Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4387
DAT Release Date 08/18/2004
Threats Detected 97805
New Detections 54
Enhanced Detections 276

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (6)
  Downloader (1)
    Uploader-R.dldr
  Dropper (1)
    Uploader-R.dr
  Keylogger (1)
    Keylog-Quick
  StartPage (1)
    StartPage-CWS
  Win32 (2)
    BuddyDeny
    Uploader-R
Trojan (39)
   (2)
    A2K/Vipeep
    Spy-Lydra
  Application extension (2)
    StartPage-DU.dll
    Spy-Lydra.dll
  Downloader (10)
    Downloader-OF
    Downloader-OB
    Downloader-NZ
    Downloader-NW
    Downloader-NU
    Downloader-OC
    Downloader-OA
    Downloader-NY
    Downloader-NV
    Downloader-NT
  Dropper (5)
    Downloader-CC.dr
    MultiDropper-LE
    MultiDropper-LC
    MultiDropper-IY.dr
    ZapChast.dr
  Generic (1)
    BackDoor-CHO.gen
  Keylogger (2)
    Keylog-Pasta
    Keylog-Elt
  Macro (1)
    W97M/Vipeep
  Password Stealer (1)
    PWS-Popo
  Proxy (2)
    Proxy-Soring
    Proxy-Oui
  Remote Access (5)
    BackDoor-CHQ
    BackDoor-CHO
    BackDoor-CHN
    BackDoor-CEB.b.sys
    BackDoor-CHP
  Script (2)
    Bat/Spag
    VBS/Daride
  StartPage (2)
    StartPage-EP
    StartPage-EO
  Win32 (4)
    NetSnake
    AddShare-F
    Generic BackDoor.l
    ZapChast
Virus (9)
  E-mail (1)
    W32/Neveg.c@MM
  Email (5)
    W32/Neveg.d@MM
    W32/Lovgate.ao@MM!zip
    W32/Lovgate.ao@MM
    W32/Lovgate.an@MM
    W32/Bagle.ar@MM
  Macro (2)
    W97M/NetSnake
    XF/NetSnake
  Worm (1)
    W32/Randon.worm.bg

Enhanced Detections:

Malware (2)
  Exploit (2)
    Exploit-XPHelpDelete
    Exploit-CodeBase
Program (15)
  - (1)
    PrcView
  Adware (1)
    Adware-Lop
  Downloader (1)
    Adware-Lop.dldr
  Malware Tool (6)
    VTool/fakev
    PWCrack-NTPass
    PWCrack-MailBRu
    PWCrack-WWWHack
    PWCrack-Chanserv
    PWCrack-Hotmail
  PornDialer (1)
    Dialer-Generic
  Tool (2)
    HideRun
    FireDaemon
  Win32 (3)
    Packed mIRC Client
    Delshare.b
    Medload
Trojan (111)
   (1)
    AdClicker-AJ
  - (3)
    IRC/Flood.bi
    IRC/Flood.mirc
    StartPage-B
  Application extension (3)
    Spy-Tofger.dll
    PWS-Hooker.dll
    BackDoor-QE.dll
  Application extension Droppe (1)
    W32/Bagle.dll.dr
  Configurator (1)
    PWS-LamLite.cfg
  Demonstration (1)
    Exploit-XPHelpDelete.demo
  Disk erasing (1)
    QZap18
  Downloader (9)
    Downloader-GH
    Downloader-EW
    Downloader-CU
    Downloader-NR
    Downloader-NP
    Downloader-KG
    Downloader-LI
    Downloader-KZ
    Downloader-JW
  Dropper (10)
    PWS-Bancban.dr
    Generic BackDoor.dr
    BackDoor-CGX.dr
    IRC/Flood.bd.dr
