Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4491
DAT Release Date 05/13/2005
Threats Detected 126560
New Detections 45
Enhanced Detections 228

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (26)
  Adware (12)
    Adware-Dashbar.url
    Adware-ZSearch
    Adware-Zeno
    Adware-Yoursearch
    Adware-Unitzed
    Adware-Topconvert
    Adware-TickerBar
    Adware-ThePay
    Adware-TbarWin32
    Adware-Zestyfind
    Adware-WUpd
    Adware-ClearSurfing
  Application extension (2)
    Adware-TsCash.dll
    Adware-Tolbar.dll
  Damaged (1)
    Adware-abetterintrnt.dam
  Demonstration (1)
    JS/Zaptastic.demo
  Downloader (3)
    Adware-WUpd.dldr
    Adware-WUpd.ldr
    Adware-Tolbar.dldr
  Spyware (7)
    Spyware-SpyAnytime
    Spyware-OrvellMon
    Spyware-MSN
    Spyware-Melhot
    Spyware-PCinetpatrol
    Spyware-Likesurf
    Spyware-AdvKeylog
Trojan (11)
   (1)
    Spy-Agent.c
  Application extension (2)
    UrlSpy.dll
    BackDoor-CRX.dll
  Dropper (2)
    UrlSpy.dr
    FURootkit.dr
  Password Stealer (2)
    PWS-Wiegrab
    PWS-IW
  Remote Access (1)
    BackDoor-CRX
  Win32 (3)
    Generic.d
    WoodsSpace
    Generic StartPage.j
Virus (8)
  Application extension (1)
    W32/Lovgate.dll
  Email (2)
    W32/Kipis.ab@MM
    W32/Bagz@MM!zip
  Generic (1)
    W32/Mash.gen
  Generic Worm (2)
    W32/Sdbot.worm.gen.bl
    W32/Hafun.worm.gen
  Worm (2)
    W32/Bropia.worm.av
    W32/Bropia.worm.at

Enhanced Detections:

