McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4398
DAT Release Date	10/13/2004
Threats Detected	103749
New Detections	143
Enhanced Detections	242

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Joke (1)

Joke (1)

Program (8)

(1)

Dialer (2)

Downloader (2)

Virtual Bouncer.dldr

Malware Tool (2)

PWCrack-OpenPass

Tool (1)

Trojan (53)

(5)

Share

Crah

Client (1)

Linux/PWS-LinSpy.cli

Damaged (1)

Linux/Rootkit-Dica.dam

Demonstration (5)

Bat/Exploit-GrpConv.demo

JS/Exploit-Shell.demo

Exploit-ZIPName.demo

Exploit-NetDDE.demo

Exploit-Halftone.demo

Downloader (11)

Downloader-QS!ftp

JS/Downloader-PP

Dropper (2)

MultiDropper-LR

BackDoor-CJV.dr

Email (1)

Exploit (2)

JS/Exploit-InsCtl

Exploit-JPG.Crash

Flooder (1)

Malware Tool (4)

Linux/Rootkit-Knark.ko

Linux/Rootkit-ArkD

Linux/Rootkit-Skit

Linux/Rootkit-Dica

Password Stealer (5)

PWS-LDPinch!zip

PWS-Crtz

Remote Access (8)

Perl/Backdoor-Egg

Script (3)

Win32 (4)

Virus (81)

(56)

BACE.338

Flu.1160

XRes.204

XRCE.146

VLAD.550

Uncouth

Modi.648

LX.1996

Lisa.666

Kill.578

Hypnotiser.1784

Flavour

Cagliari

Damaged (9)

W32/Bagle.ag.dam

W32/Bagle.i.dam

W32/Bagle.h.dam

W32/Bagle.g.dam

W32/Bagle.f.dam

W32/Bagle.e.dam

Ratboy.289b.dam

Dropper (2)

Dropper Worm (1)

W32/Leox.worm.dr

Email (2)

W32/Mydoom.ad@MM

W32/Lovgate.aq@MM

Linux (1)

Script (3)

Bat/bvg

Win32 (3)

Worm (4)

W32/Funner.worm

Bat/Igador.worm

W32/Funner.worm!hosts

Enhanced Detections:

- (1)

- (1)

Internet Worm (4)

- (1)

W32/Mydoom.p@MM

E-mail (2)

W32/Mydoom.u@MM

W32/Mydoom.v@MM

Trojan (1)

Linux/Adore.worm

Malware (1)

Exploit (1)

Exploit-CodeBase

Program (32)

(4)

PortScan-EvilEye

VMag9

YNotify

- (1)

Application extension (10)

Keylog-Qover.dll

Clearsearch.dll

KeyLog-KeyRecord.dll

PSpy.dll

Keylog-SARep.dll

Tool-RemoteKill.dll

Keylog-Perfect.dll

Dialer (2)

Dialer-Generic.b

Downloader (2)

Generic (1)

Keylog-Perfect.gen

Keylogger (2)

Keylog-StealthLogger

Password (1)

Plugin component (1)

Tool-Xscan.plugin

PornDialer (1)

ProcKill (1)

Remote Access (1)

Spyware (2)

Keylog-KeyLoggerJ

Win32 (3)

SFind

Virtual Bouncer

RemAdm-RemoteAdmin

Trojan (77)

(9)

Generic BackDoor.d

Phish-BankFraud.eml

QHosts-17!hosts

- (1)

Application extension (4)

BackDoor-CGX.dll

W32/Dumaru.al.dll

AdClicker-BA.dll

Configuration settings (1)

Demonstration (1)

JS/Exploit-DragDrop.b.demo

Downloader (8)

Proxy-Mitglieder

PWS-Bancban.dldr

Dropper (1)

Dropper Generic (1)

IRC-Sdbot.dr.gen

Exploit (2)

Exploit-MhtRedir.gen

Generic (3)

PWS-Bancos.gen.c

FDoS-Spabot.gen

JS/Exploit-DragDrop.b.gen

Internet Relay Chat (1)

Linux (5)

Linux/Rootkit-Lrk

Linux/Rootkit-FKit

Linux/Rootkit-Knark

Linux/PWS-Linspy

Linux/BlackHole

Password (3)

Remote Access (8)

BackDoor-AZV.gen

Linux/Backdoor-ICMP

Script (1)

Univ.script/99a

Source code (1)

Keylog-Small.b.src

Spyware (1)

Keylog-Perfect.dr

Win32 (26)

