Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4499
DAT Release Date 05/25/2005
Threats Detected 128227
New Detections 29
Enhanced Detections 185

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (3)
  Adware (2)
    Adware-Searcher
    Adware-QwertSearch
  Downloader (1)
    Adware-Websearch.dldr
Trojan (11)
  Application extension (1)
    BackDoor-AWQ.b.dll
  Downloader (1)
    Downloader-ABE
  Dropper (2)
    GAccess.dr
    PWS-Banker.dr.i
  Exploit (1)
    Exploit-Newland
  Keylogger (1)
    Keylog-Svscc
  Remote Access (1)
    BackDoor-CSH
  Script (1)
    Perl/Technote
  Win32 (3)
    MoleHut
    GomMaker
    Generic Downloader.af
Virus (15)
   (4)
    Unk.d
    Unk.b
    Unk.a
    Unk.c
  Damaged (2)
    Bebe.dam
    W32/Jeefo.dam
  Dropper (4)
    AusIH.dr
    Beda.dr
    Bobo.530.dr
    Baobab.dr
  Exploit (1)
    Perl/Exploit-MsgFltr
  multipartite (1)
    Barney.mp
  Worm (3)
    W32/Restrictan.worm
    W32/Bropia.worm.bb
    W32/Kelvir.worm.ca

Enhanced Detections:

