Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4382
DAT Release Date 07/28/2004
Threats Detected 95195
New Detections 127
Enhanced Detections 262

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Internet Worm (1)
  - (1)
    W32/Zindos.worm
Program (25)
   (4)
    PortScan-EvilEye
    VSource/jel
    VObj27
    Tool/dns
  Damaged (1)
    Adware-TVMedia.dam
  Dialer (2)
    Dialer-210
    Dialer-209
  Downloader (1)
    Downloader-EAccel
  Malware Tool (10)
    HTool/AFXSynScan
    VTool/wv
    VTool/sst
    VTool/sis
    VTool/lmd
    VTool/kaz2
    VTool/kaz
    VTool/dmi
    VTool/bp
    VTool/abdo
  Script (3)
    Tool/patch
    Tool/fmt13
    Tool/bcc
  Tool (2)
    Tool-UDPflood
    Tool-HSFind
  Win32 (2)
    RemoteShutdown
    LaSta
Trojan (36)
   (2)
    AdClicker-AW
    AdClicker-AV
  Application extension (4)
    Keylog-Sconato.dll
    BackDoor-CHF.dll
    BackDoor-CHC.dll
    BackDoor-CGX.dll
  Downloader (5)
    Downloader-NA
    JS/Exploit-MhtRedir.ldr
    Downloader-MZ
    Downloader-MX
    Downloader-MY
  Dropper (5)
    MultiDropper-KY
    HackerDefender.dr
    MultiDropper-KZ
    MultiDropper-KX
    BackDoor-CGX.dr
  Exploit (3)
    Exploit-ScriptNull
    Exploit-ExeHTML
    Exploit-MS04-022
  Generic (2)
    PWS-Bancos.gen.c
    AFXrootkit.gen.b
  Internet Relay Chat (1)
    IRC/Flood.em
  Keylogger (1)
    Keylog-Sconato
  Remote Access (5)
    BackDoor-CHF
    BackDoor-CHC
    BackDoor-CGY
    BackDoor-CGX
    BackDoor-BDL
  Script (2)
    Bat/qd249
    Bat/qz135
  Source code (1)
    Exploit-UtilMan.src
  StartPage (1)
    StartPage-EG
  Win32 (4)
    Myss
    FuRootkit
    AFXrootkit.dll.gen
    MultiDropper-LA
Virus (65)
   (32)
    Xany.318
    Into.709
    Into.686
    Into.683
    DEI
    XRes.1310
    Xexe.800
    Writer.1336
    WBR.2246
    TV.336
    Sinister.1200
    Pariah.789
    Mall.386
    Greenie.873
    EISO.1388
    Binn
    Ksenia
    Into.708
    Into.685
    Energiser
    Yard.481
    XRCE.1402
    Xeno.1728
    Writer
    Type.988
    Tarn.884
    Quell
    Pariah
    Morgana
    Keydat.1068
    Forever.912
    DonBass.803
  Application extension Droppe (1)
    W32/Bagle.dll.dr
  Application extension Worm (1)
    W32/Bobax.worm.dll
  Downloader (1)
    Downloader-MW
  Dropper (5)
    DEI.dr
    DEI.dr.1780
    DEI.dr.1634
    DEI.dr.1792
    DEI.dr.1526
  E-mail (2)
    W32/Mabutu.a@MM
    W32/Mabutu.b@MM
  Email (4)
    W32/Lovgate.r@MM
    W32/Mabutu.a@MM!zip
    W32/Appix.k@MM
    W32/Bagle.al@MM
  Email Generic (1)
    W32/Mabutu.gen@MM
  Generic Worm (1)
    W32/Sdbot.worm.gen.w
  Macro (1)
    W97M/Yesi
  multipartite (1)
    Dr Demon.mp.1929
  Parasitic (1)
    NG.cav.288
  Peer To Peer (2)
    W32/Generic.d!p2p
    W32/Vasco!p2p
  Proxy (1)
    W32/Bagle.am!proxy
  Script (1)
    Bat/exw19
  Win32 (3)
    W32/Bagle.an!troj
    W32/NGVCK.d.1632
    W32/Mygel!txt
  Worm (7)
    W32/Frear.worm!txt
    W32/Sautor.worm
    W32/Mygel.worm
    W32/Korgo.worm.ac
    W32/Frear.worm
    W32/Arghast.worm
    W32/Acertijo.worm

