Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4420
DAT Release Date 01/19/2005
Threats Detected 113667
New Detections 342
Enhanced Detections 273

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (267)
   (10)
    Generic Downloader.i
    CRH19
    CRH16b
    CRH8b
    CRH18b
    ActivityLogger
    RemAdm-DWRC
    CRH18c
    CRH17c
    CRH10b
  Adware (207)
    Adware-Virtumonde
    Adware-XPStyle
    Adware-s36XP.lnk
    Adware-s36.XP.lnk
    Adware-xplus
    Adware-xplus.url
    Adware-XPCSpy
    Adware-WinWhatWhere
    Adware-WinSniffer
    Adware-WhistleSoft
    Adware-Web3000
    Adware-WatchRight.lnk
    Adware-BPS.lnk
    Adware-VBouncer
    Adware-Ultrabar
    Adware-Trickler
    Adware-TotalVelocity
    Adware-Telephonespy
    Adware-SystemSpy
    Adware-SurfSnoop
    Adware-SpywareNuker
    Adware-SpyPC
    Adware-SpyAgent
    Adware-Spector
    Adware-SideStep
    Adware-ShopNav
    Adware-SearchIt
    Adware-Safenet
    Adware-Reboot.AA
    Adware-StarPartySpy.lnk
    Adware-StarParty.lnk
    Adware-RapidBlaster
    Adware-PrecisionTime.url
    Adware-PowerStrip
    Adware-PortalScan.url
    Adware-Perfect.url
    Adware-PeopleOnPage
    Adware-PCSpy
    Adware-OnFlow
    Adware-OmniquadLog
    Adware-s36.98.lnk
    Adware-WurldMedia
    Adware-WatchRight
    Adware-StripPlayer
    Adware-Starr
    Adware-RedHand
    Adware-OmniQuadDet
    Adware-NukeNabber
    Adware-NewtonKnows
    Adware-NetworkEss
    Adware-NetSonic
    Adware-NetPal
    Adware-MSGate
    Adware-l.lnk
    Adware-MidnightOil.url
    Adware-LyttleKeyBug
    Adware-LoggerBuddy
    Adware-LeakTest
    Adware-KeyboardLog
    Adware-KeybSpectator
    Adware-KeybSpectator.url
    Adware-Key2Log
    Adware-JimmySurf
    Adware-IopusStarr
    Adware-InvActSpy
    Adware-InlookExpress
    Adware-iNetDelivery
    Adware-IMIServ
    Adware-ICUSurf
    Adware-HiWire
    Adware-HideRun
    Adware-Hanuman
    Adware-GRLRealHidden.url
    Adware-den.lnk
    Adware-GatorEWallet.url
    Adware-GameSpyArcade.url
    Adware-GameSpyArcade
    Adware-bes_XP.lnk
    Adware-Forbes
    Adware-Farsighter
    Adware-NetSpy
    Adware-FreeEbook.lnk
    Adware-Net900
    Adware-MotherbrdMon
    Adware-MidnightOil
    Adware-Medload
    Adware-LoverSpy
    Adware-LinkGrabber99
    Adware-KeyStrokeRep
    Adware-KeyKey
    Adware-Kazoom
    Adware-iSpyNow
    Adware-Iroffer
    Adware-IPSentry
    Adware-IntraSpy
    Adware-INetspeak
    Adware-Ilookup
    Adware-iGetNet
    Adware-HideWindow
    Adware-HideExec
    Adware-Hack99
    Adware-GRLRealHidden
    Adware-GoogleMS
    Adware-GatorEWallet
    Adware-GameSpyArcade.lnk
    Adware-Freecam
    Adware-bes_98.lnk
    Adware-FlashGet
    Adware-Expedioware
    Adware-EmployeeMon
    Adware-EmailPI
    Adware-E-Surveiller
    Adware-DAPlus
    Adware-DopeWars
    Adware-.aj.lnk