Generic BackDoor.h

Tuoraw

SrvAny

Generic StartPage.e

Generic StartPage.c

Virus (127)

(4)

Fam.533

Application extension (6)

W32/Hiton.a.dll

W32/Mydoom.t.dll

W32/Delikon.dll

Application extension Generi (1)

W32/Hiton.dll.gen

Application extension Worm (8)

W32/Bobax.worm.dll

W32/Bizex.worm.dll

W32/Anig.worm.dll

W32/Mota.worm.dll

W32/Bobax.worm.d.dll

W32/Bobax.worm.b.dll

W32/Bobax.worm.c.dll

W32/Bobax.worm.a.dll

Damaged (2)

W32/Lovgate.dam

W32/Lovgate.x.dam

Damaged Worm (3)

W32/Spybot.worm.dam

W32/Gaobot.worm.dam

W32/Sdbot.worm.dam

Dropper (1)

E-mail (8)

W32/Mydoom.b@MM

W32/Mydoom.h@MM

W32/Mydoom.e@MM

W32/Mydoom.o@MM

W32/Mabutu.a@MM

W32/Mabutu.b@MM

W32/Lovgate.ah@MM

W32/Mydoom.k@MM

E-mail worm (11)

W32/Lovgate.f@M

W32/Mydoom.g@MM

W32/Mydoom.f@MM

W32/Mydoom.z@MM

W32/Mydoom.n@MM

W32/Mydoom.ab@MM

W32/Fightrub@MM

W32/Lovgate.ad@MM

W32/Lovgate.af@MM

W32/Lovgate.aj@MM

W32/Lovgate.ab@MM

Email (28)

W32/Mydoom.i@MM

W32/Lovgate.r@MM

W32/Lovgate.b@M

W32/Lovgate.g@M

W32/Lovgate.m@M

W32/Lovgate.n@M

W32/Mydoom.j@MM

W32/Mydoom.d@MM

W32/Lovgate.q@MM

W32/Lovgate.p@MM

W32/Lovgate.v@M

W32/Lovgate.t@MM

W32/Lovgate.u@MM

W32/Lovgate.w@M

W32/Lovgate.al@MM

W32/Lovgate.aa@MM

W32/Lovgate.ao@MM

W32/Lovgate.an@MM

W32/Lovgate.ak@MM

W32/Mydoom.y@MM

W32/Mydoom.x@MM

W32/Mydoom.w@MM

W32/Lovgate.ac@MM

W32/Lovgate.ae@MM

W32/Mydoom.a@MM

W32/Mydoom.m@MM

W32/Mydoom.l@MM

W32/Mydoom.ac@MM

Email Generic (2)

W32/Mabutu.gen@MM

W32/Mydoom.gen@MM

Email Worm (3)

W32/Mydoom.r@MM

W32/Lovgate.ai@MM

W32/Lovgate.ag@MM

File Infector (2)

Vampiro

Vienna

Generic (1)

W32/Sdbot.gen.r

Generic Worm (23)

W32/Sdbot.worm.gen.b

W32/Spybot.worm.gen.e

W32/Gaobot.worm.gen.g

W32/Gaobot.worm.gen.f

W32/Gaobot.worm.gen.e

W32/Sdbot.worm.gen.w

W32/Spybot.worm.gen.i

W32/Gaobot.worm.gen.l

W32/Sdbot.worm.gen.e

W32/Spybot.worm.gen.g

W32/Sdbot.worm.gen.l

W32/Sdbot.worm.gen.j

W32/Sdbot.worm.gen.h

W32/Sdbot.worm.gen.k

W32/Sdbot.worm.gen.i

W32/Sdbot.worm.gen.g

W32/Sdbot.worm.gen.x

W32/Sdbot.worm.gen.y

W32/Sdbot.worm.gen.u

W32/Sdbot.worm.gen.t

W32/Sdbot.worm.gen.v

W32/Sdbot.worm.gen.p

W32/Gaobot.worm.gen.h

Internet Worm (5)

W32/Gaobot.worm.ali

W32/Mydoom.s@MM

W32/Gaobot.worm.gen.q

Peer To Peer (1)

W32/Generic.d!p2p

Script (1)

Bat/flm

Universal (2)

Univ/f

Univ/j

VbScript (2)

Win32 (4)

Worm (9)

W32/Lovgate.l@M

W32/Lovgate.a@M

W32/Lovgate.c@M

W32/Lovgate.s@MM

W32/Lovgate.x@MM

W32/Sluter.worm.e

W32/Dedler.worm

W32/Mydoom.t@MM