Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4633
DAT Release Date 11/21/2005
Threats Detected 160016
New Detections 26
Enhanced Detections 347

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (14)
   (8)
    VSource/Tsunami
    Tool/tp
    Tool/applet2
    Tool/rauv
    Tool/skudo
    Tool/deltr4
    Tool/dri
    Tool/applet
  Script (6)
    Tool/testapp
    Tool/pskill
    Tool/hide
    Tool/admin
    Tool/kacz
    Tool/del6
Trojan (9)
  Password Stealer (2)
    PWS-Muma
    PWS-WebMoney
  Remote Access (1)
    BackDoor-CVS
  Script (4)
    Bat/qd331
    Bat/cry2
    Bat/cob4
    Bat/net11
  Win32 (2)
    Generic Keylogger.e
    Generic LowZones.c
Virus (3)
  Email (3)
    W32/Mytob.gx@MM
    W32/Mytob.gw@MM
    W32/Mytob.gv@MM

Enhanced Detections:

Internet Worm (9)
  E-mail (3)
    W32/Sober.e@MM
    W32/Mytob.bk@MM
    W32/Sober.j@MM
  E-mail worm (6)
    W32/Netsky.i@MM
    W32/Netsky.b@MM
    W32/Netsky.t@MM
    W32/Netsky.s@MM
    W32/Netsky.c@MM
    W32/Netsky.a@MM
Program (82)
   (14)
    VSource/pas6
    VSource/pas4
    VSource/pas2
    VSource/pas5
    VSource/pas3
    VSource/pas1
    VSource.par
    VSource/pas7
    VSource/pag
    VSource/tiny
    VSource/rm
    V-HTM.c
    V-HTM.b
    V-HTM.a
  - (1)
    Proxy-OSS
  Adware (38)
    Adware-SaveNow
    Adware-TVMedia
    Adware-DFC
    Adware-PortalScan
    Adware-BrowserAid
    Adware-Virtumundo
    Adware-Superbar
    Adware-Gohip
    Adware-UpdateLoader
    Adware-PopMonster
    Adware-Bic
    Adware-Verticity
    Adware-SRNG
    Adware-BHO.gen
    Adware-BuddyLinks
    Adware-SearchAid
    Adware-IESearchBar
    Adware-eUniverse
    Adware-IEDriver
    Adware-TradeExit
    Adware-UCMore
    Adware-ToolbarCC
    Adware-IAGold
    Adware-WhenUSearch
    Adware-KeenValue
    Adware-WinAd
    Adware-WhenU
    Adware-MMSys
    Adware-Henbang
    Adware-ShopNav
    Adware-SearchIt
    MotherboardMon
    Adware-Medload
    Adware-Kazoom
    Adware-iGetNet
    Adware-Cometsys
    Adware-abetterintrnt
    Adware-BkdSpace
  Application extension (1)
    Adware-RBlast.dll
  Dialer (3)
    Dialer-RAS.aj
    Dialer-185
    Dialer-167
  Downloader (9)
    Downloader-BR
    Adware-POP.dldr
    Downloader-EAccel
    Adware-SRNG.dldr
    Adware-NS.dldr
    Adware-Lop.dldr
    Adware-Ezula.dldr
    Adware-abetterintrnt.dldr
    Downloader-KL
  Dropper (9)
    Adware-Lop.dr
    Adware-NetPals.dr
    Adware-FreeComm.dr
    Adware-SafeSurf.dr
    Adware-SurfSideKick.dr
    Uploader-R.dr
    Adware-IGetNet.dr
    Adware-IMIServ.dr
    Adware-abetterintrnt.dr
  Generic (1)
    Adware-abetterintrnt.gen.a
  Keylogger (1)
    Keylog-Windows
  Registry (1)
    Reg-DetectKeys25
  Settings Change (1)
    Adware-XPlugin
  Tool (1)
    HideRun
