Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4695
DAT Release Date 02/13/2006
Threats Detected 176980
New Detections 25
Enhanced Detections 266

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (5)
  Adware (2)
    Adware-SpyFalcon
    Adware-DesktopMedia
  Dropper (1)
    Dialer-gen.dr
  ProcKill (1)
    ProcKill-DO
  Tool (1)
    ValveSteam
Trojan (6)
   (2)
    Dirc
    Reboot-AS
  Downloader (2)
    Downloader-AUC
    Downloader-AUD
  Generic (1)
    Exploit-HLPWorkshop.gen
  Tool (1)
    Kit-PWRVBGEN
Virus (14)
   (5)
    FF.1536
    Weasel.3008a
    Spice
    Baloo
    Kissed.2384.a
  Application extension (1)
    W32/Sality.n.dll
  E-mail worm (1)
    W32/bagle.ds@MM
  Parasitic (1)
    Olya.cav.390a
  Script (1)
    Bat/bug.852
  Win32 (5)
    W32/Sality
    W32/Redplut.a
    W32/QQpass!patch
    W32/Sality.n
    W32/Redplut.b

Enhanced Detections:

Program (13)
   (1)
    Generic KeyLog.b
  Adware (4)
    Adware-DollarRevenue
    Adware-Spyaxe.lnk
    Adware-iGetNet
    Adware-DCToolbar
  Application extension (1)
    KeyHook.dll
  Dialer (2)
    Dialer-Generic
    Dialer-184
  Generic (1)
    Adware-Url.gen
  Keylogger (2)
    Keylog-Ardamax.dr
    Keylog-Invisible
  Tool (1)
    Tool-KrimNot
  Win32 (1)
    ServU-Daemon
Trojan (92)
   (8)
    Generic BackDoor.d
    Harlot
    Generic BackDoor.bb
    Generic BackDoor.t
    Spy-Lydra
    Generic.ce
    Generic.cd
    Spy-Agent.ak
  - (1)
    AdClicker-AJ
  Application extension (3)
    PWS-Banker.j.dll
    Downloader-AQR.dll
    Proxy-Agent.af.dll
  Demonstration (1)
    JS/Exploit-Script.demo
  Dialer (1)
    Dialer-152
  Downloader (11)
    BackDoor-AWQ.b.dldr
    W32/Bagle.cj
    PWS-Banker.dldr
    W32/Bagle.dk
    Downloader-ABU
    Downloader-AQR
    Downloader-YZ
    Downloader-ARQ
    Downloader-PS
    Downloader-G
    PWS-LegMir.dldr
  Downloader Generic (1)
    W32/Bagle.dldr
  Dropper (5)
    PWS-Legmir.dr
    MultiDropper-KH
    BackDoor-AVW.dr
    MultiDropper-OR
    MultiDropper-PH
  Dropper Generic (1)
    PWS-Banker.gen.dr
  Dropper Worm (1)
    W32/Sdbot.worm.dr
  Email Generic (1)
    W32/Feebs.gen@MM
  Exploit (1)
    JS/Exploit-CrossSite
  File Deletion (1)
    Qdel374
  Generic (9)
    Generic Downloader.gen.bd
    Generic Downloader.gen.be
    PWS-Banker.k.gen
    PWS-Banker.gen.ba
    PWS-Banker.gen.bb
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-Banker.gen.t
    PWS-Banker.gen.d
  Heuristic (4)
    New RootKit
    New Malware.j
    New Malware.h
    New Malware.z
  Malware Tool (1)
    NTRootKit-E
  Password (3)
    PWS-LegMir
    PWS-QQPass
    PWS-LDPinch
  Password Stealer (4)
    PWS-QQPass.b
    PWS-QQRob
    Generic PWS.u
    PWS-Steam
  Proxy (2)
    Proxy-FBSR
    Proxy-Agent.af
  Remote Access (9)
    BackDoor-CBE
    BackDoor-BAC
    BackDoor-RS
    BackDoor-AZZ
    BackDoor-CSI
    BackDoor-CPI
    BackDoor-CXR
    BackDoor-CXI
    BackDoor-CKB
  StartPage (1)
    StartPage-IC
  Win32 (23)
    Generic VB
    HackerDefender
    Generic Delphi
    Generic Downloader.c
    Generic VB.b
    Generic Downloader.d
    Generic Delphi.b
    Puper
    Generic BackDoor.bd
    Generic Downloader.k
    Generic Downloader.u
    Generic Downloader.y
    Generic AdClicker.b
    Generic Downloader.aa
    Generic PWS.o
    Generic BackDoor.u
    Generic Downloader.ab
    Generic Dropper.f
    Generic Downloader.ac
    Generic.b
    AdClicker-BG
    Generic Downloader.g
    Generic AdClicker.d
Virus (161)
