Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4493
DAT Release Date 05/17/2005
Threats Detected 126857
New Detections 28
Enhanced Detections 325

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (7)
  Adware (4)
    Adware-WebSpecials
    Adware-WebSeek
    Adware-SBSoft
    Adware-Fizzle
  Application extension (1)
    Adware-Elitebar.dll
  Downloader (1)
    Adware-180Solutions.ldr
  Dropper (1)
    Adware-IAGold.dr
Trojan (8)
   (1)
    QLowZones-19
  Application extension (2)
    StartPage-HE.dll
    Downloader-NZ.dll
  Downloader (1)
    Downloader-AAS
  Dropper (1)
    StartPage-GY.dr
  StartPage (1)
    StartPage-HE
  Win32 (2)
    Kangen
    AdClicker-CT
Virus (13)
   (5)
    SymbOS/Skulls.bw!sis
    SymbOS/Skulls.bv!sis
    SymbOS/Cabir.y
    SymbOS/Cabir!ezboot.y
    SymbOS/Skulls.bx!sis
  Email (1)
    W32/Mytob.ba@MM
  Generic (1)
    W32/Opanki.gen
  Generic Worm (2)
    W32/Gaobot.worm.gen.v
    W32/Gaobot.worm.gen.u
  Worm (4)
    W32/Bropia.worm.ba
    W32/Bropia.worm.az
    W32/Bropia.worm.ay
    W32/Bropia.worm.ax

Enhanced Detections:

Program (27)
  Adware (15)
    Adware-BrowserAid
    Adware-RBlast.dldr
    Adware-MemWatcher
    Adware-Look2Me
    Adware-PurityScan
    Adware-SRNG
    Adware-BHO.gen
    Adware-PopUp
    Adware-RBlast
    Adware-KeenValue
    Adware-MediaTickets
    Adware-WUpd
    Adware-WinAd
    Adware-CasOnline
    Adware-WebHlper
  Dialer (1)
    Dialer-Generic.c
  Downloader (2)
    Adware-SRNG.dldr
    Adware-WinAd.dldr
  Dropper (6)
    Adware-TopMoxie.dr
    Adware-SAHAgent.dr
    Adware-TVMedia.dr
    Uploader-R.dr
    Adware-Ezula.dr
    Adware-CommonName.dr
  Settings Change (1)
    Adware-XPlugin
  Spam (1)
    Adware-Ezula
  Win32 (1)
    FastSearchWeb
Trojan (53)
   (3)
    Generic Downloader.o
    HideProc
    QHosts-1!hosts
  - (1)
    AIM-Canbot
  Application extension (3)
    PWS-Legmir.dll
    BackDoor-CHC.dll
    Downloader-RV.dll
  Configurator (1)
    BackDoor-CEP.cfg
  Demonstration (1)
    Exploit-MS05-024.demo
  Downloader (5)
    Downloader-AAK
    Downloader-AAP
    Downloader-YL
    Downloader-QG
    Downloader-PS
  Downloader Generic (1)
    Proxy-FBSR.gen.dldr
  Dropper (5)
    PWS-LegMir.dr
    Downloader-RV.dr
    FURootkit.dr
    BackDoor-CEP.dr
    MultiDropper-NC
  Exploit (3)
    VBS/Psyme
    Exploit-MhtRedir.gen
    Exploit-ScriptNull
  Generic (5)
    Proxy-FBSR.gen
    PWS-Banker.gen.i
    PWS-Banker.gen.o
    Downloader-LE.gen
    BackDoor-BAC.gen.b
  Heuristic (1)
    New Malware.h
  Malware Tool (1)
    Nuke-Kod
  Password (1)
    PWS-LegMir
  Password Stealer (2)
    PWS-Sina
    PWS-Dremn
  Proxy (1)
    Proxy-FBSR
  Remote Access (4)
    Backdoor-JZ
    BackDoor-AOZ
    BackDoor-CNE
    BackDoor-CEP
  Spyware (1)
    Keylog-Perfect.dr
  StartPage (1)
    StartPage-GY
  Win32 (13)
    Generic Downloader.b
    HackerDefender
    Generic Delphi
    SennaSpy2001
    Generic VB.b
    Generic StartPage.f
    Generic BackDoor.r
    Generic PWS.o
