McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4383
DAT Release Date	08/04/2004
Threats Detected	95980
New Detections	241
Enhanced Detections	296

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
W32/Evaman.c@MM	Low-Profiled	Low-Profiled

New Detections:

Internet Worm (1)

- (1)

W32/Mydoom.p@MM

Program (58)

(12)

VMag37

VMag35

VMag33

VMag99

VMag36

VMag34

Tool/sec

Dropper (1)

HTool/HBTool.dr

Generic (2)

Dialer-RAS.dk.gen

Dialer-RAS.dj.gen

Joke (1)

Malware Tool (30)

Proxy (1)

Script (10)

VMag16

Tool/mak

Tool/bvd

Tool/avc

Win32 (1)

Trojan (74)

Application extension (2)

BackDoor-CHI.dll

Keylog-Memento.dll

Client (1)

BackDoor-CHJ.cli

Configurator (1)

MultiDropper-LB.cfg

Demonstration (2)

JS/Exploit-OnUnload.demo

JS/Exploit-DragDrop.demo

Dialer (1)

QDial25

Downloader (13)

Dropper (2)

MultiDropper-LB

Downloader-NE.dr

Exploit (6)

Exploit-WebDav.f

Exploit-WebDav.e

Exploit-WebDav.d

Exploit-WebDav.c

Exploit-WebDav.b

Exploit-WebDav.a

Keylogger (2)

Malware Tool (3)

Password Stealer (1)

PWS-IT

Proxy (1)

Proxy-StealthRedir

Remote Access (10)

BackDoor-CHJ.srv

BackDoor-TW!chm

Script (14)

Bat/klw9

JS/AdClicker-AO

JS/Ploit

Bat/Bock

Source code (4)

Keylog-Small.b.src

Linux/DDoS-Shaft.src

MultiDropper-LB.src

StartPage (4)

Win32 (7)

Smith

BadFirm

Virus (108)

(38)

SMVB

Ever Willing.699

XRCE

UB

TPS.658

QRes.704

Paws.690

Lyli.480

Hooks

Etop.750

Etop.621

Etop.580

Tip

Terronia

Pamyat

Mad.1108

Joe.589

Etop.577

Dox.3339

CFSK.918

AD

Application extension (1)

Damaged (1)

Damaged Parasitic (3)

DarthVader.cav.344.c.dam

DarthVader.cav.344.a.dam

DarthVader.cav.344.b.dam

Dropper (6)

E-mail (1)

W32/Evaman.c@MM

Email (6)

W32/Mydoom.p@MM!zip

W32/Mydoom.q@MM

W32/Lovgate.al@MM

W32/Mabutu.b@MM!zip

W32/Lovgate.am@MM

W32/Bugbear.h@MM!zip

Generic Worm (2)

W32/Sdbot.worm.gen.x

W32/Neblso.worm.gen

Linux (2)

multipartite (1)

Arianna.mp.3076

Parasitic (38)

DarthVader.cav.344.b

Bumblebee.cav.478

NMSG.cav

DarthVader.cav.344.c

DarthVader.cav.344.a

Bumblebee.cav.480

Phoenix.cav.256

Morality.cav.424

Belorussia.cav.463

Belorussia.cav.459

Peer To Peer Worm (1)

W32/Lemb.worm!p2p

PowerPoint Macro (2)

Remote Access (1)

W32/Backdoor-CFB

Script (2)

Win32 (1)

W32/Bagle.eml!dam

Worm (2)

W32/Randon.worm.bd

W32/ChristA.worm

Enhanced Detections:

Internet Worm (2)

P2P Worm (1)

W32/Generic.worm!p2p

Win32 (1)

Malware (2)

Exploit (1)

Exploit-CodeBase

Win32 (1)

Program (17)

(5)

VSource

VMag12

with fishy extension

VObj1

Vmag2

- (2)

Application extension (1)

PSpy.dll

Configuration settings (1)

Joke-DXDlg-FTP.ini

Dialer (1)

Dialer-Generic.b

Malware Tool (3)

PWCrack-Rainbow

PornDialer (1)

Remote Access (1)

Win32 (2)

LaSta

HideExec

Trojan (136)

(2)

Generic BackDoor.d

- (3)

Application extension (5)

Downloader-DA.dll

BackDoor-WB.dll

Application extension Generi (1)

BackDoor-AXJ.dll.gen

Client (1)

BackDoor-Sub7.cli

Configuration settings (1)

HackerDefender.ini

Configurator (5)

BackDoor-Sub7.cfg

Downloader-CL.cfg

Demonstration (1)

Exploit-DcomRpc.b.demo

Downloader (9)

Proxy-Mitglieder

Downloader Generic (1)

Proxy-FBSR.gen.dldr

Dropper (8)

BackDoor-Sub7.dr

MultiDropper-IY

BackDoor-CGX.dr

MultiDropper-IM

Downloader-JD.dr

E-mail (1)