Enhanced Detections:

Internet Worm (1)
  E-mail (1)
    W32/Bagle.gen@MM
Malware (2)
  Exploit (1)
    Exploit-CodeBase
  Spyware (1)
    Spy-Snag
Program (27)
   (20)
    VSource
    VObj10
    VObj9
    VObj8
    VObj5
    VObj11
    VMag26
    VMag15
    VMag14
    VMag12
    VMag10
    VMag13
    VMag11
    VMag9
    VObj7
    VObj24
    VObj25
    VObj26
    VMag2
    VMag3
  HTTP/FTP Trans. (1)
    SlimFTP
  Malware Tool (1)
    VTool/ari
  Password (1)
    PWDump
  Script (1)
    Bat/dt130
  Win32 (3)
    RemAdm-RemoteAdmin
    Generic HTool.a
    RemAdm-RemoteAnythng
Trojan (86)
   (2)
    Generic BackDoor.d
    Generic Downloader.e
  - (2)
    ProcKill-AJ
    IRC/Flood.mirc
  Application extension (4)
    AFXrootkit.dll
    PWS-LegMir.dll
    Spy-Tofger.dll
    Downloader-MM.dll
  Application extension Generi (1)
    PWS-Bancban.dll.gen
  Demonstration (3)
    JS/Exploit-DialogArg.demo
    JS/Exploit-DialogArg.b.demo
    JS/Exploit-DialogArg.a.demo
  Downloader (3)
    Downloader-EW
    Proxy-Mitglieder
    Downloader-JW
  Dropper (7)
    VBS/Inor
    PWS-Bancos.dr
    AFXrootkit.dr
    PWS-Bancban.dr
    PWS-LegMir.dr
    Generic BackDoor.dr
    MultiDropper-IY
  Exploit (10)
    Exploit-Sfind
    VBS/Psyme
    Exploit-IFrame
    Exploit-MhtRedir.gen
    Exploit-Knox
    Exploit-Gtkftpd
    Exploit-Lhs
    Exploit-MS04-011
    JS/Exploit-DialogArg.b
    JS/Exploit-DialogArg.a
  Generic (11)
    Exploit-CodeBase.gen
    VBS/IEstart.gen.f
    PWS-Bancban.gen.b
    PWS-Bancos.gen
    Exploit-ObjectData.gen
    JS/Exploit-DialogArg.gen
    W32/Sdbot.gen.r
    AFXrootkit.gen
    Spy-Tofger.gen.b
    Downloader-JT.gen
    Spy-Tofger.gen.a
  Heuristic (2)
    New BackDoor7a
    New BackDoor7b
  Internet Relay Chat (1)
    IRC/Flood.c
  Malware Tool (1)
    Downloader-JT.kit
  Password (5)
    PWS-Bancos
    PWS-LegMir
    PWS-LDPinch
    PWS-Bancban
    Keylog-Lodis
  Password Stealer (1)
    PWS-Banker
  Remote Access (13)
    BackDoor-AZV
    Backdoor-AQK
    BackDoor-AWM
    AFXrootkit
    BackDoor-BAC
    BackDoor-QW
    BackDoor-AKD
    BackDoor-APX
    BackDoor-AYE
    BackDoor-BDI
    BackDoor-BDH
    BackDoor-BDG
    BackDoor-CEY
  Script (3)
    Univ.script/99b
    Univ.script/99a
    VBS/Satanik.b
  Spam (1)
    AIM-Lowdown
  Spyware (1)
    Keylog-Perfect.dr
  Win32 (15)
    IRC/Flood.dz
    IRC/Flood.cm
    Generic Downloader.b
    Lolaweb
    W32/Bagle.x!proxy
    Generic BackDoor.b
    HackerDefender
    Generic BackDoor.f
    Generic Downloader.c
    Generic BackDoor.e
    DDoS-Slack
    Generic VB.b
    Generic PWS.g
    Generic VB.c
    AdClicker-AO
Virus (146)
   (3)
    Python/Bien
    Ksenia.dd
    NoMercy.2513
  Damaged (5)
    W32/Netsky.q.dam
    W32/Gaobot.dam
    W32/Lovgate.dam
    W32/Bagle.dam
    W32/Lovgate.x.dam
  Damaged Worm (4)
    W32/Opaserv.worm.dam
    W32/Spybot.worm.dam
    W32/Gaobot.worm.dam
    W32/Sdbot.worm.dam
  Dropper (2)
    Univ/j.dr
    WinCE/Duts.1536.dr
  E-mail (10)
    W32/Mydoom.b@MM
    W32/Mydoom.h@MM
    W32/Mydoom.e@MM
