Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4472
DAT Release Date 04/19/2005
Threats Detected 123517
New Detections 26
Enhanced Detections 129

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (1)
  Adware (1)
    Adware-NicTech
Trojan (20)
   (1)
    QUrl-3.url
  Application extension (2)
    BackDoor-CRF.dll
    Downloader-ZG.dll
  Demonstration (1)
    Exploit-MSJet.demo
  Downloader (3)
    Downloader-YN
    Downloader-ZH
    Downloader-BW.j
  Dropper (3)
    MultiDropper-NA
    Downloader-ZG.dr
    MultiDropper-MZ
  Internet Relay Chat (1)
    IRC/Flood.nicks
  Keylogger (1)
    Keylog-Pahac
  ProcKill (1)
    ProcKill-CP
  Remote Access (4)
    BackDoor-CRE
    BackDoor-CRC
    BackDoor-CRF
    BackDoor-CRD
  Win32 (3)
    Generic MultiDropper.h
    Generic PWS.p
    QUrl-3
Virus (5)
  Dropper (1)
    W32/Sober.dr
  E-mail (1)
    W32/Sober.o@MM
  Email (1)
    W32/Sober.o@MM!zip
  Worm (2)
    W32/Kelvir.worm.x
    W32/Kelvir.worm.ab

Enhanced Detections:

Internet Worm (2)
  E-mail (2)
    W32/Sober.e@MM
    W32/Sober.j@MM
Program (14)
  Adware (7)
    Adware-Look2Me
    Adware-Websearch
    Adware-Lop
    Adware-WinAd
    Uploader-R
    Adware-GameSpyArcade
    Adware-abetterintrnt
  Application extension (1)
    Adware-IEToolBar.dll
  Dialer (2)
    Dialer-257
    Dialer-Generic.b
  Downloader (2)
    Adware-abetterintrnt.dldr
    Adware-WinAd.dldr
  Dropper (2)
    Adware-IEToolBar.dr
    Adware-WinAd.dr
Trojan (56)
   (2)
    Generic BackDoor.d
    Generic BackDoor.t
  Application extension (3)
    PWS-Iyus.dll
    Spyre.dll
    PWS-Lineage.dll
  Configuration settings (1)
    HackerDefender.ini
  Configurator (2)
    MultiDropper.cfg
    BackDoor-CEP.cfg
  Downloader (6)
    Downloader-GK
    Downloader-BU
    Downloader-JH
    PWS-Banker.dldr
    Downloader-YF
    Downloader-PH
  Dropper (6)
    AdClicker-O.dr
    PWS-LDPinch.dr
    Downloader-EG.dr
    BackDoor-CEP.dr
    PWS-Banker.dr.a
    BackDoor-BAC.dr
  Flooder (1)
    FDoS-Codalu
  Generic (6)
    BackDoor-AGS.gen
    PWS-Iyus.gen
    PWS-Banker.gen.p
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-Banker.gen.g
  Password (2)
    PWS-LegMir
    PWS-LDPinch
  Password Stealer (3)
    Generic PWS.a
    Generic PWS.b
    PWS-Lineage
  Plugin component (1)
    BackDoor-AHB.plugin
  Proxy (1)
    Proxy-EasySearch
  Remote Access (9)
    BackDoor-AVW
    BackDoor-CHC
    BackDoor-ALD
    BackDoor-ZO
    BackDoor-CPI
    BackDoor-CPF
    BackDoor-CQQ
    BackDoor-CGK
    BackDoor-CEP
  StartPage (1)
    StartPage-DU
  Win32 (12)
    Generic BackDoor.b
    HackerDefender
    Generic Downloader.c
    HackerDefender.sys
    Generic Dropper.h
    QLowZones-15
    Generic QLowZones.a
    Generic Dropper.k
    Vundo
    Generic VB.c
    QLowZones-2
    Generic Downloader.e
Virus (57)
   (7)
    SymbOS/Cabir!lasco
    SymbOS/Cabir.k!sis
    SymbOS/Cabir.i!sis
    SymbOS/Cabir.b!sis
    SymbOS/Cabir.l!sis
    SymbOS/Cabir.j!sis
    SymbOS/Cabir.h!sis
  Damaged (2)
    W32/Sober.dam
    W32/Etap.dam
  Dropper (3)
    W32/Etap.dr
    SymbOS/Cabir.dr
    SymbOS/Cabir.dr!skulls
  E-mail (3)
    W32/Sober.c@MM
    W32/Sober.d@MM
    W32/Sober.g@MM
  E-mail worm (4)
    W32/Sober.f@MM
    W32/Sober.b@MM
    W32/Sober.l@MM
    W32/Pahac@MM
  Email (7)
    W32/Sober.k@MM!zip
    W32/Sober.d@MM!zip
    W32/Sober.e@MM!zip
    W32/Sober.m@MM
    W32/Sober.j@MM!zip
    W32/Sober.l@MM!zip
    W32/Sober.g@MM!zip
  Email Generic (1)
    W32/Sober.gen@MM
  Email Worm (1)
    W32/Sober.k@MM
  Generic (2)
    W32/Etap.gen
    SymbOS/Cabir.gen!sis
  Generic Worm (5)
    W32/Sdbot.worm.gen.w
    W32/Sdbot.worm.gen.j
    W32/Kelvir.worm.gen
    W32/Sdbot.worm.gen.z
    W32/Sdbot.worm.gen.t
  Heuristic (1)
    New Malware.b
  Intended (1)
    W32/Pahac.intd
  Internet Worm (4)
    W32/Sober.a@MM
    W32/Kelvir.worm.c
    W32/Kelvir.worm.b
    W32/Kelvir.worm.f
  Worm (16)
    W32/Kelvir.worm.e
    W32/Kelvir.worm.d
    W32/Kelvir.worm.g
    W32/Kelvir.worm.i
    W32/Kelvir.worm.k
    W32/Kelvir.worm.j
    W32/Kelvir.worm.a
    W32/Kelvir.worm.o
    W32/Kelvir.worm.n
    W32/Kelvir.worm.p
    W32/Kelvir.worm.s
    W32/Kelvir.worm.l
    W32/Kelvir.worm.m
    W32/Kelvir.worm.t
    W32/Kelvir.worm.q
    W32/Kelvir.worm.w