Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4539
DAT Release Date 07/20/2005
Threats Detected 138099
New Detections 37
Enhanced Detections 594

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (21)
  Adware (9)
    Adware-LinkBHO
    Adware-RxToolBar
    Adware-NuggetSearch
    Adware-ClearSearch
    Adware-Smartdove
    Adware-SearchPounder
    Adware-SpySheriff
    Adware-SAHAgent.inf
    Adware-iNetDelivery
  Application extension (1)
    ServU-Daemon.dll
  Dropper (1)
    Adware-SearchPounder.dr
  Registry (5)
    Keylog007
    Webrebates
    AdDestroyer
    WebSearch4u
    Traffic Syndicate/Hu
  Script (1)
    HideExec.bat
  Tool (3)
    HTool-MS04-031
    HTool-WED
    HTool-Exp-MS04-020
  Win32 (1)
    Generic HTool.b
Trojan (8)
  Downloader (3)
    JS/Downloader-ADF
    Downloader-ADE
    Downloader-ADD
  Dropper (1)
    MultiDropper-NM
  Exploit (4)
    JS/Exploit-IObjSafe
    PHP/Exploit-Browser
    JS/Exploit-AppAX
    Exploit-AIM.Goaway
Virus (8)
   (1)
    V2P6.z
  Dropper (1)
    W32/Bobax.dr
  Email Generic (1)
    W32/Chimo.gen@MM
  Peer To Peer (1)
    W32/Shima@MM!p2p
  Script (2)
    Bat/nightbowl
    Bat/ax
  Worm (2)
    W32/Bobax.worm.v
    W32/Gael.worm.b

Enhanced Detections:

Program (459)
   (1)
    WareOut
  - (8)
    Iroffer
    Proxy-OSS
    HideWindow
    Starr
    ZeroPopup
    WebHancer
    IMIServ.download
    IMIServer.download
  Adware (277)
    Adware-SaveNow
    Adware-Tronix
    Adware-TVMedia
    Adware-DFC
    Adware-TopMoxie
    Adware-PortalScan
    Adware-NetPals
    Adware-Adtomi
    Adware-BrowserAid
    Adware-Surfbar
    Adware-Huntbar
    Adware-SubSearch
    Adware-ShowBehind
    Adware-MemWatcher
    Adware-Superbar
    Adware-180SA
    Adware-SSF
    Adware-Httper
    Adware-Cydoor
    Adware-Look2Me
    Adware-HistoryClean
    Adware-RCSync
    Adware-Gohip
    Adware-SAHAgent
    Adware-HelpExpress
    Adware-Websearch
    Adware-PromulGate
    Adware-SideSearch
    Adware-CommonName
    Adware-SafeSurf
    Adware-Rfwnad
    Adware-CWS
    Adware-Bic
    Adware-SafeSearch
    Adware-PurityScan
    Adware-Verticity
    Adware-PornKings
    Adware-SRNG
    Adware-BB
    Adware-BHO.gen
    Adware-Gain
    Adware-HungryHands
    Adware-PopMonster
    Adware-BuddyLinks
    Adware-Adsincontext
    Downloader-GoldCas
    Dialer-197
    Adware-SearchAid
    Downloader-BT
    Adware-Xupiter
    Adware-Holistyc
    Adware-FreeComm
    Adware-DDM
    Adware-Virtumondo
    Adware-FriendXMS
    MP3Search
    Adware-Webone
    Adware-Searchcentrix
    Adware-IESearchBar
    Adware-Apropos
    Adware-NSearch
    Adware-eUniverse
    Adware-2020Search
    Adware-Lvup
    Adware-WinShow
    Adware-RightFind
    Adware-Fuel
    Adware-Edise
    Adware-Aureate
    Adware-IEDriver
    Adware-ISTBar
    Adware-ITK
    Adware-FreeScratch
    Adware-CoolWebSearch
    Adware-BargainBuddy
    Adware-RBlast
    Adware-ExplBar
    Adware-Wink
    Adware-SpyBlast
    Adware-Zipclix
    Adware-Lop
    Adware-SearchSquire
    Adware-Adshooter
    Adware-UCMore
    Adware-OpenSite
    Adware-POP
    Adware-StatBlaster
    Adware-Doumi
    Adware-Wnad
    Adware-IALink
    Adware-Adroar
    Adware-IAGold
    Adware-WildMedia
    Adware-TsCash
    Adware-LinkMaker
    Adware-InstDollars
    Adware-Fastlook
    Adware-EasySearchBar
