Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4418
DAT Release Date 01/05/2005
Threats Detected 112195
New Detections 87
Enhanced Detections 209

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (5)
  Dialer (2)
    Dialer-238
    Dialer-RAS.ds
  Tool (2)
    Tool-PassView
    Tool-ICQDecrypt
  Win32 (1)
    Rpcxss
Trojan (26)
   (2)
    AdClicker-BW
    Generic!pwdrar
  Application extension (5)
    PWS-LDPinch.dll!ldr
    BackDoor-CMK.dll
    PWS-Banker.d.dll
    BackDoor-CMJ.dll
    BackDoor-ASB.c.dll
  Downloader (3)
    Downloader-TQ
    Downloader-TR
    Downloader-TP
  Dropper (3)
    Downloader-TP.dr
    MultiDropper-MB
    StartPage-FW.dr
  Keylogger (1)
    Keylog-Curio
  Password (1)
    PWS-Banker!pwdrar
  Proxy (2)
    Proxy-Denote
    Proxy-Brakad
  Remote Access (7)
    BackDoor-CMM
    BackDoor-CMJ
    BackDoor-CMI
    BackDoor-ASB.c
    BackDoor-CMO
    BackDoor-CML
    BackDoor-CMK
  Script (1)
    Bat/dt138
  StartPage (1)
    StartPage-FZ
Virus (56)
   (38)
    SymbOS/Cabir.t
    SymbOS/Cabir.r
    SymbOS/Cabir.p
    SymbOS/Cabir.n
    SymbOS/Cabir.l
    SymbOS/Cabir!ezboot.s
    SymbOS/Cabir!ezboot.o
    SymbOS/Cabir!ezboot.k
    SymbOS/Cabir!ezboot.f
    SymbOS/Cabir.k!sis
    SymbOS/Cabir.i!sis
    SymbOS/Cabir.s!sis
    SymbOS/Cabir.f!sis
    SymbOS/Cabir.d!sis
    SymbOS/Cabir.b!sis
    SymbOS/Cabir!ezboot.t
    SymbOS/Cabir!ezboot.r
    SymbOS/Cabir.q!sis
    SymbOS/Cabir.p!sis
    SymbOS/Cabir.o!sis
    SymbOS/Cabir.e!sis
    SymbOS/Cabir.a!sis
    SymbOS/Skulls.d
    SymbOS/Cabir.s
    SymbOS/Cabir.q
    SymbOS/Cabir.o
    SymbOS/Cabir.m
    SymbOS/Cabir.k
    SymbOS/Cabir!ezboot.q
    SymbOS/Cabir!ezboot.p
    SymbOS/Cabir!ezboot.n
    SymbOS/Cabir.l!sis
    SymbOS/Cabir.j!sis
    SymbOS/Cabir.h!sis
    SymbOS/Cabir.t!sis
    SymbOS/Cabir.r!sis
    SymbOS/Cabir.n!sis
    SymbOS/Cabir.c!sis
  Dropper (1)
    SymbOS/Cabir.dr!skulls
  E-mail worm (1)
    W32/Kipis.b@MM
  Email (1)
    VBS/Ediboy@MM
  Email Generic (1)
    W32/Kipis.gen@MM
  Email Worm (1)
    W32/Mirsa@MM
  Generic (2)
    SymbOS/Cabir.gen!sis
    W32/Poebot.gen
  Generic Worm (1)
    W32/Sdbot.worm.gen.ac
  Open Share Worm (1)
    W32/Hilin.worm
  Overwriting (1)
    W32/RAHack
  Parasitic (1)
    W32/HLLP.20606d
  Script (2)
    Bat/dt137
    VBS/Umbriel.b
  Script Worm (1)
    W32/Sautor.worm.bat
  Win32 (2)
    W32/Kvdbot!hosts
    W32/Generic.g
  Worm (2)
    W32/Kvdbot.worm
    W32/Golten.worm.b

Enhanced Detections:

