Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4635
DAT Release Date 11/23/2005
Threats Detected 160615
New Detections 23
Enhanced Detections 196

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (7)
  Malware Tool (6)
    VTool/macro5
    VTool/macro3
    VTool/clm
    VTool/bc
    VTool/macro4
    VTool/macro2
  Win32 (1)
    ServMan
Trojan (6)
  Application extension (1)
    Proxy-Agent.af.dll
  Downloader (2)
    Downloader-AQW
    W32/Bagle.gen!7B14EBCA
  Proxy (1)
    Proxy-Agent.af
  Remote Access (1)
    BackDoor-CVT
  Win32 (1)
    AdClicker-DR
Virus (10)
   (6)
    Grog.765
    Malmsey.1712
    FiveLo
    Watshi.2048
    Happycom.1089
    Brutus.296
  Damaged (1)
    Sober.dam
  Downloader (1)
    W32/Bagle.gen@MM!9725
  Email (1)
    W32/Mytob.gy@MM
  Email Generic (1)
    W32/Mytob.gen@MM!48e7

Enhanced Detections:

Internet Worm (2)
  E-mail (2)
    W32/Mytob.bk@MM
    W32/Mydoom.u@MM
Program (15)
   (1)
    VSource/tiny
  Adware (5)
    Adware-Apropos
    Adware-SpySheriff
    Adware-SearchFast
    Adware-DollarRevenue
    Adware-AdBlaster
  Application extension (1)
    Adware-Apropos.dll
  Dialer (1)
    Dialer-238
  Dropper (2)
    Adware-RBlast.dr
    Adware-Apropos.dr
  Generic (2)
    Adware-abetterintrnt.gen.a
    Adware-Url.gen
  Registry (2)
    Reg-DetectKeys25
    Reg-DetectNames14
  Win32 (1)
    Winfixer
Trojan (60)
   (5)
    Generic BackDoor.d
    Generic BackDoor.bb
    Generic.dc
    Generic PWS.q
    Generic.cb
  Application extension (2)
    PWS-Legmir.dll
    PWS-Lineage.dll
  Configurator (1)
    BackDoor-CEP.cfg
  Downloader (3)
    Downloader-DC
    W32/Bagle.dk
    Downloader-ACH
  Dropper (4)
    PWS-LDPinch.dr
    BackDoor-CEP.dr
    PWS-Banker.dr.a
    PWS-Lineage.dr
  Dropper Generic (1)
    PWS-Banker.gen.dr
  Exploit (2)
    Exploit-ByteVerify
    Exploit-ByteVerify.a
  Generic (5)
    Generic Downloader.gen.bd
    Generic Downloader.gen.be
    PWS-Banker.gen.ba
    PWS-Banker.gen.bb
    PWS-Banker.gen.i
  Heuristic (1)
    New Malware.n
  Internet Relay Chat (1)
    IRC/Flood.eq
  Password (2)
    PWS-LegMir
    PWS-LDPinch
  Password Stealer (5)
    PWS-Gamania
    PWS-QQRob
    PWS-JB
    PWS-Hangame
    PWS-Lineage
  Remote Access (7)
    BackDoor-ARR
    BackDoor-AWQ.b
    BackDoor-CVO
    BackDoor-CMR
    Generic BackDoor.k
    BackDoor-CKB
    BackDoor-CEP
  Server (1)
    BackDoor-ARR.svr
  Spam (1)
    Spam-Maxy
  StartPage (3)
    StartPage-HI
    StartPage-DF
    StartPage-DH
  Tool (1)
    Tool-TRCL
  Win32 (15)
    Generic MultiDropper.d
    Oleloa
    Generic Downloader.bb
    Generic BackDoor.bc
    Generic BackDoor.ba
    Generic Downloader.k
    DNSChanger.a
    Generic QLowZones.a
    Generic BackDoor.u
    Generic Downloader.ab
    DNSChanger.d
    Kakkeys
    Generic.b
    Generic BackDoor.i
