McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4397
DAT Release Date	10/06/2004
Threats Detected	103203
New Detections	95
Enhanced Detections	146

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
QHosts-18	Low-Profiled	Low-Profiled

New Detections:

Program (12)

(1)

Adware (1)

Dialer (2)

Dropper (1)

Adware-Pribi.dr

Malware Tool (3)

ProcKill (1)

Tool (1)

Win32 (2)

Trojan (49)

(4)

Timerun

QHosts-18!hosts

QHosts-17!hosts

Application extension (3)

Downloader-EA.dll

AdClicker-BA.dll

Downloader (10)

StartPage-BN.dldr

PWS-Bancban.dldr

MultiDropper-LQ.dldr

Downloader-KO!chm

Dropper (4)

MultiDropper-LQ

MultiDropper-LG!chm

Downloader-QG.dr

Adclicker-AF.dr

Exploit (2)

Exploit-MhtRedir

Generic (1)

BackDoor-CHN.gen

JavaScript (1)

Exploit-MS04-028.ldr

Linux (4)

Linux/Rootkit-Lrk

Linux/Rootkit-FKit

Linux/Rootkit-Knark

Linux/PWS-Linspy

Password Stealer (3)

Proxy (1)

Remote Access (6)

Linux/Backdoor-ICMP

StartPage (3)

Win32 (7)

Del-459

Enfal

Generic Downloader.g

Generic Downloader.f

Generic BackDoor.o

Generic BackDoor.n

Virus (34)

(13)

Topa

Mystic

XRes.632

RZR.844

Four Seasons.1534

Application extension Worm (1)

W32/Korgo.worm.ae.dll

Damaged Worm (1)

W32/Korgo.worm.aa.dam

Dropper (1)

E-mail (1)

W32/Bugbear.j@MM

Email (3)

W32/Bagz.a@MM!zip

Email Generic (1)

W32/Bagz.gen@MM

Peer To Peer (1)

Perl/Zoomen@MM!p2p

Script Worm (1)

W32/Sdbot.worm.bat.b

Win32 (2)

Worm (9)

W32/Darby.worm.o

W32/Darby.worm.n

W32/Darby.worm.m

W32/Darby.worm.l

W32/Darby.worm.k

W32/Darby.worm.j

W32/Darby.worm.i

VBS/IISDel.worm

Enhanced Detections:

Internet Worm (1)

E-mail worm (1)

W32/Bugbear.gen@MM

Program (45)

(5)

Suspicious IFrame.b

V-HTM.d

V-HTM.c

V-HTM.b

V-HTM.a

Downloader (1)

Malware Tool (1)

HTool/Exp-MS04-028.b

Tool (37)

Win32 (1)

Trojan (45)

(1)

Generic Downloader.e

Application extension (2)

Downloader-DA.dll

Client (1)

Configurator (3)

Damaged (1)

MultiDropper-DC.dam

Demonstration (1)

Exploit-MS04-028.demo

Downloader (6)

Proxy-Agent.a.dldr

Downloader Generic (1)

Proxy-FBSR.gen.dldr

Dropper (2)

MultiDropper-DC

ServU.dr

Exploit (4)

JS/Exploit-SaveRef

Exploit-MS04-028

W97M/Exploit-JPEG

Generic (4)

APStrojan.gen18

Exploit-URLSpoof.gen

Keylogger (1)

Keylog-Fearless

Password Stealer (1)

Proxy (2)

Remote Access (5)

Script (1)

NTRootKit-B.bat

Server (1)

StartPage (1)

StartPage-BT!chm

Win32 (7)

Generic Downloader.b

Generic Downloader.a

Generic BackDoor.j

Justone

Virus (55)

(1)

Damaged Worm (4)

W32/Korgo.worm.v.dam

W32/Korgo.worm.p.dam

W32/Korgo.worm.s.dam

W32/Protoride.worm.dam

Dropper (2)

E-mail (2)

W32/Bagle.aq@MM

W32/Bagle.ai@MM

E-mail worm (2)

W32/Bagle.ag@MM

W32/Bagle.ae@MM

Email (5)

W32/Bagle.az@MM

W32/Bugbear.i@MM

W32/Bugbear.h@MM

File Infector (2)

Boojum

Leprosy

Generic (1)

Generic Worm (2)

W32/Korgo.worm.gen

W32/Spybot.worm.gen.n

Heuristic (1)

Internet Worm (2)

W32/Darby.worm.e

W32/Korgo.worm.r

mIRC Worm (1)

W32/Protoride.worm

P2P Worm (1)

W32/Darby.worm.a

Universal (1)

Univ/a

Win32 (4)

Worm (24)

W32/Generic.worm.b

W32/Korgo.worm.ab

W32/Korgo.worm.aa

W32/Korgo.worm.ac

W32/Darby.worm.d

W32/Darby.worm.c

W32/Darby.worm.b

W32/Korgo.worm.ae

W32/Bagle.at@MM

W32/Korgo.worm.ad

W32/Korgo.worm.z

W32/Korgo.worm.x

W32/Korgo.worm.y

W32/Korgo.worm.u

W32/Korgo.worm.t

W32/Korgo.worm.s

W32/Korgo.worm.i

W32/Korgo.worm.v

W32/Korgo.worm.k

W32/Korgo.worm.p

W32/Korgo.worm.q