McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4389
DAT Release Date	09/01/2004
Threats Detected	99465
New Detections	105
Enhanced Detections	547

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Heuristics (1)

- (1)

FSG

Program (56)

(12)

VMag27

VMag54

VMag52

VMag51

VMag50

VMag55

VMag53

VMag49

Tool/mvd

Malware Tool (25)

Proxy (1)

Script (17)

Tool/rem

Tool/pas

Tool/mtx

Tool/mme

Win32 (1)

Trojan (22)

(3)

Downloader (6)

Downloader-OO.txt

Dropper (1)

MultiDropper-LG

Flooder (1)

Generic (1)

FDoS-Spabot.gen

Internet Relay Chat (1)

Remote Access (3)

Linux/BackDoor-Rooted

Script (3)

Bat/burn

StartPage (2)

Win32 (1)

Virus (26)

(5)

Chad.759

Enola

Application extension (1)

W32/HLLP.Tiniresu.dll

Damaged (2)

Damaged Worm (1)

W32/Korgo.worm.v.dam

Email (3)

W32/Lovgate.ap@MM

W32/Bugbear.i@MM!zip

W32/Bugbear.i@MM

Generic (2)

W32/Bugfixer.gen

Generic Worm (1)

W32/Sdbot.worm.gen.y

Parasitic (1)

W32/HLLP.Tiniresu

Peer To Peer (1)

Win32 (3)

W32/Kdar

Worm (6)

W32/Bagle.at@MM

W32/Sdbot.worm!ftp

W32/Opaserv.worm.am

W32/Gislat.worm

W32/Britney.worm

Enhanced Detections:

Internet Worm (1)

E-mail worm (1)

W32/Bugbear.gen@MM

Malware (1)

Exploit (1)

Exploit-CodeBase

Program (23)

(2)

VMag12

Vmag2

Adware (1)

Downloader-GoldCas

Dropper (1)

Vundo.dr

Internet Relay Chat (1)

Macro (2)

Malware Tool (11)

Remote Access (1)

Script (3)

Tool/bcc

Win32 (1)

LaSta

Trojan (86)

(1)

Phish-BankFraud.eml

- (3)

W32/Bagle.dll.dr

Adware (1)

Gpix

Application extension (5)

PWS-Pasorot.dll

Demonstration (1)

JS/Exploit-DialogArg.a.demo

Denial Of Svc (1)

Downloader (2)

Dropper (8)

VBS/Inor

BackDoor-CBT.dr

BackDoor-CGX.dr

IRC/Flood.bi.dr

Keylog-Spider.dr

Exploit (4)

Exploit-ByteVerify

JS/Exploit-DialogArg.b

JS/Exploit-DialogArg.a

Flooder (13)

Generic (9)

Exploit-CodeBase.gen

VBS/IEstart.gen.f

Perl/Exploit.gen

PWS-Bancban.gen.c

Exploit-MS04-011.gen

JS/Exploit-DialogArg.gen

PWS-LegMir.gen.e

HTML document (1)

BackDoor-AXJ.htm

Internet Relay Chat (1)

JavaScript (1)

Keylogger (1)

MS-DOS Batch (1)

Password (3)

Remote Access (11)

Linux/BackDoor-Cym

Linux/BackDoor-Note.b

Linux/BackDoor-Note.a

Linux/BackDoor-Small

Linux/BackDoor-Promptte

Linux/BackDoor-Regile

Linux/BackDoor-Oboy

Script (7)

Univ.script/99b

Univ.script/99a

Bat/btg

Spyware (1)

Keylog-Perfect.dr

StartPage (1)

Win32 (10)

Generic BackDoor.h

Generic BackDoor.l

Virus (436)

(1)

APM/GreenStripe

Damaged (50)

X97M/Hopper.dam.j

W97M/Hopper.dam.c

W97M/Hopper.dam.b

X97M/Laroux.bo.dam

XM/Laroux.cf.dam

W97M/Melissa.dam.a

W97M/Ethan.dam.f

W97M/Coldape.dam.f

W97M/Coldape.dam.d

W97M/Coldape.dam.b

W97M/Class.dam.d

W97M/Class.dam.a

X97M/Hopper.dam.k

X97M/Hopper.dam.h

W97M/Hopper.dam.k

W97M/Hopper.dam.j

W97M/Hopper.dam.g

W97M/Hopper.dam.e

W97M/Hopper.dam.d

W97M/Hopper.dam.a

X97M/Laroux.e.dam

XM/Laroux.do.dam

XM/Laroux.bp.dam

XM/Laroux.dam.au

W97M/Marker.dam.e

W97M/Marker.dam.c

W97M/Marker.dam.a

W97M/Ethan.dam.x

W97M/Ethan.dam.a

W97M/Brenda.dam.a

W97M/Marker.dam

W97M/Marker.dam.d

W97M/Marker.dam.b

W97M/Coldape.dam.g

W97M/Coldape.dam.e

W97M/Coldape.dam.c

W97M/Coldape.dam.a

W97M/Class.dam.b

W97M/Steroid.dam

W97M/Nottice.dam

Damaged Worm (3)

W32/Spybot.worm.dam

W32/Gaobot.worm.dam

W32/Sdbot.worm.dam

Dropper (2)

W97M/Hopper.q.dr

E-mail (3)