    Adware-DesktopDetect.lnk
    Adware-DCToolbar
    Adware-DateManager
    Adware-CyberSnoop
    Adware-CovenantEyes
    Adware-Cometsys
    Adware-EZSearchBar
    Adware-EGroup
    Adware-DSSAgent
    Adware-DownloadAccel
    Adware-DopeWars.lnk
    Adware-DFC2
    Adware-DesktopDetect
    Adware-DateManager.url
    Adware-Cytron
    Adware-CashSurfers
    Adware-2.5b56.lnk
    Adware-BkdSpace.url
    Adware-Belcaro
    Adware-BDEProjector
    Adware-Barok
    Adware-BackAttack
    Adware-Aveo
    Adware-AtomicLog
    Adware-AppsTraka
    Adware-Alexa
    Adware-AdultLinks
    Adware-AdGoblin
    Adware-AdBreak
    Adware-AdBlaster
    Adware-Achtung
    Adware-AccesMembre
    Adware-er.lnk
    Adware-ABSystemSpy
    Adware-7FaSSt
    Adware-4Arcade
    Adware-3rdEye
    Adware-2Spy
    Adware-SecondThought.lnk
    Adware-2ndThought
    Adware-CometCursor
    Adware-123Search
    Adware-TopRebates
    Adware-SrchEnh
    Adware-DealHelper
    Adware-CouponAge
    Adware-CashFiesta
    Adware-BackWeb
    Adware-ValueAd
    Adware-SurfSideKick
    Adware-Softomate
    Adware-IEPageHelp
    Adware-DRSN
    Adware-CliCkSpring
    Adware-BroadCastPC
    Adware-Beginto
    Adware-YSKKeylog
    Adware-X-Diver
    Adware-Winvestigator
    Adware-WinGuardian
    Adware-WebMailSpy
    Adware-WeatherCast
    Adware-VCatch
    Adware-TwistedHumor
    Adware-Tps108
    Adware-TightVNC
    Adware-TalkingBuddy
    Adware-SurfSpy
    Adware-SurfPlus
    Adware-Stukach
    Adware-StopPop
    Adware-SpyWiper
    Adware-SpytechShadow
    Adware-SpyAnywhere
    Adware-SpotOn
    Adware-SnoopInternet
    Adware-Sidesearch.lnk
    Adware-ShopAtHomeSel
    Adware-Search-Explor
    Adware-RedV
    Adware-RecorderLite
    Adware-Raven
    Adware-RAS.di
    Adware-CleverCracers.lnk
    Adware-CleverCracker.lnk
    Adware-RAS.as
    Adware-RadLight
    Adware-Probot
    Adware-PrecisionTime
    Adware-myPCsearch.lnk
    Adware-Perfect
    Adware-PehPai
  Application extension (3)
    Adware-Visiter.dll
    Adware-ClearSearch.dll
    Adware-BkdSpace.dll
  Dialer (2)
    Dialer-240
    Dialer-239
  Downloader (5)
    IMIServer.dldr
    Adware-Ezula.dldr.url
    Adware-ClearSearc.dldr
    Adware-ClearSearch.dldr
    Adware-ValueAd.dldr
  Dropper (5)
    Adware-IMIServ.dr.url
    Adware-IGetNet.dr
    Adware-IMIServ.dr
    Adware-Softomate.dr
    Adware-Adroar.dr
  Generic (16)
    Adware-RAS.v.gen
    Adware-RAS.dk.gen
    Adware-RAS.dd.gen
    Adware-RAS.cx.gen
    Adware-RAS.cc.gen
    Adware-RAS.bo.gen
    Adware-RAS.bb.gen
    Adware-RAS.ax.gen
    Adware-RAS.bd.gen
    Adware-BHO.gen.url
    Adware-RAS.dl.gen
    Adware-RAS.cz.gen
    Adware-RAS.ck.gen
    Adware-RAS.bw.gen
    Adware-RAS.bb.gen.url
    Adware-Perfect.gen
  Keylogger (10)
    Keylog-Windows
    Keylog-StealthKC
    Keylog-PAL
    Keylog-Invisible