   (9)
    Kissed.2384a
    Kissed.2384b
    Jeru
    VIP
    YD
    Vanitas
    White Noise
    Riot.812
    Weasel.3008
  Application extension (1)
    W32/Bagle.dk.dll
  Boot dropper (1)
    BtDr.a
  Damaged (2)
    W32/Mytob.dam
    W32/Bagle.dam
  Downloader (4)
    W32/Bagle.ci
    W32/Bagle.ck
    W32/Bagle.cl
    W32/Bagle.cn
  Dropper (1)
    White Noise.dr
  E-mail (5)
    W32/Bagle.j@MM
    W32/Bagle.k@MM
    W32/Mytob.gr@MM
    W32/Bagle.af@MM
    W32/Bagle.ad@MM
  E-mail worm (10)
    W32/Bagle.n@MM
    W32/Bagle.p@MM
    W32/Bagle.q@MM
    W32/Bagle.c@MM
    W32/Bagle.r@MM
    W32/Bagle.s@MM
    W32/Bagle.aa@MM
    W32/Bagle.dr@MM
    W32/Bagle.dq@MM
    W32/Bagle.ah@MM
  Email (71)
    W32/Bagle.al@MM
    W32/Bagle.cd@MM
    W32/Mytob.ao@MM
    W32/Mytob.al@MM
    W32/Mytob.ew@MM
    W32/Mytob.fa@MM
    W32/Mytob.ft@MM
    W32/Mytob.fs@MM
    W32/Mytob.aw@MM
    W32/Mytob.fr@MM
    W32/Mytob.ba@MM
    W32/Mytob.bc@MM
    W32/Mytob.bb@MM
    W32/Mytob.bd@MM
    W32/Mytob.fu@MM
    W32/Mytob.fw@MM
    W32/Mytob.fv@MM
    W32/Mytob.ge@MM
    W32/Mytob.go@MM
    W32/Mytob.bu@MM
    W32/Mytob.bq@MM
    W32/Mytob.by@MM
    W32/Mytob.cq@MM
    W32/Mytob.ck@MM
    W32/Mytob.fz@MM
    W32/Mytob.gf@MM
    W32/Mytob.gn@MM
    W32/Mytob.gp@MM
    W32/Mytob.cw@MM
    W32/Mytob.p@MM
    W32/Mytob.i@MM
    W32/Mytob.k@MM
    W32/Mytob.r@MM
    W32/Mytob.gm@MM
    W32/Mytob.gs@MM
    W32/Mytob.m@MM
    W32/Mytob.bs@MM
    W32/Mytob.de@MM
    W32/Mytob.cb@MM
    W32/Mytob.do@MM
    W32/Mytob.dl@MM
    W32/Mytob.h@MM
    W32/Mytob.j@MM
    W32/Mytob.l@MM
    W32/Mytob.o@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.y@MM
    W32/Mytob.cr@MM
    W32/Mytob.cl@MM
    W32/Mytob.ci@MM
    W32/Mytob.cx@MM
    W32/Mytob.cy@MM
    W32/Mytob.dn@MM
    W32/Mytob.ei@MM
    W32/Mytob.aa@MM
    W32/Mytob.ad@MM
    W32/Mytob.dw@MM
    W32/Mytob.dv@MM
    W32/Mytob.du@MM
    W32/Mytob.aj@MM
    W32/Mytob.z@MM
    W32/Mytob.eg@MM
    W32/Mytob.ho@MM
    W32/Mytob.hn@MM
    W32/Mytob.hk@MM
    W32/Mytob.hm@MM
    W32/Mytob.hj@MM
    W32/Mytob.ha@MM
    W32/Mytob.em@MM
    W32/Mytob.en@MM
  Email Generic (2)
    W32/Mytob.gen@MM
    JS/Feebs.gen.d@MM
  File Infector (2)
    Shark
    Timid
  Generic (2)
    W32/Bagle.gen
    W32/Dumaru.gen
  Generic Worm (21)
    W32/Sdbot.worm.gen.as
    W32/Sdbot.worm.gen.br
    W32/Sdbot.worm.gen.bg
    W32/Opanki.worm.gen
    W32/Sdbot.worm.gen.j
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.x
    W32/Kelvir.worm.gen
    W32/Sdbot.worm.gen.ae
    W32/Sdbot.worm.gen.bs
    W32/Gaobot.worm.gen.u
    W32/Sdbot.worm.gen.bz
    W32/Sdbot.worm.gen.bd
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.bi
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.bj
    W32/Sdbot.worm.gen.bw
    W32/Gaobot.worm.gen.bh
    W32/Gaobot.worm.gen.by
    W32/Sdbot.worm.gen.ac
  Internet Worm (1)
    W32/Bagle.d@MM
  multipartite (1)
    One-Half.mp
  Parasitic (1)
    Olya.cav.390
  Script (4)
    Bat/kur
    Bat/joy.b
    Bat/hxv
    Bat/gabber
  Win32 (22)
    New Poly Win32
    W32/Bagle.o!proxy
    W32/Bagle.aj!proxy
    New Win32
    W32/Bagle.aa
    W32/Bagle.cp
    W32/Bagle.cq
    W32/Bagle.co
    W32/Bagle.cm
    W32/Bagle.dd
    W32/Bagle.an
    W32/Generic.e
    W32/Bagle.dc
    W32/Bagle.z
    W32/Bagle.az
    W32/Bagle
    W32/Generic.j
    W32/Bagle.ao
    W32/Feebs!rootkit
    W32/Generic.m
    W32/Generic.Delphi.a
    W32/Bagle.bh
  Worm (1)
    W32/Opanki.worm