McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4388
DAT Release Date	08/25/2004
Threats Detected	98919
New Detections	105
Enhanced Detections	371

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
StartPage-EU	Low-Profiled	Low-Profiled
W64/Shruggle	Low-Profiled	Low-Profiled

New Detections:

- (1)

- (1)

Program (8)

(2)

Tool/get

Application extension (1)

Dialer (1)

Dropper (1)

Vundo.dr

Spyware (1)

Tool (1)

Win32 (1)

Vundo

Trojan (50)

(3)

IPThief

Botbat

Phish-BankFraud.eml

- (1)

Client (1)

BackDoor-CHS.cli

Demonstration (1)

JS/Exploit-DragDrop.b.demo

Dialer (1)

QDial27

Downloader (10)

StartPage-EU.ldr

JS/Downloader-OM

Downloader-DS!chm

Dropper (2)

MultiDropper-LF

MultiDropper-LD

Flooder (1)

Generic (3)

HackerDefender.gen.b

PWS-Harvester.gen.b

PWS-Bancos.gen.d

Internet Relay Chat (2)

IRC-Pbot

Password Stealer (4)

PWS-ATM

Proxy (1)

Remote Access (5)

Script (5)

Server (1)

BackDoor-CHS.svr

StartPage (5)

StartPage-EU!chm

StartPage-BT!chm

Win32 (4)

Del-457

Generic StartPage.d

Virus (46)

(15)

Storm

Grotty

Wongle

Nado

Droodle

CTC

Dropper (3)

Keypress.1232s.dr

Email (1)

Exploit (1)

Exploit-AdobeReader

File Infector (1)

Generic (2)

Generic Worm (1)

W32/Randin.worm.gen

Intended (1)

Internet Relay Chat (2)

W32/Sanker.b!irc

W32/Sanker.a!irc

Internet Worm (1)

W32/Sasser.worm.g

Macro (1)

Overwriting (1)

Win32 (5)

W32/Itc

Worm (11)

W32/Randon.worm.bh

W32/Randin.worm

W32/Korgo.worm.ae

W32/Forder.worm.a

W32/Nafets.worm

W32/Korgo.worm.ad

W32/Forder.worm.b

W32/Amazex.o.worm

Enhanced Detections:

Internet Worm (3)

- (1)

W32/Mydoom.p@MM

P2P Worm (1)

W32/Spybot.worm.lk

VbScript (1)

Malware (2)

Denial Of Svc (1)

Exploit (1)

Exploit-CodeBase

Program (47)

(1)

Simulated Virus

Application extension (1)

PSpy.dll

Dialer (2)

Malware Tool (1)

Password (1)

Plugin component (1)

Tool-Xscan.plugin

Remote Access (1)

Script (2)

Tool/ftp

Tool (35)

Win32 (2)

Xwxload

RemAdm-RemoteAdmin

Trojan (141)

(2)

Generic BackDoor.d

Adware (1)

Gpix

Application extension (5)

BackDoor-CGX.dll

BackDoor-AKM.dll

StartPage-DU.dll

Downloader-MM.dll

Configurator (3)

Downloader-CL.cfg

BackDoor-CDC.cfg

BackDoor-OG.cfg

Demonstration (1)

JS/Exploit-DialogArg.a.demo

Dialer (1)

QDial21

Downloader (9)

Proxy-Mitglieder

StartPage-BT.dldr

Dropper (4)

MultiDropper-LE

Exploit (7)

Exploit-ObjectData

Exploit-ByteVerify

Exploit-MhtRedir.gen

Exploit-DirTraversal

JS/Exploit-DialogArg.b

JS/Exploit-DialogArg.a

Flooder (63)

FDoS-P2k

FDoS-DAP

FDoS-STU

FDoS-MK3

FDoS-GCS

Generic (6)

Exploit-CodeBase.gen

PWS-Bancban.gen

Exploit-ObjectData.gen

BackDoor-BAC.gen

JS/Exploit-DialogArg.gen

Heuristic (1)

HTML (1)

Internet Relay Chat (2)

IRC/Generic Flooder

Java Applet (1)

Password (5)

ProcKill (1)

Remote Access (8)

Script (4)

Server (1)

BackDoor-OG.svr

StartPage (1)

VbScript (1)

Win32 (13)

Generic Downloader.a

Generic BackDoor.b

Generic BackDoor.f

Generic Downloader.c

Delwin

Virus (178)

(10)

Edola

Nut

Paraguay

Application extension Worm (1)

W32/Bizex.worm.dll

Damaged (4)

W32/Lovgate.dam

W32/Lovgate.x.dam

Damaged Worm (4)

W32/Spybot.worm.dam

W32/Gaobot.worm.dam

W32/Protoride.worm.dam

W32/Sdbot.worm.dam

Dropper (1)

Keypress.1232d.dr

Dropper Intended (1)