Exploit (11)

Exploit-DcomRpc

Exploit-URLSpoof

Exploit-ByteVerify

Exploit-ContentType

Exploit-MhtRedir.gen

Exploit-MS04-022

Exploit-IISWDav

Exploit-DcomRpc.b

Exploit-IISWDav.b

Flooder (1)

Generic (13)

Exploit-CodeBase.gen

IRC/Flood.gen.b

Exploit-URLSpoof.gen

Exploit-IISWDav.gen

Proxy-Mitglieder.gen

BackDoor-WB.gen.b

BackDoor-BAC.gen

Exploit-MS04-011.gen

PWS-LegMir.gen.e

Heuristic (2)

HTML (1)

Internet Relay Chat (4)

Keylogger (1)

Malware Tool (15)

Nuke-QQ

Nuke-AIC

Password (4)

Password Stealer (4)

PWS-MLD

Plugin component (1)

BackDoor-Sub7.plugin

Proxy (1)

Remote Access (10)

Script (3)

Univ.script/99a

Bat/nod

Source code (1)

Exploit-UtilMan.src

StartPage (1)

Win32 (25)

Lolaweb

Generic BackDoor.b

IPScan

Generic Downloader.c

Tuoraw.b

MultiDropper-LA

Generic StartPage.c

Generic QHosts.a

Virus (139)

(13)

Xany

Bob.448a

XRCE.604

Darth-Vader.344

Tiny

Tiny.135

Nympho

Damaged (5)

W32/Lovgate.dam

W32/Lovgate.x.dam

Damaged Worm (3)

W32/Spybot.worm.dam

W32/Gaobot.worm.dam

W32/Sdbot.worm.dam

Dropper (2)

E-mail (7)

W32/Mydoom.b@MM

W32/Mydoom.h@MM

W32/Mydoom.e@MM

W32/Mydoom.o@MM

W32/Mabutu.b@MM

W32/Lovgate.ah@MM

W32/Mydoom.k@MM

E-mail worm (8)

W32/Lovgate.f@M

W32/Generic.a@MM

W32/Mydoom.g@MM

W32/Mydoom.f@MM

W32/Lovgate.ad@MM

W32/Lovgate.af@MM

W32/Lovgate.aj@MM

W32/Lovgate.ab@MM

Email (25)

W32/Mydoom.i@MM

W32/Lovgate.r@MM

W32/Lovgate.b@M

W32/Lovgate.g@M

W32/Lovgate.m@M

W32/Lovgate.n@M

W32/Mydoom.j@MM

W32/Lovgate.q@MM

W32/Lovgate.p@MM

W32/Lovgate.v@M

W32/Lovgate.t@MM

W32/Lovgate.u@MM

W32/Lovgate.w@M

W32/Lovgate.aa@MM

W32/Lovgate.ak@MM

W32/Mydoom.o@MM!zip

W32/Lovgate.ac@MM

W32/Lovgate.v@MM

W32/Lovgate.ae@MM

W32/Mydoom.a@MM

W32/Mydoom.m@MM

W32/Mydoom.l@MM

W32/Bagle@MM!vbs

W32/Bugbear.i@MM

Email Generic (1)

W32/Mydoom.gen@MM

Email Worm (2)

W32/Lovgate.ai@MM

W32/Lovgate.ag@MM

Generic (4)

W32/Bolzano.gen.b

W32/Sdbot.gen.r

Generic Worm (17)

W32/Gaobot.worm.gen.d

W32/Spybot.worm.gen.e

W32/Gaobot.worm.gen.g

W32/Gaobot.worm.gen.f

W32/Sdbot.worm.gen.w

W32/Spybot.worm.gen.i

W32/Gaobot.worm.gen.l

W32/Spybot.worm.gen.g

W32/Sdbot.worm.gen.n

W32/Sdbot.worm.gen.l

W32/Sdbot.worm.gen.j

W32/Sdbot.worm.gen.h

W32/Sdbot.worm.gen.o

W32/Sdbot.worm.gen.k

W32/Sdbot.worm.gen.i

W32/Sdbot.worm.gen.t

W32/Sdbot.worm.gen.p

Heuristic (5)

Internet Worm (1)

W32/Gaobot.worm.gen.q

Macro (1)

mIRC Worm (2)

W32/Generic.worm!irc

W97M/Wally.worm

Overwriting (1)

Parasitic (2)

Peer To Peer (1)

W32/Generic.c!p2p

Script (1)

Universal (2)

Univ/f

Univ/j

Win32 (29)

W32/Mydoom.f!zip

W32/Mydoom.g!zip

W32/Mydoom.h!zip

W32/Wallon!html

Worm (7)

W32/Lovgate.l@M

W32/Lovgate.a@M

W32/Lovgate.c@M

W32/Lovgate.s@MM

W32/Lovgate.x@MM

W32/Dedler.worm

W32/Gaobot.worm.pp