McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4390
DAT Release Date	09/08/2004
Threats Detected	99978
New Detections	168
Enhanced Detections	291

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
Uploader-S	Low-Profiled	Low-Profiled

New Detections:

Internet Worm (1)

Email Worm (1)

W32/MyWife.c@MM

Program (29)

(13)

VMag66

VMag64

VMag63

VMag62

VMag60

VMag56

Tool/lam

VMag65

VMag61

VMag59

Tool/uvp

Tool/cof

Dialer (2)

Dialer-Generic.d

Dialer-Generic.c

Dropper (1)

Keylog-Ardamax.dr

Joke (1)

Joke-MovingWindow

Malware Tool (11)

HTool/GetInjectProc

Script (1)

Tool/dse

Trojan (59)

(1)

Application extension (3)

BackDoor-CIO.dll

Downloader (12)

Downloader Generic (1)

Dropper (6)

MultiDropper-LJ

MultiDropper-LI

MultiDropper-LH

StartPage-DP.dr

BackDoor-CIJ.dr

Exploit (3)

UNIX/Exploit-Axis

JS/Exploit-DragDrop.b

Flooder (3)

JV/FDoS-BirdChat

FDoS-ChatAnywhere

Internet Relay Chat (1)

Keylogger (1)

Malware Tool (1)

Password Stealer (1)

Remote Access (13)

BackDoor-BCB!chm

Source code (3)

Nuke-PainKill.src

JV/FDoS-BirdChat.src

FDoS-ChatAnywhere.src

Win32 (10)

XCacher

WitchDoc

Generic StartPage.e

Generic Dropper.d

Colem

Virus (79)

(46)

Xany.411

Xany.142

Wilbur.e

Riot.812

Chaos-Year.1837

Xexe.123

JTD.737

FF.Mosq

Yeke

Wilbur

Retaliator.1544

Phoenix.1226 dr

Oolong

Leda.820

Chaos-Year.2005

XRes.655

Xexe.126

TPVO.Pitch.1329

Tiny.247

Nuc.518

Nihil

Hybris

Dre.756

Dark-Revenge.1024

Cow.886

Application extension (2)

W32/Mydoom.t.dll

Boot (1)

EBase

Boot dropper (1)

Damaged (6)

Keypress.Ufo.dam

Amoeba.1392.dam

Damaged Worm (2)

W32/Korgo.worm.p.dam

W32/Korgo.worm.s.dam

Dropper (1)

TPVO.Pitch.1329.dr

Dropper multipartite (2)

Neuroquila.mp.dr.b

Neuroquila.mp.dr.a

Email (1)

W32/Mydoom.t@MM!zip

Generic (1)

Macro (1)

Malware Tool (1)

TMAK.kit

multipartite (1)

Overwriting (2)

Parasitic (1)

Win32 (5)

W32/NGVCK.a.1222

W32/Bagle.au!troj

Worm (5)

W32/Mydoom.t@MM

W32/Randon.worm.bi

W32/Meedye.worm

W32/Cocoazul.worm

Enhanced Detections:

Internet Worm (2)

- (1)

W32/Mydoom.p@MM

VbScript (1)

Malware (2)

Exploit (2)

Exploit-IIS.Crack

Exploit-CodeBase

Program (36)

(5)

VMag54

VMag51

VMag50

VMag55

VMag49

- (2)

IMIServer.download

Adware (1)

Application extension (1)

Dialer (1)

Dialer-Generic.b

Downloader (2)

Downloader-EAccel

Adware-Lop.dldr

Keylogger (1)

Malware Tool (12)

Password (1)

PornDialer (1)

Remote Access (1)

Script (4)

Tool (1)

Win32 (3)

RemAdm-RemoteAdmin

Vundo

PShelter

Trojan (77)

(3)

Generic BackDoor.d

Phish-BankFraud.eml

- (2)

Application extension (4)

Configurator (1)

Demonstration (1)

JS/Exploit-DragDrop.b.demo

Disk erasing (1)

QZap66

Downloader (6)

Proxy-Mitglieder

Dropper (7)

IRC/Flood.gen.dr

BackDoor-ACH.dr

BackDoor-AMQ.dr

Exploit (6)

Exploit-DcomRpc

Exploit-ObjectData

Exploit-ByteVerify

Exploit-MhtRedir.gen

Generic (8)

Exploit-DcomRpc.gen

PWS-Bancban.gen

PWS-Bancos.gen.c

Exploit-ObjectData.gen

Downloader-MP.gen

Spy-Tofger.gen.b

PWS-LegMir.gen.e

JavaScript (1)

Malware Tool (3)

Password (6)

Password Stealer (2)

PWS-IN

Proxy (3)

Remote Access (7)

BackDoor-AZV.gen

Script (1)

Univ.script/99a

Win32 (15)

Generic Downloader.b

Generic Downloader.a

W32/Bagle.x!proxy

Generic BackDoor.f

Generic BackDoor.c

Sporke

Generic MultiDropper.a

Ombush

Virus (174)

