McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4374
DAT Release Date	07/07/2004
Threats Detected	93236
New Detections	85
Enhanced Detections	385

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (15)

(1)

Adware (1)

Joke (4)

Malware Tool (3)

Script (5)

Tool/ftp

Tool (1)

Trojan (37)

(3)

Irdet

Bionet

Hypnoice

Application extension (1)

BackDoor-CCL.dll

Disk erasing (3)

QZap362

QZap361

QZap363

Downloader (9)

Flooder (1)

Heuristic (2)

Password Stealer (1)

Proxy (1)

Remote Access (6)

Script (8)

StartPage (1)

StartPage-DU!chm

Win32 (1)

Generic BackDoor.k

Virus (33)

(5)

Damaged Worm (1)

W32/Protoride.worm.dam

E-mail worm (1)

W32/Lovgate.af@MM

Email (4)

W32/Bugbear.41404@MM

W32/Mydoom.m@MM

W32/Lovgate.af@MM!zip

Email Generic (1)

W32/MyWife.gen@MM

Generic (2)

W32/Bagle.gen!vbs

Generic Worm (4)

W32/Sdbot.worm.gen.u

W32/Sdbot.worm.gen.t

W32/Israz.worm.gen

W32/Fesber.worm.gen

Internet Relay Chat (1)

Linux (1)

Linux/Metis.4096

Script (1)

Bat/nih

Win32 (11)

W32/Wallon!html

W32/NGVCK.b.3501

Worm (1)

Enhanced Detections:

Internet Worm (1)

E-mail (1)

W32/Bagle.gen@MM

Malware (1)

Exploit (1)

Exploit-CodeBase

Program (10)

- (1)

Demonstration (1)

W97/Exploit-SpyField.demo

Downloader (3)

Adware-Lop.dldr

Dropper (1)

Joke (1)

PornDialer (1)

Remote Access (1)

Win32 (1)

Generic HTool.a

Trojan (204)

(9)

Generic BackDoor.d

Sucker

Nuravo

Concord

- (4)

Click-1

Application extension (10)

BackDoor-CBB.dll

BackDoor-AXJ.dll

PWS-LDPinch.dll

Keylog-Fearless.dll

Spy-Merries.dll

Client (1)

BackDoor-CBB.cli

Configurator (1)

BackDoor-CBB.cfg

Denial Of Svc (1)

Disk erasing (1)

QZap251

Downloader (18)

VBS/BackDoor-BCB.dldr

StartPage-BT.dldr

Dropper (11)

Multidropper-GN

MultiDropper-GS

MultiDropper-GP.d

MultiDropper-DC

MultiDropper-CM

MultiDropper-EY

MultiDropper-JQ

Dropper Generic (1)

IRC-Sdbot.dr.gen

Exploit (20)

Exploit-DarkKnight

Exploit-ByteVerify

Exploit-Dameware

Exploit-MhtRedir.gen

Exploit-IIS.Xploit

Exploit-GetAdmin

Exploit-Ciskill

Exploit-AccControl

JS/Exploit-DDay

Exploit-Overnasm

Exploit-LHA Overflow

File deleting (6)

QDel364

QDel363

QDel397

QDel393

QDel383

QDel347

Flooder (8)

Generic (23)

PWS-Bancban.gen.b

Downloader-GG.gen

VB-BackDoor.a.gen

Keylog-Fearless.gen

MultiDropper-ER.gen

AdClicker-C.gen

MultiDropper-FM.gen

MultiDropper-FT.gen

BackDoor-AVW.gen

FDoS-Flooder.gen

PWS-AIMFake.gen

JS/Seeker.gen.h

Exploit-ObjectData.gen

Keylog-Stawin.gen

Spam-Shadow.gen

StartPage-AI.gen

W32/Sdbot.gen.r

BackDoor-AXJ.gen

Spy-Tofger.gen.b

Spy-Tofger.gen.a

Heuristic (3)

Internet Relay Chat (8)

Java Applet (1)

Keylogger (4)

Linux (5)

Linux-LnxKerExp

Linux-BsdKerExp

Malware Tool (9)

Nuke-VB

Kit-JSG

Spam-FZ

NTRootKit-A.sys

Password (5)

ProcKill (1)

Remote Access (12)

Woodcot

Script (1)

IIS/BackDoor-ACE

Server (2)

BackDoor-WF.svr

Spyware (2)

StartPage (2)

StartPage-CQ.gen

Trojan (2)

QDel391

QDel392

VbScript (1)