    Adware-Checkin
    Adware-BTS
    Adware-Altnet
    Adware-Adwin
    Adware-Adpower
    Adware-17Lele
    Adware-EBates
    Adware-Comload
    Adware-CodenameAlvin
    Adware-Bulla
    Adware-ACXInstall
    Adware-IEToolBar
    Adware-HotSearchBar
    Adware-Relevance
    Adware-NaviPromo
    Adware-Dashbar
    Adware-AZESearch
    Adware-Sipspi
    Adware-SearchFast
    Adware-RiverSoft
    Adware-PrecisionPop
    Adware-Showsearch
    Adware-Virtumonde
    Adware-Onban
    Adware-Mirar
    Adware-PerfectNav
    Adware-Redalert
    Adware-Exactsearch
    Adware-OMI
    Adware-ClickTrack
    Adware-StartToolBar
    Adware-MarketScore
    Adware-HotAction
    Adware-GoldenEye
    Adware-BonziBuddy
    Adware-KeenValue
    Adware-Ndware
    Adware-MediaTickets
    Adware-ZSearch
    Adware-Unitzed
    Adware-Topconvert
    Adware-TickerBar
    Adware-TbarWin32
    Adware-NeoToolbar
    Adware-NDotNet
    Adware-Megasearch
    Adware-MarketDart
    Adware-LookNSearch
    Adware-7FaSSt
    Adware-SmartPops
    Adware-SBSoft
    Adware-MWS
    Adware-FriendlyName
    Adware-404Search
    Adware-Searcher
    Adware-IEBar
    Adware-P2PNet
    Adware-HalfLemon
    Adware-SideFind
    Adware-AdStart
    Adware-IWantSearch
    Adware-Midaddle
    Adware-Tubby
    Adware-Horoscope
    Adware-Adlogix
    Adware-WinAd
    Adware-WhenU
    Adware-TSADB
    Adware-Shorty
    Adware-ContextPlus
    Adware-CasClient
    Adware-FWNToolbar
    Adware-WinActive
    Adware-MMSys
    Adware-Darktech
    Uploader-R
    Adware-CasOnline
    Adware-ShopprReports
    Adware-Jily
    Adware-ISearch
    Adware-Interkey
    Adware-Instafinder
    Adware-ExtaCaps
    Adware-Elitebar
    Adware-xplus
    Adware-WinSniffer
    Adware-Web3000
    Adware-Ultrabar
    Adware-Trickler
    Adware-TotalVelocity
    Adware-SystemSpy
    Adware-SurfSnoop
    Adware-SpyPC
    Adware-Spector
    Adware-SideStep
    Adware-SearchIt
    Adware-Safenet
    Adware-RapidBlaster
    Adware-PowerStrip
    Adware-PeopleOnPage
    Adware-OnFlow
    Adware-WatchRight
    Adware-Starr
    Adware-RedHand
    Adware-NewtonKnows
    Adware-LoggerBuddy
    Adware-Key2Log
    Adware-JimmySurf
    Adware-InlookExpress
    Adware-HiWire
    Adware-GameSpyArcade
    Adware-Forbes
    Adware-Farsighter
    Adware-Net900
    Adware-MidnightOil
    Adware-LinkGrabber99
    Adware-Kazoom
    Adware-INetspeak
    Adware-Ilookup
    Adware-Freecam
    Adware-FlashGet
    Adware-Expedioware
    Adware-E-Surveiller
    Adware-DopeWars
    Adware-DCToolbar
    Adware-DateManager
    Adware-CyberSnoop
    Adware-CovenantEyes
    Adware-EZSearchBar
    Adware-EGroup
    Adware-CashSurfers
    Adware-BDEProjector
    Adware-Barok
    Adware-BackAttack
    Adware-Aveo
    Adware-AtomicLog
    Adware-AppsTraka
    Adware-Alexa
    Adware-AdultLinks
    Adware-AdGoblin
    Adware-AdBreak
    Adware-Achtung
    Adware-ABSystemSpy
    Adware-2ndThought
    Adware-CometCursor
    Adware-SrchEnh
    Adware-DealHelper
    Adware-CashFiesta
    Adware-ValueAd
    Adware-SurfSideKick
    Adware-Softomate
    Adware-ClickSpring
    Adware-BroadCastPC
    Adware-Beginto
    Adware-Simbar
    Adware-abetterintrnt
    Adware-YSKKeylog
    Adware-X-Diver
    Adware-Winvestigator
    Adware-WeatherCast
    Adware-VCatch
    Adware-TwistedHumor
