eploit
    Demo-APIDump
    Demo-Magi
  Downloader (2)
    Adware-XPlugin.dldr
    Adware-abetterintrnt.dldr
  Dropper (8)
    Adware-SAHAgent.dr
    Adware-EliteBar.dr
    Adware-ExactSearch.dr
    Adware-WinAd.dr
    Adware-Websearch.dr
    Adware-180SA.dr
    Adware-CasClient.dr
    Adware-Adroar.dr
  Password (1)
    Winspy
  Registry (2)
    Reg-DetectNames14
    FastSearchWeb
  StartPage (1)
    Startpage-YBM
  Win32 (3)
    Raze
    AdwareDropper-F
    WinFixer
Trojan (56)
   (4)
    Generic component
    AdClicker-CR
    Generic.ca
    Generic BackDoor.bb
  - (2)
    Bedrill
    AdClicker-AJ
  Application extension (3)
    BackDoor-BAC.dll
    PWS-Banker.dll
    AdClicker-BA.dll
  Downloader (5)
    Generic Downloader.gen.be
    Adclicker-BA.dldr
    PWS-Banker.dldr
    Downloader-ABU
    Downloader-YN
  Dropper (1)
    BackDoor-BAC.dr
  Exploit (3)
    VBS/Psyme
    Exploit-ObscuredHtml
    Exploit-1Table
  Generic (6)
    Exploit-URLSpoof.gen
    BackDoor-BAC.gen
    PWS-Banker.gen.ba
    PWS-Banker.gen.bb
    PWS-Banker.gen.h
    PWS-Banker.gen.g
  Heuristic (4)
    New Malware.n
    New Malware.t
    New Malware.j
    New Malware.f
  Password (1)
    PWS-LDPinch
  Password Stealer (4)
    Generic PWS.b
    PWS-Banker.ad
    PWS-RemotePassSteal
    PWS-Lineage
  Remote Access (4)
    BackDoor-AWQ.b
    BackDoor-CPV
    Generic BackDoor.m
    Generic BackDoor.o
  StartPage (1)
    StartPage-FC
  Win32 (18)
    Generic Downloader.a
    Generic BackDoor.b
    Generic Dropper.a
    AdSquash
    Puper
    Generic BackDoor.bc
    Generic BackDoor.ba
    Generic Downloader.y
    Generic Downloader.q
    Generic PWS.o
    Generic AdClicker.a
    Generic MSVC.b
    Generic Downloader.ab
    Generic BackDoor.w
    AdClicker-BA
    Generic Downloader.g
    Lazarus
    Spy-Agent.k
Virus (114)
   (3)
    Mirrorop.c
    Mirrorop.b
    Mirrorop.a
  Damaged (3)
    Mirrorop.dam
    W32/Mytob.dam
    W32/Netsky.dam
  Damaged Worm (1)
    W32/Sdbot.worm.dam
  Dropper Email (1)
    W32/Mytob.dr@MM
  E-mail (9)
    W32/Mytob.be@MM
    W32/Mytob.bi@MM
    W32/Mytob.bj@MM
    W32/Mytob.bo@MM
    W32/Mytob.bl@MM
    W32/Mytob.br@MM
    W32/Mytob.bf@MM
    W32/Mytob.cg@MM
    W32/Mytob.ch@MM
  Email (82)
    W32/Mytob.b@MM
    W32/Mytob.a@MM
    W32/Mytob.ao@MM
    W32/Mytob.al@MM
    W32/Mytob.ev@MM
    W32/Mytob.ew@MM
    W32/Mytob.at@MM
    W32/Mytob.fa@MM
    W32/Mytob.aw@MM
    W32/Mytob.av@MM
    W32/Mytob.au@MM
    W32/Mytob.fr@MM
    W32/Mytob.ba@MM
    W32/Mytob.bc@MM
    W32/Mytob.bb@MM
    W32/Mytob.bd@MM
    W32/Mytob.bg@MM
    W32/Mytob.bu@MM
    W32/Mytob.bq@MM
    W32/Mytob.by@MM
    W32/Mytob.bx@MM
    W32/Mytob.cd@MM
    W32/Mytob.cq@MM
    W32/Mytob.ck@MM
    W32/Mytob.bn@MM
    W32/Mytob.cw@MM
    W32/Mytob.dh@MM
    W32/Mytob.p@MM
    W32/Mytob.i@MM
    W32/Mytob.k@MM
    W32/Mytob.r@MM
    W32/Mytob.e@MM
    W32/Mytob.c@MM
    W32/Mytob.m@MM
    W32/Mytob.g@MM
    W32/Mytob.bs@MM
    W32/Mytob.bt@MM
    W32/Mytob.bp@MM
    W32/Mytob.ct@MM
    W32/Mytob.cf@MM
    W32/Mytob.de@MM
    W32/Mytob.dd@MM
    W32/Mytob.ca@MM
    W32/Mytob.cb@MM
    W32/Mytob.do@MM
    W32/Mytob.dl@MM
    W32/Mytob.h@MM
    W32/Mytob.j@MM
    W32/Mytob.l@MM
    W32/Mytob.o@MM
    W32/Mytob.n@MM
    W32/Mytob.f@MM
    W32/Mytob.d@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.y@MM
    W32/Mytob.cr@MM
    W32/Mytob.cl@MM
    W32/Mytob.ci@MM
    W32/Mytob.cs@MM
    W32/Mytob.cx@MM
    W32/Mytob.cy@MM
    W32/Mytob.dn@MM
    W32/Mytob.dk@MM
    W32/Mytob.dz@MM
    W32/Mytob.eb@MM
    W32/Mytob.ei@MM
    W32/Mytob.aa@MM
    W32/Mytob.ad@MM
    W32/Mytob.dw@MM
    W32/Mytob.dv@MM
    W32/Mytob.ds@MM
    W32/Mytob.du@MM
    W32/Mytob.ea@MM
    W32/Mytob.aj@MM
    W32/Mytob.z@MM
    W32/Mytob.eg@MM
    W32/Mytob.ej@MM
    W32/Mytob.em@MM
    W32/Mytob.en@MM
    W32/Mytob.es@MM
    W32/Mytob.eq@MM
  Email Generic (1)
    W32/Mytob.gen@MM
  Generic Worm (9)
    W32/Sdbot.worm.gen.w
    W32/Sdbot.worm.gen.bg
    W32/Sdbot.worm.gen.n
    W32/Sdbot.worm.gen.bz
    W32/Sdbot.worm.gen.bi
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.ak
    W32/Sdbot.worm.gen.ac
    W32/Sdbot.worm.gen.q
  Heuristic (2)
    New AOL
    New Script.ext
  VbScript (1)
    New Script
  Worm (2)
    W32/Mytob.worm!im
    W32/Opanki.worm