W32/Dumaru.ad@MM

W32/Bagle.aq@MM

W32/Bagle.ai@MM

E-mail worm (3)

W32/Dumaru.y@MM

W32/Bagle.ag@MM

W32/Bagle.ae@MM

Email (21)

W32/Dumaru.aa@MM

W32/Dumaru.z@MM

W32/Dumaru.af@MM

W32/Dumaru.ab@MM

W32/Dumaru.ag@MM

W32/Dumaru.ae@MM

W32/Dumaru.ah@MM

W32/Bugbear.h@MM!zip

W32/Bugbear.f@MM

X97M/Generic@MM

W97M/Melissa.bf@MM

W97M/Melissa.ap@MM

W32/Dumaru.av@MM

W32/Dumaru.al@MM

W32/Dumaru.ak@MM

W32/Dumaru.aj@MM

W32/Bugbear.h@MM

W32/Dumaru.ai@MM

Email Generic (2)

W32/Dumaru.gen@MM

W97M/Melissa.gen@MM

File Infector (1)

CHAD

Generic (56)

W97M/Nottice.gen

X97M/Laroux.nw.gen

X97M/Barisada.gen

X97M/Sugar.f.gen

X97M/Laroux.jh.gen

X97M/Laroux.dx.gen

XM/Laroux.cf.gen

XM/Laroux.bx.gen

X97M/Laroux.bp.gen

XM/Laroux.bp.gen

XM/Laroux.e.gen

X97M/Laroux.a.gen

X97M/Hidemod.gen

W97M/Steroid.gen

W97M/Marker.bn.gen

W97M/Marker.z.gen

X97M/Laroux.eo.gen

X97M/Laroux.cf.gen

X97M/Laroux.bx.gen

X97M/Laroux.e.gen

XM/Laroux.a.gen

W97M/Polygen.gen

W97M/Titch.a.gen

W97M/Locale.gen

W97M/Evolution.gen

W97M/Sherlok.gen

W97M/Replog.gen

W97M/Psycode.gen

W97M/Panther.gen

W97M/Assilem.gen

W97M/Marker.ag.gen

W97M/Marker.p.gen

W97M/Lulung.gen

W97M/Footer.gen

W97M/Ethan.f.gen

W97M/ColdApe.gen

W97M/Chameleon.gen

CeCe.GR1

CeCe.GR2

X97M/Laroux.au.gen

W32/Sdbot.gen.r

Generic Malware Tool (1)

W97M/HMVC.Kit.gen

Generic Worm (22)

W32/Sdbot.worm.gen

W32/Spybot.worm.gen.e

W32/Gaobot.worm.gen.g

W32/Gaobot.worm.gen.f

W32/Gaobot.worm.gen.e

W32/Sdbot.worm.gen.w

W32/Spybot.worm.gen.f

W32/Gaobot.worm.gen.l

W32/Sdbot.worm.gen.l

W32/Sdbot.worm.gen.j

W32/Sdbot.worm.gen.h

W32/Sasser.worm.gen

W32/Sdbot.worm.gen.k

W32/Sdbot.worm.gen.i

W32/Sdbot.worm.gen.g

W32/Sdbot.worm.gen.x

W32/Sdbot.worm.gen.u

W32/Sdbot.worm.gen.t

W32/Korgo.worm.gen

W32/Sdbot.worm.gen.p

W32/Sdbot.worm.gen.q

W32/Gaobot.worm.gen.h

Heuristic (2)

New W97M/Minimal

Intended (3)

XM/Trasher.b.intd

XM/Trasher.a.intd

W97M/Hope.l.intd

Internet Worm (10)

W32/Gaobot.worm.ali

W32/Sasser.worm.b

W32/Sasser.worm.c

W32/Sasser.worm.d

W32/Sasser.worm.a

W32/Sasser.worm.e

W32/Sasser.worm.f

W32/Sasser.worm.g

W32/Korgo.worm.r

W32/Gaobot.worm.gen.q

Macro (212)

W97M/Caligula.a

W97M/Marker.gen

W97M/Marker.ab.gen

W97M/Melissa.ao@mm

W97M/Generic.dam

W97M/Ostrich.gen

W97M/Caligula.e

W97M/Caligula.c

W97M/Caligula.d

W97M/Caligula.b

VBA/Cats

W97M/ColdApe.aa

Malware Tool (2)

W97M/Polygen.Kit

MAPI (1)

W97M/Generic@mm

Peer To Peer (1)

W32/Generic.c!p2p

PowerPoint Macro (1)

Script (1)

Source code (9)

O97M/Shiver.src

W97M/Verlor.src

W97M/Marker.src.e

W97M/Marker.src.c

W97M/Marker.src.b

W97M/Marker.src.a

W97M/Marker.src.d

W97M/Coldape.src

Universal (1)

Univ/j

Win32 (11)

Worm (17)

W32/Generic.worm.b

W32/Korgo.worm.ab

W32/Korgo.worm.aa

W32/Korgo.worm.ac

W32/Arghast.worm

W32/Korgo.worm.ad

W32/Korgo.worm.z

W32/Korgo.worm.x

W32/Korgo.worm.y

W32/Korgo.worm.u

W32/Korgo.worm.t

W32/Korgo.worm.s

W32/Korgo.worm.i

W32/Korgo.worm.v

W32/Korgo.worm.k

W32/Korgo.worm.p

W32/Korgo.worm.q