    BackDoor-YQ.dr
    IRC/Flood.dz.dr
    MultiDropper-IM
    MultiDropper-GP.e
    MultiDropper-JQ
    BackDoor-ASB.dr
  Exploit (3)
    VBS/Psyme
    Exploit-IFrame
    Exploit-MS04-011
  Flooder (2)
    FDoS-HLife
    FDoS-Boom
  Generic (4)
    BackDoor-CCT.gen
    APStrojan.gen5
    APStrojan.gen3
    Spy-Tofger.gen.b
  Heuristic (1)
    Unsafe Bat
  ICQ Messaging (1)
    ICQ-Fuer
  Internet Relay Chat (1)
    IRC/Generic Flooder
  Malware Tool (1)
    W32/Hybris.kit
  mIRC client (1)
    IRC/Flood.bd.mirc
  Password (4)
    PWS-Bancos
    PWS-LegMir
    PWS-LDPinch
    PWS-AC
  Password Stealer (2)
    PWS-LamLite
    PWS-Banker
  Remote Access (16)
    BackDoor-ACH
    Backdoor-AOK
    Backdoor-CAK
    BackDoor-AZV
    BackDoor-ASB
    Backdoor-AQK
    Backdoor-JW
    BackDoor-YQ
    BackDoor-ASU
    BackDoor-AUU
    BackDoor-LT
    BackDoor-CHR
    BackDoor-MK
    BackDoor-OR
    BackDoor-BDI
    BackDoor-BDH
  Script (1)
    IRC/Flood.bat.h
  Settings Change (2)
    Startpage-N
    StartPage-G
  StartPage (34)
    StartPage-CM
    StartPage-AM
    StartPage-AK
    StartPage-AH
    StartPage-S
    StartPage-P
    StartPage-J
    StartPage-D
    StartPage-AL
    StartPage-AJ
    StartPage-AE
    StartPage-X
    StartPage-R
    StartPage-O
    StartPage-L
    StartPage-I
    StartPage-E
    StartPage-AZ
    StartPage-Z
    StartPage-BE
    StartPage-BD
    StartPage-K
    StartPage-BH
    StartPage-BM
    StartPage-BY
    StartPage-BV
    StartPage-BU
    StartPage-BZ
    StartPage-EL
    StartPage-DU!chm
    StartPage-DY
    StartPage-DE
    StartPage-DC
    StartPage-DU
  Win32 (8)
    Generic VB
    IRC/Flood.cm
    AdClicker-AC
    HackerDefender
    Generic BackDoor.f
    IRC-Sdbot
    DDoS-Boxed
    Generic BackDoor.k
Virus (148)
   (17)
    PCBB.3072e
    PCBB.3072b
    PCBB.3072a
    PCBB.3072d
    PCBB.3072c
    PCBB.1800b
    PCBB.1800a
    PCBB.1656
    PCBB.1675
    PCBB.1718
    PCBB.1658
    PCBB.x
    Zombie.17654
    KOV.1798
    KOV.1785
    KOV.1403
    Manuela
  Application extension Worm (4)
    W32/Busan.worm.dll
    W32/Busan.worm.b.dll
    W32/Busan.worm.a.dll
    W32/Busan.worm.d.dll
  Boot (1)
    Eclipse
  Com file (1)
    W97M/Liner.com
  Damaged (5)
    W32/Netsky.q.dam
    W32/Mydoom.dam
    Anti-Pascal.dam
    W32/Lovgate.dam
    W32/Lovgate.x.dam
  Damaged Worm (3)
    W32/Spybot.worm.dam
    W32/Gaobot.worm.dam
    W32/Sdbot.worm.dam
  Dropper (1)
    Univ/a.dr
  Dropper Intended (1)
    W32/NGVCK.d.dr.intd
  E-mail (4)
    W32/Mydoom.o@MM
    W32/Bagle.aq@MM
    W32/Bagle.ai@MM
    W32/Lovgate.ah@MM
  E-mail worm (8)
    W32/Lovgate.f@M