Win32 (32)

Enocider

W32/Bagle.x!proxy

Generic BackDoor.b

Del-437

Generic BackDoor.f

Sarka

Kility

Provera

QKey5

LockDown

Rixi

OpenCD

DRevenge

Niuzu

Del-403

Del-446

Generic QHosts.a

Virus (169)

(3)

Application extension (1)

Damaged (2)

W32/Lovgate.dam

Damaged Worm (3)

W32/Spybot.worm.dam

W32/Gaobot.worm.dam

W32/Sdbot.worm.dam

Dropper (4)

W95/Rinim.476.dr

W32/Sankey.c.dr

Satan.dr

Dropper Worm (2)

W32/Spybot.worm.dr

W32/Dedler.worm.dr

E-mail (9)

W32/Mydoom.b@MM

W32/Mydoom.h@MM

W32/Mydoom.e@MM

W32/Bagle.ad@MM

W32/Mydoom.k@MM

E-mail worm (13)

W32/Lovgate.f@M

W32/Mydoom.g@MM

W32/Mydoom.f@MM

W32/Bagle.aa@MM

W32/Lovgate.ad@MM

W32/Lovgate.ab@MM

Email (56)

W32/Mydoom.i@MM

W32/Lovgate.b@M

W32/Lovgate.g@M

W32/Lovgate.m@M

W32/Lovgate.n@M

W32/Mydoom.j@MM

W32/Lovgate.q@MM

W32/Lovgate.p@MM

W32/Lovgate.v@M

W32/Lovgate.t@MM

W32/Lovgate.r@MM!zip

W32/Lovgate.u@MM

W32/Lovgate.w@M

W32/Lovgate.x@MM!zip

W32/Lovgate.aa@MM!zip

W32/Lovgate.aa@MM

W32/Lovgate.ac@MM

W32/Lovgate.v@MM

W32/Lovgate.ae@MM

W32/Mydoom.a@MM

W32/Stopin.a@MM

W32/Stopin.d@MM

W32/Stopin.c@MM

W32/Stopin.b@MM

W32/Mydoom.l@MM

W32/Lovgate.z@MM!zip

W32/Lovgate.ad@MM!zip

W32/Lovgate.ab@MM!zip

Email Generic (4)

W32/Cherich.gen@MM

W32/Oror.gen@MM

W32/Oror.gen.a@MM

VBS/Gorum.gen@MM

Email Worm (1)

Generic (1)

Generic Worm (19)

W32/Sdbot.worm.gen

W32/Gaobot.worm.gen.g

W32/Gaobot.worm.gen.f

W32/Gaobot.worm.gen.e

W32/Spybot.worm.gen.a

W32/Gaobot.worm.gen.l

W32/Spybot.worm.gen.g

W32/Tumbi.worm.gen.b

W32/Sdbot.worm.gen.d

W32/Sdbot.worm.gen.n

W32/Sdbot.worm.gen.j

W32/Sdbot.worm.gen.h

W32/Sdbot.worm.gen.o

W32/Sdbot.worm.gen.m

W32/Sdbot.worm.gen.k

W32/Sdbot.worm.gen.i

W32/Sdbot.worm.gen.g

W32/Gaobot.worm.gen.r

W32/Gaobot.worm.gen.h

Heuristic (1)

HTML document (3)

Intended (1)

Internet Relay Chat (3)

Internet Worm (1)

W32/Gaobot.worm.ali

Macro (1)

W97M/Coke.22231.a

mIRC Worm (2)

W32/Protoride.worm

W32/Hokilo.worm

Overwriting (1)

Peer To Peer (1)

W32/Generic.c!p2p

Peer To Peer Worm (1)

W32/Sdbot.worm!p2p

Source code (1)

W97M/Heathen.src

Universal (1)

Univ/j

Win32 (19)

W32/Ingax.568dr

W32/Henky.Tanzen

W32/Ingax.640dr

W32/Ingax.644dr

W32/Ingax.496dr

W32/Ingax.856dr

W32/Ingax.840dr

Win9x (1)

Worm (14)

W32/Gaobot.worm

W32/Lovgate.l@M

W32/Lovgate.a@M

W32/Lovgate.c@M

W32/Generic.worm.b

W32/Lovgate.s@MM

W32/Lovgate.x@MM

W32/Flechal.worm

W32/Kwbot.worm.b

W32/Kwbot.worm.a

W32/Bajos.worm.b

W32/Dedler.worm

W32/Kwbot.worm.c