W32/NGVCK.d.dr.intd

E-mail (12)

W32/Mydoom.b@MM

W32/Mydoom.h@MM

W32/Mydoom.e@MM

W32/Mydoom.o@MM

W32/Bagle.af@MM

W32/Bagle.ad@MM

W32/Lovgate.ah@MM

W32/Mydoom.k@MM

E-mail worm (16)

W32/Lovgate.f@M

W32/Mydoom.g@MM

W32/Mydoom.f@MM

W32/Bagle.aa@MM

W32/Bagle.ah@MM

W32/Lovgate.ad@MM

W32/Lovgate.af@MM

W32/Lovgate.aj@MM

W32/Lovgate.ab@MM

Email (40)

W32/Mydoom.i@MM

W32/Lovgate.r@MM

W32/Bagle.al@MM

W32/Lovgate.b@M

W32/Lovgate.g@M

W32/Lovgate.m@M

W32/Lovgate.n@M

W32/Netsky.q@MM!zip

W32/Netsky.n@MM!zip

W32/Netsky.b@MM!zip

W32/Netsky.p@MM!zip

W32/Netsky.c@MM!zip

W32/Netsky.a@MM!zip

W32/Netsky.z@MM!zip

W32/Mydoom.j@MM

W32/Lovgate.q@MM

W32/Lovgate.p@MM

W32/Lovgate.v@M

W32/Lovgate.t@MM

W32/Lovgate.u@MM

W32/Lovgate.w@M

W32/Lovgate.al@MM

W32/Lovgate.aa@MM

W32/Lovgate.ao@MM

W32/Lovgate.ak@MM

W32/Lovgate.ac@MM

W32/Lovgate.ae@MM

W32/Mydoom.a@MM

W32/Mydoom.m@MM

W32/Mydoom.l@MM

Email Worm (3)

W32/Mydoom.r@MM

W32/Lovgate.ai@MM

W32/Lovgate.ag@MM

File Infector (3)

Happy

Vienna

Generic (1)

W32/Sdbot.gen.r

Generic multipartite (1)

Nutcracker.mp.gen

Generic Peer To Peer (1)

W32/Antinny.gen!p2p

Generic Worm (23)

W32/Sdbot.worm.gen

W32/Spybot.worm.gen.e

W32/Gaobot.worm.gen.g

W32/Gaobot.worm.gen.f

W32/Gaobot.worm.gen.e

W32/Sdbot.worm.gen.w

W32/Gaobot.worm.gen.l

W32/Spybot.worm.gen.h

W32/Spybot.worm.gen.c

W32/Tumbi.worm.gen.b

W32/Sdbot.worm.gen.n

W32/Sdbot.worm.gen.j

W32/Sdbot.worm.gen.h

W32/Sasser.worm.gen

W32/Sdbot.worm.gen.o

W32/Sdbot.worm.gen.k

W32/Sdbot.worm.gen.i

W32/Sdbot.worm.gen.x

W32/Sdbot.worm.gen.u

W32/Sdbot.worm.gen.t

W32/Sdbot.worm.gen.p

W32/Gaobot.worm.gen.s

W32/Gaobot.worm.gen.h

Internet Relay Chat (2)

Internet Relay Chat Worm (1)

W32/Rosya.worm!irc

Internet Worm (10)

W32/Gaobot.worm.ali

W32/Sasser.worm.b

W32/Sasser.worm.c

W32/Sasser.worm.d

W32/Sasser.worm.a

W32/Sasser.worm.e

W32/Sasser.worm.f

W32/Mydoom.s@MM

W32/Gaobot.worm.gen.q

Malware Tool (1)

W97M/Polygen.Kit

mIRC Worm (1)

W32/Protoride.worm

Peer To Peer (1)

W32/Milkyway!p2p

Script (2)

Bat/inf2

Universal (3)

Univ/f

Univ/j

VbScript (1)

Win32 (12)

W32/Bagle.o!proxy

W32/Bagle.aj!proxy

W32/NGVCK.d.1632

W32/NGVCK.d.3072

W32/NGVCK.d.3587

W32/NGVCK.d.3582

Worm (23)

W32/Lovgate.l@M

W32/Lovgate.a@M

W32/Lovgate.c@M

W32/Amazex.n.worm

W32/Amazex.l.worm

W32/Amazex.j.worm

W32/Amazex.h.worm

W32/Amazex.f.worm

W32/Amazex.d.worm

W32/Amazex.b.worm

W32/Amazex.m.worm

W32/Amazex.k.worm

W32/Amazex.i.worm

W32/Amazex.g.worm

W32/Amazex.e.worm

W32/Amazex.c.worm

W32/Amazex.a.worm

W32/Lovgate.s@MM

W32/Lovgate.x@MM

W32/Lasiaf.worm

W32/Dedler.worm