    W32/Bagle.ag@MM
    W32/Mydoom.n@MM
    W32/Lovgate.ad@MM
    W32/Lovgate.af@MM
    W32/Bagle.ae@MM
    W32/Lovgate.aj@MM
    W32/Lovgate.ab@MM
  Email (38)
    W32/Lovgate.r@MM
    W32/Lovgate.b@M
    W32/Lovgate.e@M
    W32/Lovgate.g@M
    W32/Lovgate@M
    W32/Lovgate.m@M
    W32/Lovgate.i@M
    W32/Lovgate.h@M
    W32/Lovgate.n@M
    W32/Mydoom.d@MM
    W32/Lovgate.q@MM
    W32/Lovgate.p@MM
    W32/Lovgate.s@M
    W32/Lovgate.t@M
    W32/Lovgate.v@M
    W32/Lovgate.t@MM
    W32/Lovgate.r@MM!zip
    W32/Lovgate.u@MM
    W32/Lovgate.u@M
    W32/Lovgate.w@M
    W32/Lovgate.y@MM
    W32/Lovgate.x@MM!zip
    W32/Lovgate.aa@MM!zip
    W32/Lovgate.z@MM
    W32/Lovgate.al@MM
    W32/Lovgate.am@MM
    W32/Neveg.b@MM
    W32/Neveg.a@MM
    W32/Lovgate.aa@MM
    W32/Lovgate.ai@MM!zip
    W32/Lovgate.ak@MM
    W32/Lovgate.ac@MM
    W32/Lovgate.ae@MM
    W32/Lovgate.aj@MM!zip
    W32/Lovgate.af@MM!zip
    W32/Lovgate.z@MM!zip
    W32/Lovgate.ad@MM!zip
    W32/Lovgate.ab@MM!zip
  Email Generic (2)
    W32/Lovgate.gen@M
    W32/Mydoom.gen@MM
  Email Worm (3)
    W32/Mydoom.r@MM
    W32/Lovgate.ai@MM
    W32/Lovgate.ag@MM
  File Infector (1)
    Leprosy
  Generic (1)
    W32/Vedex.gen
  Generic multipartite (1)
    Nutcr'ker.mp.gen.dd
  Generic Worm (14)
    W32/Spybot.worm.gen.e
    W32/Shorm.worm.gen
    W32/Gaobot.worm.gen.f
    W32/Gaobot.worm.gen.e
    W32/Sdbot.worm.gen.w
    W32/Gaobot.worm.gen.l
    W32/Sdbot.worm.gen.j
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.i
    W32/Sdbot.worm.gen.x
    W32/Sdbot.worm.gen.u
    W32/Sdbot.worm.gen.t
    W32/Sdbot.worm.gen.p
    W32/Gaobot.worm.gen.h
  Heuristic (1)
    New Malware.b
  Internet Worm (4)
    W32/Lovgate.d@M
    W32/Sdbot.worm
    W32/Gaobot.worm.ali
    W32/Gaobot.worm.gen.q
  Macro (2)
    W97M/Yesi
    remnants of WM/Cap
  Malware Tool (2)
    Cvex.kit
    HLL.DPOG.kit
  multipartite (1)
    Autumnal.mp.3072
  Parasitic (1)
    W32/HLLP.4608
  Universal (2)
    Univ/f
    Univ/a
  VbScript (1)
    New Script
  VBScript worm (1)
    VBS/Potok@MM
  Win32 (11)
    New Win32.g1
    W32/NGVCK.d.1632
    New Win32
    W32/Chiton.d
    W32/NGVCK.d.3072
    W32/NGVCK.d.3587
    W32/NGVCK.d.3582
    W32/Henky.Tanzen
    W32/Lovgate
    W32/Chiton.t
    W32/Chiton.u
  Win9x (2)
    W95/Coke.22231
    W95/Fono.17152
  Worm (15)
    W32/Lovgate.k@M
    W32/Lovgate.l@M
    W32/Lovgate.j@M
    W32/Lovgate.a@M
    W32/Lovgate.c@M
    W32/Lovgate.q@M
    W32/Lovgate.s@MM
    W32/Lovgate.r@M
    W32/Lovgate.x@MM
    W32/Linda.worm
    W32/Busan.worm.b
    W32/Busan.worm.a
    W32/Busan.worm.d
    W32/Dedler.worm
    W32/Hobot.worm