Program (78)
  - (1)
    IMIServer.download
  Adware (41)
    Adware-SaveNow
    Adware-TVMedia
    Adware-TopMoxie
    Adware-PortalScan
    Adware-RBlast.dldr
    Adware-SAHAgent
    Adware-Websearch
    Adware-PromulGate
    Adware-PurityScan
    Adware-Gain
    Adware-SearchAid
    Adware-Xupiter
    Adware-Nsupdate
    Adware-FreeComm
    Adware-Virtumondo
    Adware-Searchcentrix
    Adware-Apropos
    Adware-WinShow
    Adware-RBlast
    Adware-Zipclix
    Adware-Lop
    Adware-UCSearch
    Adware-WildMedia
    Adware-Relevance
    Adware-NaviPromo
    Adware-Dashbar
    Adware-Virtumundo
    Adware-WhenUSearch
    Adware-OMI
    Adware-KeenValue
    Adware-Tubby
    Adware-WinAd
    Adware-EliteBar
    Adware-TopRebates
    Adware-SrchEnh
    Adware-DealHelper
    Adware-ValueAd
    Adware-SurfSideKick
    Adware-Softomate
    Adware-BroadCastPC
    Adware-abetterintrnt
  Application extension (4)
    Adware-Apropos.dll
    Adware-RBlast.dll
    Clearsearch.dll
    Adware-Softomate.dll
  Dialer (1)
    Dialer-185
  Downloader (5)
    Adware-FreeComm.dldr
    Adware-Xupiter.dldr
    Adware-SAHAgent.dldr
    Downloader-YQ
    Adware-ValueAd.dldr
  Dropper (10)
    Adware-TopMoxie.dr
    Adware-SAHAgent.dr
    Adware-NetPals.dr
    Adware-XPlugin.dr
    Adware-SafeSurf.dr
    Adware-TVMedia.dr
    Adware-Beginto.dr
    Adware-Softomate.dr
    Adware-abetterintrnt.dr
    Spyware-WebHancer.dr
  Settings Change (1)
    Adware-XPlugin
  Spam (1)
    Adware-Ezula
  Spyware (11)
    Spyware-eBlaster
    Spyware-SpyAgent
    Spyware-RealSpy
    Spyware-ActivityMon
    Spyware-Webhancer
    Spyware-Ssppyy
    Spyware-BE
    Clearsearch
    Spyware-RemoteSpy
    Spyware-PWCapture
    Spyware-CatchaSneak
  Win32 (3)
    Virtual Bouncer
    RemAdm-RemoteAdmin
    DialPWD
Trojan (55)
   (1)
    Generic component
  Application extension (2)
    BackDoor-CKB.dll
    PWS-LDPinch.dll!ldr
  Client (1)
    BackDoor-ANF.cli
  Downloader (9)
    Downloader-AAF
    Downloader-AW
    Downloader-XB
    Downloader-XC
    PWS-Banker.dldr
    Downloader-TZ
    Downloader-RK
    Downloader-TQ
    Downloader-KO
  Downloader Generic (1)
    Proxy-FBSR.gen.dldr
  Dropper (4)
    VBS/Inor
    Generic BackDoor.dr
    BackGate.dr
    BackDoor-CKB.dr
  Exploit (1)
    Exploit-ByteVerify
  Generic (2)
    Proxy-FBSR.gen
    PWS-Banker.gen.i
  Heuristic (1)
    New Malware.f
  Macro (1)
    Pws-IK
  Password (2)
    PWS-QQPass
    PWS-LDPinch
  Password Stealer (2)
    PWS-QQRob
    PWS-Zagahd
  Plugin component (1)
    BackDoor-ANF.plugin
  Proxy (1)
    Proxy-FBSR
  Remote Access (8)
    BackDoor-ACH
    Backdoor-TW
    BackDoor-ANF
    BackGate
    BackDoor-ANF.utl
    BackDoor-ANF.log
    BackDoor-COU
    BackDoor-CKB
  Script (2)
    Bat/sdel
    IIS/BackDoor-ACE
  Server (1)
    BackDoor-ANF.svr
  StartPage (1)
    StartPage-GS
  Win32 (14)
    Generic VB
    Generic BackDoor.b
    Generic BackDoor.f
    FURootkit
    Generic Downloader.q
    Generic QLowZones.a
    Generic BackDoor.u
    QLowZones-2
    Generic Packed
    Generic Downloader.g
    Generic Downloader.f
    Generic StartPage.c
    DDoS-Boxed
    Generic Downloader.h
Virus (95)
  Damaged Worm (1)
    W32/Sdbot.worm.dam
  Downloader Worm (1)
    W32/Bropia.worm.dldr
  E-mail worm (1)
    W32/Netsky.o@MM
  Email (4)
    W32/Bagz.e@MM!zip
    W32/Kipis.aa@MM
    W32/Bagz.a@MM!zip
    W32/Bagz.d@MM!zip
  Email Generic (1)
    W32/Kipis.gen@MM
  Generic Worm (14)
    W32/Sdbot.worm.gen.w
    W32/Sdbot.worm.gen.bg
    W32/Gaobot.worm.gen.bj
    W32/Spybot.worm.gen.bj
    W32/Sdbot.worm.gen.j
    W32/Sdbot.worm.gen.h
    W32/Kelvir.worm.gen
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.bj
    W32/Sdbot.worm.gen.bw
    W32/Gaobot.worm.gen.bh
    W32/Gaobot.worm.gen.by
    W32/Sdbot.worm.gen.y
  Internet Worm (8)
    W32/Bropia.worm.g
    W32/Bropia.worm.q
    W32/Kelvir.worm.c
    W32/Kelvir.worm.b
    W32/Kelvir.worm.f
    W32/Bropia.worm.n
    W32/Bropia.worm.gen
    W32/Bropia.worm.d
  VbScript (1)
    New Script
  Win32 (6)
    New Win32
    W32/Generic.d
    W32/Generic.m
    W32/Generic.Delphi.c
    W32/Generic.Delphi.b
    W32/Generic.Delphi.a
  Worm (58)
    W32/Bropia.worm.e
    W32/Kelvir.worm.al
    W32/Kelvir.worm.ap
    W32/Kelvir.worm.an
    W32/Kelvir.worm.ao
    W32/Kelvir.worm.am
    W32/Bropia.worm.r
    W32/Bropia.worm.s
    W32/Kelvir.worm.ax
    W32/Kelvir.worm.az
    W32/Bropia.worm.ap
    W32/Bropia.worm.f
    W32/Kelvir.worm.ba
    W32/Kelvir.worm.ay
    W32/Bropia.worm.aq
    W32/Kelvir.worm.bg
    W32/Bropia.worm.w
    W32/Bropia.worm.v
    W32/Kelvir.worm.e
    W32/Bropia.worm.u
    W32/Kelvir.worm.d
    W32/Bropia.worm.k
    W32/Bropia.worm.i
    W32/Bropia.worm.l
    W32/Bropia.worm.j
    W32/Bropia.worm.h
    W32/Bropia.worm.o
    W32/Kelvir.worm.g
    W32/Bropia.worm.y
    W32/Kelvir.worm.i
    W32/Kelvir.worm.k
    W32/Kelvir.worm.j
    W32/Bropia.worm.m
    W32/Bropia.worm.p
    W32/Kelvir.worm.a
    W32/Bropia.worm.t
    W32/Kelvir.worm.o
    W32/Kelvir.worm.n
    W32/Bropia.worm.ab
    W32/Bropia.worm.z
    W32/Kelvir.worm.p
    W32/Kelvir.worm.s
    W32/Kelvir.worm.l
    W32/Kelvir.worm.m
    W32/Kelvir.worm.t
    W32/Kelvir.worm.q
    W32/Bropia.worm.ac
    W32/Kelvir.worm.w
    W32/Kelvir.worm.ak
    W32/Kelvir.worm.ab
    W32/Bropia.worm.ag
    W32/Kelvir.worm.ac
    W32/Bropia.worm.af
    W32/Kelvir.worm.aj
    W32/Kelvir.worm.ai
    W32/Bropia.worm.b
    W32/Bropia.worm.a
    W32/Bropia.worm.c