    Generic StartPage.l
Virus (119)
   (1)
    Brownie.688
  Application extension (1)
    W32/Bagle.dk.dll
  Boot (1)
    Killdisk
  Damaged (1)
    W32/Etap.dam
  Dropper Email (1)
    W32/Mytob.dr@MM
  E-mail (12)
    W32/Mytob.be@MM
    W32/Mytob.bi@MM
    W32/Mytob.bj@MM
    W32/Mytob.bo@MM
    W32/Mytob.bl@MM
    W32/Mytob.br@MM
    W32/Mytob.bf@MM
    W32/Mytob.cg@MM
    W32/Mytob.ch@MM
    W32/Mydoom.bg@MM
    W32/Sober@MM!M681
    W32/Mydoom.k@MM
  Email (59)
    W32/Mydoom.i@MM
    W32/Mytob.b@MM
    W32/Mytob.a@MM
    W32/Mytob.ev@MM
    W32/Mytob.at@MM
    W32/Mytob.av@MM
    W32/Mytob.au@MM
    W32/Mydoom.bh@MM
    W32/Mytob.fy@MM
    W32/Mytob.fw@MM
    W32/Mytob.fx@MM
    W32/Mytob.gg@MM
    W32/Mytob.gl@MM
    W32/Mytob.gj@MM
    W32/Mytob.gi@MM
    W32/Mytob.bg@MM
    W32/Mytob.bx@MM
    W32/Mytob.cd@MM
    W32/Mydoom.bl@MM
    W32/Mydoom.bk@MM
    W32/Mytob.gd@MM
    W32/Mytob.gc@MM
    W32/Mytob.gb@MM
    W32/Mytob.ga@MM
    W32/Mytob.gf@MM
    W32/Mytob.gp@MM
    W32/Mytob.gq@MM
    W32/Mytob.bn@MM
    W32/Mytob.dh@MM
    W32/Mytob.r@MM
    W32/Mytob.e@MM
    W32/Mytob.c@MM
    W32/Mytob.gt@MM
    W32/Mytob.g@MM
    W32/Mytob.bt@MM
    W32/Mytob.bp@MM
    W32/Mytob.ct@MM
    W32/Mytob.cf@MM
    W32/Mytob.dd@MM
    W32/Mytob.ca@MM
    W32/Mytob.n@MM
    W32/Mytob.f@MM
    W32/Mytob.d@MM
    W32/Mytob.cs@MM
    W32/Mytob.dk@MM
    W32/Mytob.dz@MM
    W32/Mytob.eb@MM
    W32/Mytob.ds@MM
    W32/Mytob.ea@MM
    W32/Mytob.gu@MM
    W32/Mytob.gx@MM
    W32/Mytob.ej@MM
    W32/Mytob.gw@MM
    W32/Mytob.gz@MM
    W32/Mytob.gv@MM
    W32/Mydoom.m@MM
    W32/Mydoom.l@MM
    W32/Mytob.es@MM
    W32/Mytob.eq@MM
  Email Generic (11)
    W32/Sober.gen@MM
    W32/Mydoom.gen@MM
    W32/Mytob.gen@MM
    W32/Mytob.gen@MM!3715
    W32/Mytob.gen@MM!55e5
    W32/Mytob.gen@MM!e82
    W32/Mytob.gen@MM!15d
    W32/Mytob.gen@MM!2adb
    W32/Mytob.gen@MM!59e8
    W32/Mytob.gen@MM!72a5
    W32/Mytob.gen@MM!68b8
  File Infector (1)
    Generic
  Generic (2)
    W32/Etap.gen
    W32/Bagle.gen
  Generic Worm (22)
    W32/Sdbot.worm.gen.bu
    W32/Spybot.worm.gen.bx
    W32/Sdbot.worm.gen.br
    W32/Sdbot.worm.gen.bg
    W32/Gaobot.worm.gen.bj
    W32/Spybot.worm.gen.bj
    W32/Sdbot.worm.gen.bl
    W32/Sdbot.worm.gen.bk
    W32/Spybot.worm.gen.by
    W32/Sdbot.worm.gen.bs
    W32/Gaobot.worm.gen.bf
    W32/Sdbot.worm.gen.bz
    W32/Sdbot.worm.gen.bp
    W32/Sdbot.worm.gen.bd
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.bi
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.bj
    W32/Sdbot.worm.gen.bw
    W32/Gaobot.worm.gen.bi
    W32/Gaobot.worm.gen.by
    W32/Bobax.worm.gen
  multipartite (1)
    AreThree.mp
  Script (1)
    Univ.script/99a
  Win32 (2)
    New Win32
    Generic BackDoor.bf
  Win9x (2)
    W95/CTX.10853
    W95/CTX.6886
  Worm (1)
    W32/Mytob.worm!im