    W32/Bagle.j@MM
    W32/Bagle.k@MM
    W32/Mydoom.o@MM
    W32/Bagle.af@MM
    W32/Bagle.ad@MM
    W32/Lovgate.ah@MM
    W32/Mydoom.k@MM
  E-mail worm (19)
    W32/Lovgate.f@M
    W32/Mimail@MM
    W32/Bagle.n@MM
    W32/Bagle.p@MM
    W32/Bagle.q@MM
    W32/Bagle.t@MM
    W32/Bagle.u@MM
    W32/Mydoom.g@MM
    W32/Mydoom.f@MM
    W32/Bagle.c@MM
    W32/Bagle.r@MM
    W32/Bagle.s@MM
    W32/Bagle.z@MM
    W32/Bagle.aa@MM
    W32/Bagle.ah@MM
    W32/Lovgate.ad@MM
    W32/Lovgate.af@MM
    W32/Lovgate.aj@MM
    W32/Lovgate.ab@MM
  Email (21)
    W32/Mydoom.i@MM
    W32/Lovgate.b@M
    W32/Lovgate.g@M
    W32/Lovgate.m@M
    W32/Lovgate.n@M
    W32/Mydoom.j@MM
    W32/Lovgate.q@MM
    W32/Lovgate.p@MM
    W32/Lovgate.v@M
    W32/Lovgate.t@MM
    W32/Lovgate.u@MM
    W32/Lovgate.w@M
    W32/Lovgate.aa@MM
    W32/Lovgate.ak@MM
    W32/Mydoom.o@MM!zip
    W32/Lovgate.ac@MM
    W32/Lovgate.v@MM
    W32/Lovgate.ae@MM
    W32/Mydoom.a@MM
    W32/Mydoom.m@MM
    W32/Mydoom.l@MM
  Email Worm (2)
    W32/Lovgate.ai@MM
    W32/Lovgate.ag@MM
  Generic (2)
    Won.GR
    W32/Bagle@MM.gen!vbs
  Generic Internet Relay Chat (1)
    W32/Dansh.worm.gen!irc
  Generic Worm (18)
    W32/Opaserv.worm.gen
    W32/Sdbot.worm.gen
    W32/Spybot.worm.gen.e
    W32/Gaobot.worm.gen.g
    W32/Gaobot.worm.gen.f
    W32/Spybot.worm.gen.f
    W32/Gaobot.worm.gen.l
    W32/Spybot.worm.gen.g
    W32/Gaobot.worm.gen.j
    W32/Sdbot.worm.gen.n
    W32/Sdbot.worm.gen.j
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.o
    W32/Sdbot.worm.gen.k
    W32/Sdbot.worm.gen.i
    W32/Sdbot.worm.gen.u
    W32/Sdbot.worm.gen.t
    W32/Gaobot.worm.gen.h
  Heuristic (1)
    New Malware.b
  Internet Worm (7)
    W32/Opaserv.worm.n
    W32/Opaserv.worm.m
    W32/Bagle.d@MM
    W32/Gbot.worm
    W32/Gaobot.worm.ali
    W32/Dansh.worm!irc
    W32/Gaobot.worm.gen.q
  multipartite (1)
    Dr Demon.mp.4292
  Peer To Peer (1)
    W32/Generic.c!p2p
  Proxy (1)
    W32/Bagle.ak!proxy
  Universal (2)
    Univ/j
    Univ/c
  VBScript worm (1)
    VBS/Pedpoly@MM
  Win32 (9)
    New Win32.g1
    W32/Bagle.o!proxy
    W32/Bagle.aj!proxy
    WinCE/Duts.1536
    New Win32
    W32/Lovgate
    W32/Generic.d
    W32/Gobi
    W32/Gastro
  Win9x (1)
    W95/Opera
  Worm (35)
    W32/Gaobot.worm
    W32/Lovgate.l@M
    W32/Opaserv.worm.ae
    W32/Opaserv.worm.d
    W32/Opaserv.worm.w
    W32/Opaserv.worm.u
    W32/Opaserv.worm.s
    W32/Opaserv.worm.p
    W32/Opaserv.worm.l
    W32/Opaserv.worm.i
    W32/Lovgate.a@M
    W32/Opaserv.worm.ai
    W32/Lovgate.c@M
    W32/Generic.worm.b
    W32/Lovgate.s@MM
    W32/Lovgate.x@MM
    W32/Opaserv.worm.ah
    W32/Opaserv.worm.ac
    W32/Opaserv.worm.a
    W32/Opaserv.worm.v
    W32/Opaserv.worm.t
    W32/Opaserv.worm.q
    W32/Opaserv.worm.o
    W32/Opaserv.worm.h
    W32/Opaserv.worm.r
    W32/Opaserv.worm.k
    W32/Opaserv.worm.f
    W32/Opaserv.worm.e
    W32/Opaserv.worm.aa
    W32/Opaserv.worm.ad
    W32/Opaserv.worm.aj
    W32/Opaserv.worm.g
    W32/Dedler.worm
    W32/Opaserv.worm.al
    W32/Opaserv.worm.ak