Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4725
DAT Release Date 03/23/2006
Threats Detected 183403
New Detections 8
Enhanced Detections 251

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (2)
  Joke (1)
    Joke-Schock
  Tool (1)
    Tool-GoGod
Trojan (6)
  Downloader (1)
    Downloader-AVJ
  Dropper (1)
    MultiDropper-QJ
  Remote Access (4)
    BackDoor-CYO
    BackDoor-CYL
    BackDoor-CYN
    BackDoor-CYM

Enhanced Detections:

- (1)
  - (1)
    PWS
Internet Worm (1)
  E-mail (1)
    W32/Mytob.bk@MM
Program (19)
   (1)
    SFGProtect
  Adware (7)
    Adware-Virtumundo
    Adware-HotBar
    Adware-BB
    Adware-Gain
    Adware-SearchAid
    Adware-SpySheriff
    Adware-DollarRevenue
  Application extension (1)
    ClearSearch.dll
  Dialer (1)
    Dialer-251
  Downloader (2)
    Adware-SearchAid.dldr
    Adware-SAHAgent.dldr
  Dropper (1)
    Adware-HotBar.dr
  Generic (1)
    Adware-Apropos.gen
  Keylogger (1)
    KeyLog-Powered
  Registry (1)
    Clearsearch
  Tool (1)
    Clearlogs
  Win32 (2)
    ServU-Daemon
    Winfixer
Trojan (73)
   (5)
    ADtrojan
    SendKey
    Phish-BankFraud.eml.f
    Phish-BankFraud.eml.b
    Generic Downloader.ap
  AOL Password (1)
    APStrojan.gen
  Application extension (5)
    SendKey.dll
    BackDoor-ACH.dll
    Puper.dll
    PWS-Goldun.dll
    PWS-Banker.dll
  Client (1)
    BackDoor-CN.cli
  Configurator (2)
    MultiDropper.cfg.b
    MultiDropper.cfg.a
  Demonstration (1)
    Exploit-MS04-028.demo
  Denial Of Svc (1)
    IRC/Flood.i
  Downloader (6)
    PWS-Banker.dldr
    Downloader-AGG
    Downloader-YO
    Downloader-ZQ
    Downloader-ATY
    Downloader-ARL
  Dropper (5)
    BackDoor-ACH.dr
    SendKey.dr
    BackDoor-BL.dr
    Keylog-SCLog.dr
    PWS-Goldun.dr
  Exploit (4)
    Exploit-ByteVerify
    Exploit-OleData
    Exploit-QtPICT
    Exploit-MS04-028
  Generic (3)
    PWS-QQRob.gen
    JS/Exploit-BO.gen
    PWS-Banker.gen.y
  Heuristic (5)
    New Malware.d
    New Malware.u
    New Malware.j
    New Malware.h
    New Malware.w
  Internet Relay Chat (1)
    IRC/Flood.eq
  Password Stealer (8)
    Generic PWS.a
    PWS-QQRob
    PWS-Banker.gen.c
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-Popo
    PWS-Goldun.sys
    PWS-WoW
  Proxy (1)
    Proxy-Piky
  Remote Access (10)
    BackDoor-ACH
    BackDoor-BL
    BackDoor-SO
    BackDoor-AWQ.b
    Backdoor-CT
    BackDoor-CEB.f
    BackDoor-TC
    BackDoor-CDC
    BackDoor-CXI
    BackDoor-BDD
  Script (1)
    Generic component
  Server (1)
    BackDoor-CN.svr
  StartPage (1)
    JS/StartPage-IX
  Win32 (11)
    Generic Downloader.b
    Generic Downloader.c
    Del-412
    Puper
    Generic Downloader.q
    Generic Downloader.ab
    Del-475
    Spy-Agent.ak
    Generic Keylogger.f
    Generic Downloader.f
    Spy-Agent
Virus (157)
  Damaged Worm (2)
    W32/Gaobot.worm.dam
    W32/Sdbot.worm.dam
  Dropper Email (1)
    W32/Mytob.dr@MM
  E-mail (16)
    W32/Mytob.bh@MM
    W32/Mytob.be@MM
    W32/Mytob.bi@MM
    W32/Mytob.bj@MM
    W32/Mytob.bo@MM
    W32/Mytob.bl@MM
    W32/Mytob.br@MM
    W32/Mytob.bw@MM