    Adware-Qoolaid
    Adware-BkdSpace
    Adware-CommanderNET
    Adware-BestSearch
    Adware-GatorEWallet
    Adware-Tps108
    Adware-SurfSpy
    Adware-Stukach
    Adware-StopPop
    Adware-SpyWiper
    Adware-SpyAnywhere
    Adware-SpotOn
    Adware-RedV
    Adware-Raven
    Adware-RadLight
    Adware-Probot
    Adware-PrecisionTime
  Dialer (10)
    Dialer-198
    Dialer-51
    Dialer-264
    Dialer-185
    Dialer-212
    Dialer-220
    Dialer-201
    Dialer-167
    Dialer-184
    Dialer-182
  Downloader (17)
    Downloader-BR
    CashDialer
    PosX
    Downloader-HU
    Mp3Search.ldr
    Downloader-AZ
    IdentDaemon.ldr
    Adware-SAHAgent.dldr
    Downloader-XZ
    Downloader-YN
    Downloader-TN
    Downloader-PB
    Downloader-TF
    Adware-Websearch.dldr
    Downloader-KV
    Downloader-KL
    Downloader-PX
  Dropper (3)
    Adware-SAHAgent.dr
    Adware-SurfSideKick.dr
    Adware-abetterintrnt.dr
  Generic (16)
    RAS.ce.gen
    RAS.bf.gen.b
    RAS.ch.gen
    RAS.cu.gen
    RAS.ck.gen
    RAS.bd.gen
    RAS.bb.gen
    RAS.a.gen
    RAS.bo.gen
    RAS.v.gen
    RAS.cx.gen
    RAS.dd.gen
    RAS.bw.gen
    RAS.cs.gen
    RAS.aw.gen
    RAS.bu.gen
  Joke (1)
    Joke-Rjump
  Keylogger (12)
    Keylog-MSNMspy
    Keylog-Pino
    Keylog-SARep
    Keylog-TraceBoy
    Keylog-Ardamax
    KeyLog-KeyGhost
    Keylog-Keyspy
    Keylog-Amecisco
    Keylog-Refog
    Keylog-Quick
    Keylog-Absolute
    Keylog-Tong
  Password (1)
    PWCrack-Cain
  PornDialer (1)
    Dialer-Generic
  Registry (76)
    Patch-EZ
    AdClicker-AE
    NetBus
    Logger
    Optimizator
    Pop
    Medload
    NetBusPro
    VirtualBouncer
    FlySwat
    DownloadWare
    Conducent
    ClickTillUWin
    CashToolbar
    C2.Lop
    BossEveryware
    Aornum
    PartyPoker
    imGiant
    SearchAssistant
    RAS.ce
    RAS.az
    RAS.ax
    RAS.ak
    NS
    RAS.as
    198
    ISTbar.b
    TwainTech
    DelfInMediaViewer
    KeyboardSpectator
    Starwaretoolbar
    MSDMXM
    TerraMessenger
    BHO
    RAS.aj
    Claria
    ClipGenie
    TIBS
    ABetterInternet
    PehPai - ZapSpot
    RemoteControlPC2000
    LyttleSoft KeyBugger
    EZSearch Bar
    CasinoOnNet
    WebSite Viewer
    TopPicks
    Search-Explorer
    OmniQuadDetective
    NetworkEssentials
    nCase
    MSBB
    Keycorder
    ElectronicGroup
    HotActionDating
    ArdamaxKL
    ActivityMonitor
    Achtung
    Raven
    Quick
    Reboot-AH
    ClearSearch
    Reg-DetectKeys1
    Reg-DetectKeys5
    ShopNav
    QQRecord
    IMIServer
    NukeNabber
    BackOrifice
    ActionsMonitor
    ESurveiller
    FindOut
    ClockSync
    RAS.ds
    Panteras
    ActiveKey
  Remote Access (1)
    iSpyNOW
  Server (1)
    IMIServ.svr
  Settings Change (1)
    Adware-XPlugin
  Spam (1)
    Adware-Ezula
  Spyware (19)
    Spyware-eBlaster
    Spyware-LoverSpy
    Keylog-Perfect
    KeyLog-KeyRecord
    KeyLog-Tiny101
    Keylog-KeyLoggerJ
    Spyware-SpyAgent
    Spyware-RealSpy
    Spyware-ModemSpy
    Spyware-GurlWatcher
    Spyware-XPCSpy
    Spyware-MiniKeyLog
    Spyware-ActivityLog
    Spyware-Realtime-Spy
    Spyware-Ssppyy
    Spyware-RemoteSpy
    Spyware-KeyKey
    Spyware-AceSpy
    Spyware-NetReplicat
  StartPage (1)
    StartPage-VipCrib
  Tool (4)
    AnalogX-Proxy
    HTool-MS03-049
    Tool-NetBuster
    HTool-Exp-MS04-045