  Win32 (2)
    MSKILL
    Crack-StyleXP
Trojan (51)
   (9)
    Generic BackDoor.d
    Yosha
    Generic.ca
    Generic PWS.u
    Generic BackDoor.bb
    Generic.dc
    Generic Downloader.ap
    Generic.cb
    Generic Downloader.ar
  - (1)
    ProcKill-AJ
  Damaged (1)
    Exploit-MS04-032!gdi.dam
  Downloader (2)
    Downloader-AGW
    Downloader-YO
  Dropper (1)
    MultiDropper-PG
  Email (1)
    W32/Sober.q
  Exploit (2)
    Exploit-MS04-032!gdi
    Exploit-IEPageSpoof
  Generic (9)
    BackDoor-AGS.gen
    Exploit-URLSpoof.gen
    Generic Downloader.gen.bd
    Generic Downloader.gen.be
    PWS-Banker.gen.ba
    PWS-Banker.gen.bb
    PWS-Banker.gen.l
    Generic Downloader.gen.bc
    JS/Exploit-BO.gen
  Heuristic (2)
    New Malware.d
    New Malware.n
  Password (1)
    PWS-LegMir
  Password Stealer (1)
    Generic PWS.h
  Remote Access (3)
    BackDoor-AWQ.b
    BackDoor-CKB.sys
    BackDoor-IQ
  Win32 (18)
    HackerDefender
    Generic FDoS
    Generic Downloader.ba
    Generic BackDoor.c
    Generic BackDoor.q
    Generic VB.b
    Generic PWS.n
    Generic BackDoor.ba
    Generic StartPage.h
    Generic Downloader.u
    Generic PWS.o
    Generic Downloader.ab
    Generic BackDoor.w
    Generic PWS.s
    Generic AdClicker.l
    Generic Downloader.m
    Generic PWS.m
    Generic Downloader.g
Virus (205)
   (47)
    APE.RDA.7408
    APE.RDA.5969
    APE.RDA.5871
    APE.Phant1.h
    APE.Rats.7000
    APE.Phant1.g
    APE.Phant1.f
    APE.Phant1.e
    APE.Phant1.d
    APE.Phant1.c
    APE.Phant1.b
    APE.Phant1.a
    APE
    MPC
    Dead
    MtE
    7thSon.327
    7thSon.333c
    7thSon.254
    7thSon.283
    7thSon.473b
    7thSon.440
    7thSon.426
    7thSon.350b
    7thSon.334
    7thSon.332c
    7thSon.332a
    7thSon.284e
    7thSon.284c
    7thSon.284b
    7thSon.284a
    7thSon.281
    7thSon.271b
    7thSon.268
    7thSon.344
    7thSon.333b
    7thSon.253
    7thSon.331
    7thSon.473a
    7thSon.428
    7thSon.424
    7thSon.350a
    7thSon.333
    7thSon.332b
    7thSon.286
    7thSon.284d
    7thSon.271a
  Boot (4)
    FORM
    Dodgy
    Chinque
    AP
  Damaged (6)
    W32/Sober.dam
    W32/Netsky.q.dam
    W9xcc.dam
    W32/Netsky.c.dam
    W32/Netsky.p.dam
    W32/Netsky.d.dam
  Damaged multipartite (1)
    Outsider.mp.1452.dam
  Damaged Worm (1)
    W32/Sdbot.worm.dam
  Dropper (8)
    Univ/a.dr
    Univ/r.dr
    Mini.dr
    W32/Sober.dr
    W32/Sober.s.dr
    W32/Sober.v.dr
    W32/Sober.u.dr
    W32/Sober.t.dr
  Dropper Email (1)
    W32/Mytob.dr@MM
  Dropper Overwriting (1)
    Univ.ow/a.dr
  E-mail (30)
    W32/Sober.c@MM
    W32/Netsky.w@MM
    W32/Netsky.q@MM
    W32/Netsky.u@MM
    W32/Netsky.g@MM
    W32/Sober.d@MM
    W32/Netsky.l@MM
    W32/Netsky.k@MM