Malware (1)
  Exploit (1)
    Exploit-CodeBase
Program (6)
   (2)
    CRH2a
    CRH8
  PornDialer (1)
    Dialer-Generic
  Remote Access (1)
    ServU-Daemon
  Tool (1)
    Tool-Dialupass
  Win32 (1)
    RemAdm-RemoteAnythng
Trojan (150)
   (11)
    Generic BackDoor.d
    AdClicker-AT
    AdClicker-AS
    AdClicker-AW
    AdClicker-AV
    AdClicker-BN
    AdClicker-BQ
    AdClicker-BS
    Phish-BankFraud.eml
    AdClicker-BF
    AdClicker-BE
  - (3)
    AdClicker-O
    StartPage-B
    W32/Bagle.dll.dr
  Application extension (6)
    AFXrootkit.dll
    Downloader-DA.dll
    PWS-LDPinch.dll
    BackDoor-CMA.dll
    PWS-Lineage.dll
    PWS-Banker.dll
  Configurator (2)
    Downloader.cfg
    Generic PWS.c.cfg
  Downloader (10)
    Downloader-NI
    Prutec
    Downloader-SS
    Downloader-OQ
    Downloader-TJ
    Downloader-RE
    PWS-Bancban.dldr
    Downloader-TH
    Downloader-PS
    Downloader-GG!chm
  Dropper (8)
    IRC/Flood.gen.dr
    AFXrootkit.dr
    PWS-LDPinch.dr
    Generic PWS.c.dr
    AdClicker-AS.dr
    AdClicker-BS.dr
    BackDoor-ASB.dr
    PWS-Banker.dr
  Dropper Script (1)
    Seeker.reg.dr
  Exploit (3)
    VBS/Psyme
    JS/Exploit-HelpXSite
    Exploit-HelpZonePass
  Generic (10)
    Exploit-CodeBase.gen
    PWS-Bancban.gen.b
    PWS-Bancos.gen.c
    PWS-Bancos.gen
    BackDoor-CEO.gen
    JS/Exploit-BO.gen
    PWS-Bancban.gen.f
    AFXrootkit.gen
    PWS-LDPinch.gen
    PWS-Bancos.gen.b
  Keylogger (1)
    Keylog-Dks
  Password (4)
    PWS-Bancos
    PWS-LDPinch
    PWS-Bancban
    PWS-Banker.d
  Password Stealer (5)
    Generic PWS.b
    PWS-Gina
    Generic PWS.c
    PWS-Bjcg
    PWS-Banker
  PDA Device (1)
    SymbOS/Skulls.a
  ProcKill (1)
    ProcKill-CG
  Proxy (3)
    Proxy-FBSR
    Proxy-Agent.a
    Proxy-Agent.b
  Remote Access (17)
    BackDoor-AXJ
    BackDoor-AZV
    BackDoor-ASB
    BackDoor-AWM
    AFXrootkit
    BackDoor-AMQ
    BackDoor-CCT
    BackDoor-BCB
    BackDoor-AZV.gen
    Generic BackDoor.l
    BackDoor-CLT
    BackDoor-CEO
    BackDoor-BCB!chm
    BackDoor-CKA
    BackDoor-CIU
    BackDoor-BDD
    Generic BackDoor.n
  Script (2)
    Univ.script/99a
    Bat/qd137
  Settings Change (2)
    Startpage-N
    StartPage-G
  StartPage (38)
    StartPage-CM
    StartPage-AM
    StartPage-AK
    StartPage-AH
    StartPage-S
    StartPage-P
    StartPage-J
    StartPage-D
    StartPage-AL
    StartPage-AJ
    StartPage-AE
    StartPage-X
    StartPage-R
    StartPage-O
    StartPage-L
    StartPage-I
    StartPage-E
    StartPage-AZ
    StartPage-Z
    StartPage-BE
    StartPage-BD
    StartPage-BH
    StartPage-BM
    StartPage-BY
    StartPage-BV
    StartPage-BU
    StartPage-BZ
    StartPage-EL
    StartPage-FR
    StartPage-FV
    StartPage-EO
    StartPage-EV
    StartPage-FI
    StartPage-EZ
    StartPage-DY
    StartPage-DE
    StartPage-DC
    StartPage-FA
  Win32 (22)
    AdClicker-AA
    AdClicker-V
    AdClicker-Q
    AdClicker-Y
    AdClicker-T
    AdClicker-N
    AdClicker-K
    HackerDefender
    AdClicker-AI
    AdClicker-J
    Generic FDoS
    AdClicker-L
    AdClicker-AE
    Generic BackDoor.c
    Generic VB.b
    AdClicker-AK
    Generic VB.c
    AdClicker-AL
    AdClicker-BA
    QLowZones-3
    DDoS-Boxed
    AdClicker-AN
Virus (52)
   (11)
    SymbOS/Cabir!ezboot.e
    SymbOS/Cabir!ezboot.d
    SymbOS/Cabir!ezboot.c
    SymbOS/Cabir!ezboot
    QHosts!apd!hosts
    SymbOS/Skulls.c
    SymbOS/Cabir.g
    SymbOS/Cabir.f
    SymbOS/Cabir.rsc
    SymbOS/Cabir.b
    SymbOS/Cabir.a
  Boot (1)
    Stoned
  Configurator (1)
    W32/Pahac.cfg
  Damaged Worm (2)
    W32/Gaobot.worm.dam
    W32/Sdbot.worm.dam
  Dropper (2)
    MultiDropper-GP.a
    SymbOS/Cabir.dr
  Dropper Worm (1)
    W32/Dedler.worm.dr
  E-mail worm (1)
    W32/Pahac@MM
  Email (1)
    W32/Bagle@MM!pwdzip
  Email Generic (1)
    W32/Bagle.gen@MM!pwdzip
  Email Worm (1)
    W32/Kipis.a@MM
  Generic (1)
    SymbOS/Cabir.gen
  Generic Worm (10)
    W32/Gaobot.worm.gen.e
    W32/Sdbot.worm.gen.w
    W32/Gaobot.worm.gen.j
    W32/Sdbot.worm.gen.l
    W32/Sdbot.worm.gen.j
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.i
    W32/Gaobot.worm.gen.t
    W32/Sdbot.worm.gen.y
    W32/Sdbot.worm.gen.t
  Heuristic (1)
    New Malware.b
  Intended (1)
    W32/Pahac.intd
  Internet Worm (2)
    W32/Sdbot.worm
    W32/Golten.worm
  mIRC Worm (1)
    W32/Protoride.worm
  Parasitic (4)
    W32/HLLP.20606b
    W32/HLLP.20606c
    W32/HLLP.20606a
    W32/HLLP.8920
  PDA Device (6)
    SymbOS/Cabir.e
    SymbOS/Cabir.c
    SymbOS/Cabir.h
    SymbOS/Cabir.d
    SymbOS/Cabir.i
    SymbOS/Cabir.j
  Remote Access (1)
    W32/Backdoor-CFB
  Script (2)
    VBS/Generic
    VBS/Umbriel
  Win32 (1)
    W32/Puce