    W32/Mytob.cc@MM
    W32/Mytob.bf@MM
    W32/Mytob.cg@MM
    W32/Mytob.ch@MM
    W32/Mytob.cv@MM
    W32/Mytob.da@MM
    W32/Mytob.el@MM
    W32/Mytob.eu@MM
  Email (117)
    W32/Mytob.fm@MM
    W32/Mytob.ak@MM
    W32/Mytob.am@MM
    W32/Mytob.b@MM
    W32/Mytob.a@MM
    W32/Mytob.ar@MM
    W32/Mytob.aq@MM
    W32/Mytob.ev@MM
    W32/Mytob.ex@MM
    W32/Mytob.as@MM
    W32/Mytob.ap@MM
    W32/Mytob.at@MM
    W32/Mytob.fb@MM
    W32/Mytob.av@MM
    W32/Mytob.au@MM
    W32/Mytob.fy@MM
    W32/Mytob.fw@MM
    W32/Mytob.fx@MM
    W32/Mytob.gg@MM
    W32/Mytob.gk@MM
    W32/Mytob.gh@MM
    W32/Mytob.gl@MM
    W32/Mytob.gj@MM
    W32/Mytob.gi@MM
    W32/Mytob.bg@MM
    W32/Mytob.bx@MM
    W32/Mytob.cd@MM
    W32/Mytob.cp@MM
    W32/Mytob.cn@MM
    W32/Mytob.cj@MM
    W32/Mytob.gd@MM
    W32/Mytob.gc@MM
    W32/Mytob.gb@MM
    W32/Mytob.ga@MM
    W32/Mytob.gf@MM
    W32/Mytob.gp@MM
    W32/Mytob.gq@MM
    W32/Mytob.bm@MM
    W32/Mytob.cu@MM
    W32/Mytob.bn@MM
    W32/Mytob.ce@MM
    W32/Mytob.dg@MM
    W32/Mytob.dc@MM
    W32/Mytob.dh@MM
    W32/Mytob.p@MM
    W32/Mytob.r@MM
    W32/Mytob.e@MM
    W32/Mytob.c@MM
    W32/Mytob.gt@MM
    W32/Mytob.m@MM
    W32/Mytob.g@MM
    W32/Mytob.bt@MM
    W32/Mytob.bp@MM
    W32/Mytob.cm@MM
    W32/Mytob.ct@MM
    W32/Mytob.cf@MM
    W32/Mytob.di@MM
    W32/Mytob.df@MM
    W32/Mytob.dd@MM
    W32/Mytob.bz@MM
    W32/Mytob.ca@MM
    W32/Mytob.dj@MM
    W32/Mytob.q@MM
    W32/Mytob.h@MM
    W32/Mytob.n@MM
    W32/Mytob.f@MM
    W32/Mytob.d@MM
    W32/Mytob.v@MM
    W32/Mytob.u@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.w@MM
    W32/Mytob.y@MM
    W32/Mytob.co@MM
    W32/Mytob.cs@MM
    W32/Mytob.cz@MM
    W32/Mytob.dm@MM
    W32/Mytob.dk@MM
    W32/Mytob.dz@MM
    W32/Mytob.eb@MM
    W32/Mytob.ee@MM
    W32/Mytob.ab@MM
    W32/Mytob.ah@MM
    W32/Mytob.af@MM
    W32/Mytob.dq@MM
    W32/Mytob.dp@MM
    W32/Mytob.dt@MM
    W32/Mytob.ds@MM
    W32/Mytob.dx@MM
    W32/Mytob.ea@MM
    W32/Mytob.ag@MM
    W32/Mytob.an@MM
    W32/Mytob.gu@MM
    W32/Mytob.gx@MM
    W32/Mytob.ec@MM
    W32/Mytob.ef@MM
    W32/Mytob.ed@MM
    W32/Mytob.ej@MM
    W32/Mytob.hp@MM
    W32/Mytob.ek@MM
    W32/Mytob.gy@MM
    W32/Mytob.hf@MM
    W32/Mytob.gw@MM
    W32/Mytob.gz@MM
    W32/Mytob.hg@MM
    W32/Mytob.hh@MM
    W32/Mytob.hi@MM
    W32/Mytob.hl@MM
    W32/Mytob.gv@MM
    W32/Mytob.hb@MM
    W32/Mytob.he@MM
    W32/Mytob.eo@MM
    W32/Mytob.er@MM
    W32/Mytob.es@MM
    W32/Mytob.eq@MM
    W32/Mytob.ep@MM
    W32/Mytob.et@MM
  Email Generic (2)
    W32/Rontokbro.gen@MM
    W32/Mytob.gen@MM
  Generic (1)
    W32/Zepp.gen
  Generic Worm (13)
    W32/Gaobot.worm.gen.e
    W32/Sdbot.worm.gen.bg
    W32/Sdbot.worm.gen.n
    W32/Sdbot.worm.gen.l
    W32/Sdbot.worm.gen.j
    W32/Sdbot.worm.gen.i
    W32/Sdbot.worm.gen.ae
    W32/Sdbot.worm.gen.ai
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.az
    W32/Sdbot.worm.gen.ac
    W32/Sdbot.worm.gen.t
  JavaScript (1)
    JS/Xilos
  Peer To Peer (1)
    W32/Cazaar!hosts
  Peer To Peer Worm (1)
    W32/Gedzac.worm!p2p
  VbScript (1)
    New Script
  Worm (1)
    W32/Mytob.worm!im