    W32/NetSky.h@MM
    W32/Netsky.v@MM
    W32/Netsky.y@MM
    W32/Netsky.z@MM
    W32/Sober.p@MM
    W32/Netsky.ab@MM
    W32/Mytob.be@MM
    W32/Mytob.bi@MM
    W32/Mytob.bj@MM
    W32/Mytob.bo@MM
    W32/Mytob.bl@MM
    W32/Mytob.br@MM
    W32/Mytob.bf@MM
    W32/Mytob.cg@MM
    W32/Mytob.ch@MM
    W32/Sober.o@MM!M414
    W32/Sober.u@MM
    W32/Sober@MM!M681
    W32/Sober.w@MM
    W32/Sober.v@MM
    W32/Netsky.ag@MM
    W32/Sober.g@MM
  E-mail worm (11)
    W32/Sober.f@MM
    W32/Netsky.n@MM
    W32/Sober.b@MM
    W32/Netsky.j@MM
    W32/Netsky.o@MM
    W32/Netsky.x@MM
    W32/Netsky.e@MM
    W32/Netsky.f@MM
    W32/Netsky.d@MM
    W32/Netsky.ac@MM
    W32/Sober.l@MM
  Email (56)
    W32/Mytob.b@MM
    W32/Mytob.a@MM
    W32/Mytob.ev@MM
    W32/Mytob.at@MM
    W32/Netsky.ad@MM
    W32/Mytob.av@MM
    W32/Mytob.au@MM
    W32/Sober.m@MM
    W32/Mytob.fy@MM
    W32/Mytob.fw@MM
    W32/Mytob.fx@MM
    W32/Mytob.gg@MM
    W32/Mytob.gl@MM
    W32/Mytob.gj@MM
    W32/Mytob.gi@MM
    W32/Mytob.bg@MM
    W32/Mytob.bx@MM
    W32/Mytob.cd@MM
    W32/Mytob.gd@MM
    W32/Mytob.gc@MM
    W32/Mytob.gb@MM
    W32/Mytob.ga@MM
    W32/Mytob.gf@MM
    W32/Mytob.gp@MM
    W32/Mytob.gq@MM
    W32/Mytob.bn@MM
    W32/Mytob.dh@MM
    W32/Mytob.r@MM
    W32/Mytob.e@MM
    W32/Mytob.c@MM
    W32/Mytob.gt@MM
    W32/Mytob.g@MM
    W32/Mytob.bt@MM
    W32/Mytob.bp@MM
    W32/Mytob.ct@MM
    W32/Mytob.cf@MM
    W32/Mytob.dd@MM
    W32/Mytob.ca@MM
    W32/Mytob.n@MM
    W32/Mytob.f@MM
    W32/Mytob.d@MM
    W32/Mytob.cs@MM
    W32/Mytob.dk@MM
    W32/Mytob.dz@MM
    W32/Mytob.eb@MM
    W32/Sober.s@MM
    W32/Mytob.ds@MM
    W32/Mytob.ea@MM
    W32/Sober.t@MM
    W32/Mytob.gu@MM
    W32/Mytob.ej@MM
    W32/Sober.x@MM
    W32/Netsky.ai@MM
    W32/Netsky.af@MM
    W32/Mytob.es@MM
    W32/Mytob.eq@MM
  Email Generic (3)
    W32/Sober.gen@MM
    W32/Rontokbro.gen@MM
    W32/Mytob.gen@MM
  Email Worm (2)
    W32/Netsky.aa@MM
    W32/Sober.k@MM
  Generic Worm (10)
    W32/Opanki.worm.gen
    W32/Sdbot.worm.gen.h
    W32/Kelvir.worm.gen
    W32/Sdbot.worm.gen.bz
    W32/Sdbot.worm.gen.ay
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.bw
    W32/Sdbot.worm.gen.q
    W32/Bobax.worm.gen
  Heuristic (1)
    New Script.ext
  Internet Worm (1)
    W32/Sober.a@MM
  multipartite (9)
    GWar.mp
    Ebo.mp
    Outsider.mp.1540
    Outsider.mp.1457
    Outsider.mp.1452
    Outsider.mp.1402
    Outsider.mp.1382
    Outsider.mp.1386
    Marzia.mp
  Overwriting (1)
    Univ.ow/c
  Parasitic (1)
    Univ/f.apd
  Script (1)
    Univ.script/99a
  Universal (5)
    Univ/f
    Univ/a
    Univ/s
    Univ/t
    Univ.prepend
  Win32 (3)
    W32/Netsky
    W32/Generic.e
    W32/Generic.m
  Worm (2)
    W32/Bobax.worm.k
    W32/Mytob.worm!im