    Keylog-Family.url
    Keylog-Family
    Keylog-Perfect.url
    Keylog-Absolute
    Keylog-ABC
    Keylog-WMRemote
  Malware Tool (1)
    PWCrack-OE
  Spyware (1)
    Spyware-Clearsearch
  Tool (1)
    HTool-Patcher
  Win32 (6)
    RemAdm-RemoteCtrlPC
    RenamedmIRCClient
    BackOrifice
    ActionsMonitor
    ABetterInternet
    RemAdm-WinRemCli
Trojan (35)
  Application extension (3)
    Proxy-Agent.e.dll
    PWS-Leneage.dll
    BackDoor-AZF.dll
  Damaged (1)
    BackDoor-AVW.dam
  Demonstration (1)
    Exploit-ANIfile.demo
  Downloader (8)
    QLowZones-4.dldr
    Downloader-UG
    Downloader-UE
    Downloader-UB
    Downloader-UH
    Downloader-UF
    Downloader-UD
    Downloader-UC
  Dropper (6)
    Downloader-UD.dr
    BackDoor-CMT.dr
    MultiDropper-ME
    StartPage-GA.dr
    PWS-Goldun.dr
    BackDoor-BDI.dr
  Exploit (1)
    JS/Exploit-ANI
  Password Stealer (4)
    PWS-Leneage
    PWS-Goldun
    PWS-Banker.h
    PWS-Banker.i
  Proxy (2)
    Proxy-Agent.e
    Proxy-Agent.d
  Remote Access (3)
    BackDoor-CMY
    BackDoor-CMZ
    BackDoor-CMX
  Script (1)
    Del-464.bat
  StartPage (2)
    StartPage-GB
    StartPage-GA
  Win32 (3)
    HellWin
    QLowZones-10
    Del-465
Virus (40)
   (2)
    SymbOS/Cabir.u!sis
    SymbOS/Cabir.u
  Damaged (1)
    W95/Negt.dam
  Dropper (1)
    W95/Negt.dr
  E-mail worm (1)
    W32/Buchon.c@MM
  Email (11)
    W32/Mugly.g@MM
    W32/Kipis.c@MM
    W32/Buchon.g@MM
    W32/Buchon.e@MM
    W32/Buchon.a@MM
    W32/Mugly.e@MM
    W32/Mugly.f@MM
    W32/Buchon.h@MM
    W32/Buchon.f@MM
    W32/Buchon.d@MM
    W32/Buchon.b@MM
  Generic (1)
    Perl/Rans.gen
  Generic Worm (1)
    W32/Fungmush.worm.gen
  Intended (1)
    W97M/Lingo.intd
  Macro (1)
    W97M/UCK.b
  Overwriting (1)
    W32/Sabus.ow
  Overwriting Peer To Peer (1)
    W32/Xiquitir.ow!p2p
  Parasitic (1)
    W32/HLLP.13317
  Win32 (13)
    W32/DotBot
    W32/Repar
    W32/Lutor.b
    W32/Implink
    W32/Gpcode
    W32/Buchon!keylog
    W32/Generic.m
    W32/Repar!bat
    W32/Lutor.a
    W32/Implinker
    W32/Duella
    W32/Buchon.c!keylog
    W32/Breacuk
  Win9x (1)
    W95/Negt
  Worm (3)
    W32/Crowt.worm
    W32/Bobax.worm.e
    W32/Nodad.worm

Enhanced Detections:

- (1)
  Adware (1)
    Adware-RVP
Internet Worm (3)
  P2P Worm (1)
    W32/Generic.worm!p2p
  VbScript (1)
    VBS/Generic@MM
  Win32 (1)
    New Worm
Malware (1)
  Exploit (1)
    Exploit-CodeBase
Program (140)
   (12)
    Suspicious IFrame.b
    CRH3c
    CRH16
    IMIServer
    CRH9
    CRH8
    CRH6
    CRH1a
    CRH13
    CRH12
    CRH11
    CRH10
  - (4)
    Iroffer
    Proxy-OSS
    Dialer-RAS.a.gen
    IMIServer.download
  Adware (75)
    Adware-KeenValue
    Adware-SaveNow
    Adware-TVMedia
    Adware-DFC
    Adware-TopMoxie
    Adware-PortalScan
    Adware-BrowserAid
    Adware-ISTbar.b
    Adware-RBlast.dldr
    Adware-MemWatcher