    Generic QLowZones.a
    Generic BackDoor.u
    Generic Downloader.ab
    Generic Downloader.ac
    Generic Downloader.f
Virus (245)
   (91)
    SymbOS/Skulls.br!sis
    SymbOS/Skulls.bn!sis
    SymbOS/Skulls.bj!sis
    SymbOS/Cabir.x
    SymbOS/Skulls.bt!sis
    SymbOS/Skulls.bp!sis
    SymbOS/Skulls.bm!sis
    SymbOS/Skulls.bl!sis
    SymbOS/Cabir!lasco
    SymbOS/Cabir.v
    SymbOS/Cabir!ezboot.v
    SymbOS/Cabir!ezboot.w
    SymbOS/Cabir.w
    SymbOS/Skulls.bh!sis
    SymbOS/Skulls.bf!sis
    SymbOS/Skulls.bd!sis
    SymbOS/Skulls.bb!sis
    SymbOS/Skulls.ba!sis
    SymbOS/Skulls.as!sis
    SymbOS/Skulls.ar!sis
    SymbOS/Skulls.aq!sis
    SymbOS/Skulls.ap!sis
    SymbOS/Skulls.ao!sis
    SymbOS/Skulls.an!sis
    SymbOS/Skulls.am!sis
    SymbOS/Skulls.al!sis
    SymbOS/Skulls.ak!sis
    SymbOS/Skulls.aj!sis
    SymbOS/Skulls.ai!sis
    SymbOS/Skulls.ah!sis
    SymbOS/Skulls.ag!sis
    SymbOS/Skulls.ac!sis
    SymbOS/Skulls.aa!sis
    SymbOS/Skulls.z!sis
    SymbOS/Skulls.y!sis
    SymbOS/Skulls.x!sis
    SymbOS/Skulls.v!sis
    SymbOS/Skulls.t!sis
    SymbOS/Skulls.r!sis
    SymbOS/Skulls.p!sis
    SymbOS/Skulls.n!sis
    SymbOS/Skulls.l!sis
    SymbOS/Skulls.j!sis
    SymbOS/Cabir!ezboot.e
    SymbOS/Cabir!ezboot.d
    SymbOS/Cabir!ezboot.c
    SymbOS/Cabir!ezboot
    SymbOS/Skulls.bg!sis
    SymbOS/Skulls.be!sis
    SymbOS/Skulls.bc!sis
    SymbOS/Skulls.az!sis
    SymbOS/Skulls.ay!sis
    SymbOS/Skulls.ax!sis
    SymbOS/Skulls.aw!sis
    SymbOS/Skulls.av!sis
    SymbOS/Skulls.au!sis
    SymbOS/Skulls.at!sis
    SymbOS/Skulls.af!sis
    SymbOS/Skulls.ae!sis
    SymbOS/Skulls.ad!sis
    SymbOS/Skulls.ab!sis
    SymbOS/Skulls.w!sis
    SymbOS/Skulls.u!sis
    SymbOS/Skulls.s!sis
    SymbOS/Skulls.q!sis
    SymbOS/Skulls.o!sis
    SymbOS/Skulls.m!sis
    SymbOS/Skulls.k!sis
    SymbOS/Skulls.bu!sis
    SymbOS/Skulls.bs!sis
    SymbOS/Skulls.bq!sis
    SymbOS/Skulls.bo!sis
    SymbOS/Skulls.bk!sis
    SymbOS/Skulls.bi!sis
    SymbOS/Cabir!ezboot.x
    SymbOS/Cabir!ezboot.s
    SymbOS/Cabir!ezboot.o
    SymbOS/Cabir!ezboot.k
    SymbOS/Cabir!ezboot.f
    SymbOS/Cabir.g
    SymbOS/Cabir.f
    SymbOS/Cabir.b
    SymbOS/Cabir.a
    SymbOS/Cabir!ezboot.t
    SymbOS/Cabir!ezboot.r
    SymbOS/Cabir.m
    SymbOS/Cabir.k
    SymbOS/Cabir!ezboot.q
    SymbOS/Cabir!ezboot.p
    SymbOS/Cabir!ezboot.n
    SymbOS/Cabir.u
  Companion (1)
    W32/NGVCK.8192.cmp
  Damaged (1)
    W32/Mytob.dam
  Damaged Worm (4)
    W32/Spybot.worm.dam
    W32/Gaobot.worm.dam
    W32/Protoride.worm.dam
    W32/Sdbot.worm.dam
  Dropper (3)
    Univ/a.dr
    W32/NGVCK.dr
    W32/NGVCK.b.dr
  Dropper Generic (1)
    W32/NGVCK.gen.dr
  E-mail worm (2)
    W32/Mimail.c@MM
    W32/Mimail.s@MM
  Email (37)
    W32/Mimail.v@MM
    W32/Mytob.ak@MM
    W32/Mytob.am@MM
    W32/Mytob.ar@MM
    W32/Mytob.aq@MM
    W32/Mytob.ao@MM
    W32/Mytob.al@MM
    W32/Mytob.as@MM
    W32/Mytob.ap@MM
    W32/Sober.q
    W32/Mytob.aw@MM
    W32/Mytob.p@MM
    W32/Mytob.i@MM
    W32/Mytob.k@MM