(4)

Xany.216

Bobo.515

Boot (1)

BobZ

Damaged (3)

W32/Lovgate.dam

W32/Lovgate.x.dam

Damaged Worm (4)

W32/Spybot.worm.dam

W32/Gaobot.worm.dam

W32/Korgo.worm.v.dam

W32/Sdbot.worm.dam

Dropper (4)

Dropper Worm (1)

W32/Spybot.worm.dr

E-mail (9)

W32/Mydoom.b@MM

W32/MyWife.a@MM

W32/Mydoom.h@MM

W32/Mydoom.e@MM

W32/Dumaru.ad@MM

W32/Mydoom.o@MM

W32/Lovgate.ah@MM

W32/Mydoom.k@MM

E-mail worm (10)

W32/Lovgate.f@M

W32/Dumaru.y@MM

W32/Mydoom.g@MM

W32/Mydoom.f@MM

W32/Mydoom.n@MM

W32/Lovgate.ad@MM

W32/Lovgate.af@MM

W32/Lovgate.aj@MM

W32/Lovgate.ab@MM

Email (44)

W32/Dumaru.aa@MM

W32/Dumaru.z@MM

W32/Mydoom.i@MM

W32/Lovgate.r@MM

W32/Lovgate.b@M

W32/Lovgate.g@M

W32/Lovgate.m@M

W32/Lovgate.n@M

W32/Dumaru.af@MM

W32/Dumaru.ab@MM

W32/Dumaru.ag@MM

W32/Dumaru.ae@MM

W32/Mydoom.j@MM

W32/Dumaru.ah@MM

W32/Mydoom.d@MM

W32/Lovgate.q@MM

W32/Lovgate.p@MM

W32/Lovgate.v@M

W32/Lovgate.t@MM

W32/Lovgate.u@MM

W32/Lovgate.w@M

W32/MyWife.b@MM

W32/Lovgate.al@MM

W32/Lovgate.aa@MM

W32/Lovgate.ao@MM

W32/Lovgate.an@MM

W32/Lovgate.ak@MM

W32/Lovgate.ac@MM

W32/Lovgate.ae@MM

W32/Mydoom.a@MM

W32/Mydoom.m@MM

W32/Mydoom.l@MM

W32/Dumaru.av@MM

W32/Mydoom@MM!zip

W32/Mydoom.k@MM!zip

W32/Mydoom.b@MM!zip

W32/Mydoom.a@MM!zip

W32/Dumaru.al@MM

W32/Dumaru.ak@MM

W32/Dumaru.aj@MM

W32/Dumaru.ai@MM

Email Generic (3)

W32/Dumaru.gen@MM

W32/Mydoom.gen@MM

W32/MyWife.gen@MM

Email Worm (3)

W32/Mydoom.r@MM

W32/Lovgate.ai@MM

W32/Lovgate.ag@MM

File Infector (5)

Internal

Bobo

Phoenix

Generic (1)

W32/Sdbot.gen.r

Generic Worm (19)

W32/Spybot.worm.gen.e

W32/Gaobot.worm.gen.g

W32/Gaobot.worm.gen.f

W32/Gaobot.worm.gen.e

W32/Sdbot.worm.gen.w

W32/Spybot.worm.gen.f

W32/Gaobot.worm.gen.l

W32/Sdbot.worm.gen.j

W32/Sdbot.worm.gen.h

W32/Sdbot.worm.gen.o

W32/Sdbot.worm.gen.m

W32/Sdbot.worm.gen.k

W32/Sdbot.worm.gen.i

W32/Sdbot.worm.gen.x

W32/Sdbot.worm.gen.y

W32/Sdbot.worm.gen.t

W32/Korgo.worm.gen

W32/Sdbot.worm.gen.p

W32/Gaobot.worm.gen.h

Heuristic (1)

Internet Relay Chat (1)

Internet Worm (4)

W32/Gaobot.worm.ali

W32/Mydoom.s@MM

W32/Korgo.worm.r

W32/Gaobot.worm.gen.q

Macro (1)

MS Office Suite (1)

VBA/Generic.src

Proxy (2)

W32/Bagle.ak!proxy

W32/Bagle.am!proxy

Script (1)

Universal (4)

Univ/f

Univ/a

Univ/g

Univ/j

Win32 (26)

W32/Bagle.an!troj

Worm (22)

W32/Lovgate.l@M

W32/Lovgate.a@M

W32/Lovgate.c@M

W32/Lovgate.s@MM

W32/Lovgate.x@MM

W32/Korgo.worm.ab

W32/Korgo.worm.aa

W32/Korgo.worm.ac

W32/Korgo.worm.ad

W32/Korgo.worm.z

W32/Korgo.worm.x

W32/Korgo.worm.y

W32/Korgo.worm.u

W32/Korgo.worm.t

W32/Korgo.worm.s

W32/Korgo.worm.i

W32/Korgo.worm.v

W32/Korgo.worm.k

W32/Korgo.worm.p

W32/Korgo.worm.q