    Adware-Superbar
    Adware-180Solutions
    Adware-Httper
    Adware-Cydoor
    Adware-Look2Me
    Adware-Gohip
    Adware-SAHAgent
    Adware-HelpExpress
    Adware-Websearch
    Adware-PromulGate
    Adware-SideSearch
    Adware-BetterInet
    Adware-UpdateLoader
    Adware-CommonName
    Adware-Bic
    Adware-PurityScan
    Adware-Verticity
    Adware-PornKings
    Adware-SRNG
    Adware-BB
    Adware-BHO.gen
    Adware-Gator
    Adware-HungryHands
    Adware-PopMonster
    Adware-BuddyLinks
    Adware-Adsincontext
    Adware-SearchAid
    Adware-Xupiter
    Adware-Holistyc
    Adware-Nsupdate
    Adware-FreeComm
    Adware-Virtumondo
    Adware-Searchcentrix
    Adware-IESearchBar
    Adware-Apropos
    Adware-NSearch
    Adware-eUniverse
    Adware-Vloading
    Adware-CnsMin
    Adware-Fuel
    Adware-Aureate
    Adware-IEDriver
    Adware-ISTBar
    Adware-RBlast
    Adware-Zipclix
    Adware-Lop
    Adware-TradeExit
    Adware-UCMore
    Adware-ToolbarCC
    Adware-StatBlaster
    Adware-Adroar
    Adware-IAGold
    Adware-WildMedia
    Adware-TsCash
    Adware-Virtumundo
    Adware-Nste
    Adware-Showsearch
    Adware-PerfectNav
    Adware-Exactsearch
    Adware-OMI
    Adware-WinAd
    Adware-MMSys
    Uploader-R
    Adware-BkdSpace
    Adware-CommanderNET
  Application extension (2)
    Adware-RBlast.dll
    Proxy-OSS.dll
  Dialer (5)
    Dialer-RAS.aj
    Dialer-192
    Dialer-185
    Dialer-RAS.de
    Dialer-167
  Downloader (12)
    Downloader-BR
    Adware-Xupiter.dldr
    Adware-POP.dldr
    Adware-XPlugin.dldr
    Adware-SRNG.dldr
    Adware-NS.dldr
    Adware-Lop.dldr
    Downloader-JS
    Adware-Ezula.dldr
    Uploader-R.dldr
    Adware-Websearch.dldr
    Downloader-KL
  Dropper (11)
    Adware-Lop.dr
    Adware-SAHAgent.dr
    Adware-NetPals.dr
    Adware-BetterInet.dr
    IMIServ.dr
    Adware-XPlugin.dr
    Adware-FreeComm.dr
    Adware-BkdSpace.dr
    Adware-TVMedia.dr
    Uploader-R.dr
    Adware-Pribi.dr
  Generic (1)
    Dialer-RAS.d.gen
  Keylogger (4)
    Keylog-Advanced
    Keylog-Ardamax
    Keylog-StealthLogger
    Keylog-Keyspy
  PornDialer (1)
    Dialer-Generic
  Process (2)
    ProcKill-Term
    ProcKill-T
  Remote Access (1)
    ServU-Daemon
  Settings Change (1)
    Adware-XPlugin
  Spam (1)
    Adware-Ezula
  Spyware (3)
    Keylog-Perfect
    Spyware-ActivityMon
    Spyware-Webhancer
  Tool (1)
    HTool-CrackSearch
  Win32 (4)
    Renamed mIRC Client
    RemAdm-RemoteAdmin
    Ircd-RatBox
    Crack-StyleXP
Trojan (81)
   (2)
    Phish-BankFraud.eml
    QLowZones-4
  - (1)
    IRC/Flood.mirc
  Application extension (4)
    AFXrootkit.dll
    PWS-Legmir.dll
    PWS-Lineage.dll
    PWS-Banker.dll
  Configurator (1)
    PWS-Sagic.cfg
  Denial Of Svc (1)
    IRC/Flood.bk
  Downloader (3)
    Proxy-Mitglieder
    Downloader-IQ
    PWS-Bancban.dldr