    W32/Mytob.r@MM
    W32/Mytob.c@MM
    W32/Mytob.m@MM
    W32/Mytob.q@MM
    W32/Mytob.h@MM
    W32/Mytob.j@MM
    W32/Mytob.l@MM
    W32/Mytob.o@MM
    W32/Mytob.v@MM
    W32/Mytob.u@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.w@MM
    W32/Mytob.y@MM
    W32/Mytob.ab@MM
    W32/Mytob.aa@MM
    W32/Mytob.ad@MM
    W32/Mytob.ah@MM
    W32/Mytob.af@MM
    W32/Mytob.aj@MM
    W32/Mytob.z@MM
    W32/Mytob.ag@MM
    W32/Mytob.an@MM
  Email Generic (1)
    W32/Mytob.gen@MM
  Generic (1)
    SymbOS/Cabir.gen
  Generic Worm (32)
    W32/Spybot.worm.gen.b
    W32/Sdbot.worm.gen
    W32/Spybot.worm.gen.e
    W32/Gaobot.worm.gen.e
    W32/Spybot.worm.gen.f
    W32/Sdbot.worm.gen.bg
    W32/Gaobot.worm.gen.bj
    W32/Opanki.worm.gen
    W32/Sdbot.worm.gen.d
    W32/Gaobot.worm.gen.j
    W32/Sdbot.worm.gen.l
    W32/Sdbot.worm.gen.j
    W32/Sdbot.worm.gen.h
    W32/Gaobot.worm.gen.n
    W32/Sdbot.worm.gen.i
    W32/Sdbot.worm.gen.bk
    W32/Kelvir.worm.gen
    W32/Spybot.worm.gen.j
    W32/Sdbot.worm.gen.ag
    W32/Spybot.worm.gen.o
    W32/Gaobot.worm.gen.t
    W32/Sdbot.worm.gen.bd
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.bi
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.bj
    W32/Sdbot.worm.gen.bw
    W32/Gaobot.worm.gen.bh
    W32/Sdbot.worm.gen.y
    W32/Sdbot.worm.gen.z
    W32/Sdbot.worm.gen.ac
    W32/Sdbot.worm.gen.q
  Intended (1)
    W32/NGVCK.intd
  Internet Worm (3)
    W32/Kelvir.worm.f
    W32/Bropia.worm.aj
    W32/Gaobot.worm.gen.q
  mIRC Worm (1)
    W32/Protoride.worm
  Overwriting (1)
    Univ.ow/e
  PDA Device (14)
    SymbOS/Cabir.e
    SymbOS/Cabir.c
    SymbOS/Cabir.h
    SymbOS/Cabir.d
    SymbOS/Cabir.t
    SymbOS/Cabir.r
    SymbOS/Cabir.p
    SymbOS/Cabir.n
    SymbOS/Cabir.l
    SymbOS/Cabir.s
    SymbOS/Cabir.q
    SymbOS/Cabir.o
    SymbOS/Cabir.i
    SymbOS/Cabir.j
  Peer To Peer (1)
    W32/Generic.c!p2p
  Win32 (20)
    W32/NGVCK
    W32/NGVCK.2389dr
    W32/NGVCK.1365dr
    W32/NGVCK.3072dr
    W32/NGVCK.53x
    W32/NGVCK.1107dr
    W32/NGVCK.1988dr
    W32/NGVCK.2092dr
    W32/NGVCK.3146dr
    W32/NGVCK.3250dr
    W32/NGVCK.3400dr
    W32/NGVCK.1364dr
    W32/NGVCK.2296dr
    W32/NGVCK.1352dr
    W32/NGVCK.919dr
    W32/NGVCK.1840dr
    W32/Mimail.u
    W32/Generic.e
    W32/Generic.m
    W32/Generic.Delphi.a
  Worm (30)
    W32/Kelvir.worm.al
    W32/Kelvir.worm.ap
    W32/Kelvir.worm.an
    W32/Bropia.worm.al
    W32/Bropia.worm.ak
    W32/Kelvir.worm.ao
    W32/Kelvir.worm.am
    W32/Bropia.worm.am
    W32/Kelvir.worm.ax
    W32/Bropia.worm.ao
    W32/Bropia.worm.an
    W32/Kelvir.worm.az
    W32/Kelvir.worm.ba
    W32/Kelvir.worm.ay
    W32/Bropia.worm.ar
    W32/Kelvir.worm.bg
    W32/Kelvir.worm.e
    W32/Kelvir.worm.i
    W32/Kelvir.worm.o
    W32/Kelvir.worm.p
    W32/Kelvir.worm.l
    W32/Kelvir.worm.q
    W32/Kelvir.worm.w
    W32/Bropia.worm.ag
    W32/Kelvir.worm.ac
    W32/Kelvir.worm.aj
    W32/Kelvir.worm.ai
    W32/Bropia.worm.ah
    W32/Bropia.worm.ai
    W32/Opanki.worm