Internet Worm (1)
  P2P Worm (1)
    W32/Generic.worm!p2p
Program (15)
   (3)
    Reg-DetectKeys9
    Reg-DetectKeys8
    YourSiteBar
  Adware (8)
    Adware-180Solutions
    Adware-Websearch
    Adware-PromulGate
    Adware-BB
    Adware-ISTBar
    Adware-Lop
    Adware-WinAd
    Adware-Qoolaid
  Dialer (1)
    Dialer-259
  Downloader (1)
    Downloader-ABD
  Dropper (1)
    Adware-Beginto.dr
  Remote Access (1)
    ServU-Daemon
Trojan (45)
   (3)
    Generic BackDoor.d
    Benediction
    Generic BackDoor.bb
  Application extension (5)
    PWS-Legmir.dll
    PWS-LDPinch.dll
    PWS-QQPass.dll
    Keylog-HKH.dll
    Spy-Lydra.dll
  Configuration settings (1)
    ServU.ini
  Configurator (1)
    Iroffer.cfg
  Downloader (3)
    PWS-Banker.dldr
    Downloader-YD
    PWS-LegMir.dldr
  Dropper (2)
    PWS-LDPinch.dr
    PWS-Banker.dr.a
  Exploit (2)
    Exploit-MhtRedir.gen
    Exploit-MhtRedir
  Generic (3)
    PWS-MSNFake.gen
    PWS-Banker.gen.ba
    PWS-Banker.gen.i
  Password (2)
    PWS-QQPass
    PWS-LDPinch
  Password Stealer (2)
    Generic PWS.g
    PWS-Lineage
  Proxy (2)
    Proxy-FBSR
    Proxy-Fireby
  Remote Access (4)
    Generic BackDoor.l
    ASP/Backdoor-CMD
    BackDoor-CJC
    Generic BackDoor.k
  Script (1)
    BackDoor-AXP.bat
  Win32 (14)
    Generic BackDoor.b
    HackerDefender
    Generic BackDoor.c
    Generic Dropper.l
    Generic Downloader.s
    PGPcoder
    Generic BackDoor.bc
    Generic BackDoor.ba
    Generic Downloader.k
    Generic PWS.o
    Generic QLowZones.a
    Generic Downloader.ab
    Generic Downloader.g
    Generic BackDoor.i
Virus (124)
   (1)
    Durk.1586
  Damaged (2)
    Univ/a.dam
    W32/Mytob.dam
  Damaged Worm (1)
    W32/Sdbot.worm.dam
  Dropper (7)
    Univ/c.dr
    Univ/a.dr
    Univ/d.dr
    Dark Avenger.dr
    Auspar.dr
    Xany.dr
    Wishes.dr
  Email (30)
    W32/Mytob.ao@MM
    W32/Mytob.al@MM
    W32/Mytob.as@MM
    W32/Mytob.ap@MM
    W32/Mytob.aw@MM
    W32/Mytob.ba@MM
    W32/Mytob.bc@MM
    W32/Mytob.bb@MM
    W32/Mytob.p@MM
    W32/Mytob.i@MM
    W32/Mytob.k@MM
    W32/Mytob.r@MM
    W32/Mytob.c@MM
    W32/Mytob.m@MM
    W32/Mytob.q@MM
    W32/Mytob.h@MM
    W32/Mytob.j@MM
    W32/Mytob.l@MM
    W32/Mytob.o@MM
    W32/Mytob.u@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.w@MM
    W32/Mytob.y@MM
    W32/Mytob.ab@MM
    W32/Mytob.aa@MM
    W32/Mytob.ad@MM
    W32/Mytob.af@MM
    W32/Mytob.aj@MM
    W32/Mytob.z@MM
  Email Generic (1)
    W32/Mytob.gen@MM
  Generic Worm (20)
    W32/Spybot.worm.gen.f
    W32/Sdbot.worm.gen.bg
    W32/Gaobot.worm.gen.bj
    W32/Spybot.worm.gen.bj
    W32/Sdbot.worm.gen.j
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.i
    W32/Sdbot.worm.gen.bl
    W32/Sdbot.worm.gen.bk
    W32/Kelvir.worm.gen
    W32/Gaobot.worm.gen.bf
    W32/Sdbot.worm.gen.bd
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.bi
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.bj
    W32/Sdbot.worm.gen.bw
    W32/Gaobot.worm.gen.bi
    W32/Gaobot.worm.gen.by
    W32/Sdbot.worm.gen.y
  Internet Worm (6)
    W32/Kelvir.worm.c
    W32/Kelvir.worm.b
    W32/Kelvir.worm.bh
    W32/Kelvir.worm.f
    W32/Bropia.worm.aj
    Perl/Spyski.worm
  Parasitic (7)
    Bane.cav.256.f
    Bane.cav.256.d
    Bane.cav.256.b
    Bane.cav.256.g
    Bane.cav.256.e
    Bane.cav.256.c
    Bane.cav.256.a
  Script (1)
    Univ.script/99a
  VbScript (1)
    New Script
  Win32 (2)
    W32/Generic.Delphi.a
    W32/Qeds
  Worm (45)
    W32/Kelvir.worm.al
    W32/Kelvir.worm.ap
    W32/Kelvir.worm.an
    W32/Bropia.worm.al
    W32/Bropia.worm.ak
    W32/Kelvir.worm.ao
    W32/Kelvir.worm.am
    W32/Bropia.worm.am
    W32/Kelvir.worm.ax
    W32/Bropia.worm.ao
    W32/Bropia.worm.an
    W32/Kelvir.worm.az
    W32/Kelvir.worm.ba
    W32/Kelvir.worm.ay
    W32/Bropia.worm.ar
    W32/Kelvir.worm.bg
    W32/Kelvir.worm.e
    W32/Bropia.worm.ba
    W32/Bropia.worm.az
    W32/Bropia.worm.ay
    W32/Bropia.worm.ax
    W32/Kelvir.worm.d
    W32/Kelvir.worm.g
    W32/Kelvir.worm.i
    W32/Kelvir.worm.k
    W32/Kelvir.worm.j
    W32/Kelvir.worm.a
    W32/Kelvir.worm.o
    W32/Kelvir.worm.n
    W32/Kelvir.worm.p
    W32/Kelvir.worm.s
    W32/Kelvir.worm.l
    W32/Kelvir.worm.m
    W32/Kelvir.worm.t
    W32/Kelvir.worm.q
    W32/Kelvir.worm.w
    W32/Kelvir.worm.ak
    W32/Kelvir.worm.ab
    W32/Bropia.worm.ag
    W32/Kelvir.worm.ac
    W32/Kelvir.worm.aj
    W32/Kelvir.worm.ai
    W32/Bropia.worm.ah
    W32/Bropia.worm.ai
    W32/Opanki.worm