  Downloader Generic (1)
    Proxy-FBSR.gen.dldr
  Dropper (9)
    AFXrootkit.dr
    PWS-LDPinch.dr
    MultiDropper-IY
    RemoteAdmin.dr
    StartPage-EH.dr
    BackDoor-BAC.dr
    BackDoor-ASB.dr
    PWS-Banker.dr
    MultiDropper-MB
  Dropper Generic (1)
    IRC-Sdbot.dr.gen
  Exploit (3)
    VBS/Psyme
    Exploit-MhtRedir.gen
    Exploit-ANIfile
  Generic (9)
    PWS-LegMir.gen.b
    JS/Seeker.gen.m
    FDoS-MSN.gen
    BackDoor-ASB.gen
    Proxy-FBSR.gen
    JS/Exploit-BO.gen
    PWS-Bancban.gen.f
    AFXrootkit.gen
    Spy-Tofger.gen.b
  Internet Relay Chat (1)
    IRC/Flood.e
  JavaScript (1)
    JS/CardStealer
  Password (5)
    PWS-Bancos
    PWS-LegMir
    PWS-LDPinch
    PWS-Bancban
    PWS-Sagic
  Password Stealer (5)
    Generic PWS.a
    PWS-QQRob
    PWS-Banker
    PWS-Lineage
    PWS-Mifeng
  ProcKill (1)
    ProcKill-AK
  Proxy (3)
    Proxy-FBSR
    Proxy-Torxy
    Proxy-Agent.c
  Remote Access (12)
    BackDoor-ACH
    Backdoor-CAK
    BackDoor-ABM
    BackDoor-ASB
    Backdoor-AFC
    BackDoor-AVW
    BackDoor-AOP
    BackDoor-AOZ
    BackDoor-AZZ
    BackDoor-BBR
    BackDoor-CDC
    Generic BackDoor.m
  Spyware (2)
    Keylog-Perfect.dr
    Keylog-SCLog
  Trojan (1)
    HotWorld
  Win32 (15)
    Generic VB
    AdClicker-X
    Generic Downloader.a
    Generic BackDoor.h
    Generic Delphi
    Generic Downloader.c
    NetBus
    QLowZones-6
    AdClicker-BM
    Generic VB.c
    Generic Downloader.f
    DDoS-Boxed
    Generic BackDoor.j
    Generic Downloader.e
    Generic Downloader.h
Virus (47)
   (1)
    Lazarus
  Application extension Worm (1)
    W32/Licia.worm.dll
  Damaged Worm (3)
    W32/Gaobot.worm.dam
    W32/Protoride.worm.dam
    W32/Sdbot.worm.dam
  Dropper Worm (1)
    W32/Gaobot.worm.dr
  E-mail (3)
    W32/Mugly.a@MM
    W32/Mugly.b@MM
    W32/Mugly.d@MM
  E-mail worm (4)
    W32/Generic.a@MM
    W32/Assarm.worm
    W32/Buchon.gen@MM
    W32/Kipis.b@MM
  Email (3)
    VBS/Ediboy@MM
    W32/Breacuk.a@MM
    W32/Breacuk.b@MM
  Email Generic (1)
    W32/Kipis.gen@MM
  Email Worm (1)
    W32/Kipis.a@MM
  Generic (2)
    W32/Poebot.gen
    W32/Sdbot.gen.r
  Generic Peer To Peer Worm (1)
    W32/Licia.worm.gen!p2p
  Generic Worm (13)
    W32/Gaobot.worm.gen.k
    W32/Gaobot.worm.gen.e
    W32/Sdbot.worm.gen.w
    W32/Spybot.worm.gen.f
    W32/Sdbot.worm.gen.e
    W32/Gaobot.worm.gen.j
    W32/Sdbot.worm.gen.j
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.i
    W32/Sdbot.worm.gen.x
    W32/Gaobot.worm.gen.t
    W32/Sdbot.worm.gen.y
    W32/Sdbot.worm.gen.t
  Heuristic (1)
    New Win32.g4
  mIRC Worm (2)
    MIRC/Generic
    W32/Protoride.worm
  VbScript (1)
    New Script
  Win32 (5)
    New Poly Win32
    W32/Lutor
    W32/Asper
    W32/Generic.d
    W32/Generic.Delphi
  Worm (4)
    W32/Socay.worm
    W32/Dedler.worm
    W32/FakeTet.worm
    Unix/Opener.worm