  Win32 (8)
    iGetNet
    IdentDaemon
    Sub7-Logger
    Virtual Bouncer
    Xwxload
    PowerScan
    SystemSave
    BigBrother
Trojan (62)
   (7)
    Generic BackDoor.d
    Dopewars
    Generic component
    AdClicker-AJ
    Phish-BankFraud.eml.a
    Phish-BankFraud.eml.f
    E2Give
  Application extension (1)
    PWS-Lineage.dll
  Configurator (1)
    Iroffer.cfg
  Demonstration (3)
    JS/Exploit-DialogArg.demo
    JS/Exploit-DialogArg.b.demo
    JS/Exploit-DialogArg.a.demo
  Downloader (11)
    Downloader-DC
    Downloader-IQ
    Downloader-AAX
    Downloader-DA.js
    Downloader-YH
    Downloader-ZQ
    Downloader-ACS
    Downloader-OV
    Downloader-LG
    Downloader-KZ
    Downloader-TP
  Dropper (3)
    VBS/Inor
    MultiDropper-NG
    PWS-Kyth.dr
  Exploit (4)
    Exploit-ByteVerify
    Exploit-MhtRedir.gen
    JS/Exploit-HelpXSite
    JS/Exploit-DialogArg.b
  File Deletion (1)
    Qdel279
  Generic (3)
    JS/Exploit-MhtRedir.gen
    Downloader-ZQ.gen
    JS/Exploit-DialogArg.gen
  Heuristic (3)
    New Malware.f
    New Malware.h
    New Malware.l
  Internet Relay Chat (1)
    IRC/Flood.cg
  Password (1)
    PWS-LegMir
  Password Stealer (3)
    Generic PWS.f
    PWS-Lineage!chm
    PWS-Lineage
  Proxy (1)
    Proxy-FBSR
  Remote Access (1)
    BackDoor-TC
  Script (2)
    IIS/BackDoor-ACE
    Reg/LowZones
  StartPage (2)
    StartPage-GS
    StartPage-DU
  Win32 (14)
    HackerDefender
    Generic Delphi
    Generic Downloader.c
    Orifice2K
    Keyspy
    AdClicker-CS
    Generic Dropper.h
    AdClicker-CJ
    Generic BackDoor.u
    Vundo
    Generic.k
    Generic Downloader.g
    Generic Downloader.f
    DDoS-Boxed
Virus (73)
   (2)
    Goma
    Tong
  Damaged Worm (1)
    W32/Sdbot.worm.dam
  E-mail (5)
    W32/Mytob.bw@MM
    W32/Mytob.cc@MM
    W32/Mytob.cv@MM
    W32/Mytob.da@MM
    W32/Mytob.el@MM
  Email (27)
    W32/Mytob.as@MM
    W32/Mytob.ap@MM
    W32/Mytob.cp@MM
    W32/Mytob.cn@MM
    W32/Mytob.cj@MM
    W32/Mytob.bm@MM
    W32/Mytob.p@MM
    W32/Mytob.c@MM
    W32/Mytob.m@MM
    W32/Mytob.cm@MM
    W32/Mytob.bz@MM
    W32/Mytob.q@MM
    W32/Mytob.h@MM
    W32/Mytob.u@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.w@MM
    W32/Mytob.co@MM
    W32/Mytob.ee@MM
    W32/Mytob.ab@MM
    W32/Mytob.af@MM
    W32/Mytob.dp@MM
    W32/Mytob.dx@MM
    W32/Mytob.ec@MM
    W32/Mytob.ed@MM
    W32/Mytob.ek@MM
    W32/Mytob.et@MM
  Email Generic (1)
    W32/Mytob.gen@MM
  Generic Worm (12)
    W32/Gaobot.worm.gen.g
    W32/Sdbot.worm.gen.w
    W32/Gaobot.worm.gen.bj
    W32/Opanki.worm.gen
    W32/Sdbot.worm.gen.n
    W32/Sdbot.worm.gen.l
    W32/Sdbot.worm.gen.j
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.bj
    W32/Sdbot.worm.gen.ac
    W32/Bobax.worm.gen
  Internet Worm (3)
    W32/Bobax.worm.o
    W32/Bobax.worm.a
    W32/Gael.worm.a
  Script (1)
    Bat/a
  VbScript (1)
    VBS/Loveletter@MM
  Win32 (2)
    New Poly Win32
    W32/Generic.Delphi.a
  Worm (18)
    W32/Bobax.worm.j
    W32/Bobax.worm.h
    W32/Bobax.worm.f
    W32/Bobax.worm.i
    W32/Bobax.worm.g
    W32/Bobax.worm.k
    W32/Bobax.worm.l
    W32/Bobax.worm.m
    W32/Bobax.worm.s
    W32/Bobax.worm.n
    W32/Bobax.worm.p
    W32/Bobax.worm.r
    W32/Bobax.worm.q
    W32/Opanki.worm
    W32/Bobax.worm.e
    W32/Bobax.worm.d
    W32/Bobax.worm.b
    W32/Bobax.worm.c