McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4428
DAT Release Date	02/16/2005
Threats Detected	116531
New Detections	106
Enhanced Detections	406

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (9)

(3)

VMag70

WareOut

Tool (3)

Win32 (3)

Favadd

ShopNav

Trojan (70)

(9)

Phish-BankFraud.eml.d

Phish-BankFraud.eml.a

Phish-BankFraud.eml.f

Phish-BankFraud.eml.e

Phish-BankFraud.eml.c

Phish-BankFraud.eml.b

HideProc

Generic BackDoor.t

Application extension (1)

Application extension Droppe (1)

StartPage-DU.dll.dr

Downloader (9)

Dropper (4)

MultiDropper-MI

Downloader-VK.dr

BackDoor-ABM.dr

MultiDropper-MH

Exploit (1)

Exploit-MS05-009

File/Folder creator (1)

QFile6

Flooder (1)

Generic (1)

Intended (1)

W97M/Noifi.intd

Internet Relay Chat (1)

IRC-Azur

Joke (1)

Keylogger (1)

Malware Tool (1)

Password Stealer (2)

PWS-Gadu

ProcKill (2)

Remote Access (2)

Script (16)

Bat/sec

StartPage (1)

Win32 (14)

QHost-26

Generic StartPage.h

Spyre

Liewar

Generic Downloader.r

Generic Downloader.q

DDoS-Nil

Pokey.a

Generic BackDoor.s

Virus (27)

(4)

Dropper (1)

Email (1)

Generic (1)

Generic Worm (4)

W32/AimDes.worm.gen

W32/Sdbot.worm.gen.ad

W32/Lextas.worm.gen

W32/Flopslene.worm.gen

Intended (1)

Internet Worm (1)

W32/Bropia.worm.n

multipartite (1)

SPTH.mp

Script (1)

Unpacked (1)

Win32 (6)

W32/Shodi!backdoor

Worm (5)

W32/Bropia.worm.o

W32/Shodi.worm.l

W32/Bropia.worm.m

W32/AimDes.worm

Enhanced Detections:

Virus (117)

(4)

Trout

OC/ooch

Dreg

KDG.1200

- (1)

Application extension (1)

Damaged (1)

W32/Netsky.q.dam

Damaged Worm (8)

W32/Spybot.worm.dam

W32/Gaobot.worm.dam

W32/Korgo.worm.v.dam

W32/Korgo.worm.p.dam

W32/Korgo.worm.s.dam

W32/Korgo.worm.aa.dam

W32/Sdbot.worm.dam

W32/Korgo.worm.ac.dam

Dropper (3)

E-mail (2)

W32/Dumaru.ad@MM

W32/Bagle.ad@MM

E-mail worm (3)

W32/Dumaru.y@MM

W32/Bagle.aa@MM

Email (14)

W32/Dumaru.aa@MM

W32/Dumaru.z@MM

W32/Bagle.al@MM

W32/Dumaru.af@MM

W32/Dumaru.ab@MM

W32/Dumaru.ag@MM

W32/Dumaru.ae@MM

W32/Dumaru.ah@MM

W32/Dumaru.av@MM

W32/Dumaru.al@MM

W32/Dumaru.ak@MM

W32/Dumaru.aj@MM

W32/Dumaru.ai@MM

File Infector (1)

Generic (1)

Generic Worm (18)

W32/Sdbot.worm.gen

W32/Spybot.worm.gen.e

W32/Gaobot.worm.gen.e

W32/Sdbot.worm.gen.w

W32/Spybot.worm.gen.f

W32/Gaobot.worm.gen.l

W32/Gaobot.worm.gen.j

W32/Sdbot.worm.gen.n

W32/Sdbot.worm.gen.l

W32/Sdbot.worm.gen.j

W32/Sdbot.worm.gen.h

W32/Sdbot.worm.gen.m

W32/Sdbot.worm.gen.i

W32/Sdbot.worm.gen.x

W32/Gaobot.worm.gen.t

W32/Sdbot.worm.gen.y

W32/Sdbot.worm.gen.t

W32/Korgo.worm.gen

Heuristic (1)

Internet Worm (4)

W32/Bropia.worm.g

W32/Bropia.worm.gen

W32/Bropia.worm.d

W32/Korgo.worm.r

MS Office Suite (1)

VBA/Generic.src

Overwriting (1)

Peer To Peer (1)

Script (1)

VbScript (1)

Win32 (24)

Win9x (1)

Worm (25)

W32/Korgo.worm.ab

W32/Korgo.worm.aa

W32/Korgo.worm.ac

W32/Bropia.worm.e

W32/Bropia.worm.f

W32/Bropia.worm.k

W32/Bropia.worm.i

W32/Bropia.worm.l

W32/Bropia.worm.j

W32/Bropia.worm.h

W32/Korgo.worm.ad

W32/Bropia.worm.b

W32/Bropia.worm.a

W32/Bropia.worm.c

W32/Korgo.worm.z

W32/Korgo.worm.x

W32/Korgo.worm.y

W32/Korgo.worm.u

W32/Korgo.worm.t

W32/Korgo.worm.s

W32/Korgo.worm.i

W32/Korgo.worm.v

W32/Korgo.worm.k

W32/Korgo.worm.p

W32/Korgo.worm.q

Trojan (221)

(6)

Generic BackDoor.d

Application extension (5)

BackDoor-CAY.dll

PWS-Banker.k.dll

BackDoor-CNZ.dll

StartPage-DU.dll

AdClicker-BV.dll

Configuration settings (1)

Configurator (1)

Downloader-BP.cfg

Denial Of Svc (1)

Downloader (9)

JS/Exploit-MhtRedir.ldr

PWS-Bancban.dldr

Downloader-GG!chm

Dropper (9)

MultiDropper-BN

IRC/Flood.cs.dr

BackDoor-BDI.dr

Exploit (6)

Exploit-DcomRpc

Exploit-ByteVerify

JS/Exploit-DragDrop

Exploit-PNGfile

JS/Exploit-MhtRedir

Flooder (64)

FDoS-P2k

FDoS-DAP

FDoS-STU

FDoS-MK3

FDoS-GCS

Generic (5)

BackDoor-EE.gen

DDoS-Kaiten.gen

JS/Exploit-MhtRedir.gen

HTML document (1)

BackDoor-AXJ.htm

Internet Relay Chat (1)

Keylogger (1)

Malware Tool (55)

Spam-VDX

Spam-DMB

Spam-XYN

Spam-GZL

Password (4)

Password Stealer (11)

PWS-Zaba

Proxy (3)

Remote Access (14)

Generic BackDoor.l

Script (1)

StartPage (1)

Tool (1)

Win32 (21)

Generic Downloader.a

Pokey-B

Generic Downloader.n

Generic BackDoor.q

Pandora

Generic BackDoor.g

Generic StartPage.b

Generic Downloader.p

Generic Downloader.k

Generic BackDoor.r

Vundo

Generic BackDoor.i

Generic Downloader.h

Malware (1)

Denial Of Svc (1)

Program (67)

(1)

IE Page Replacement

Adware (7)

Adware-KeenValue

IPSentry

Adware-Searchcentrix

Adware-LoggerBuddy

Adware-Softomate

Application extension (1)

Spyware-SafeSurf.dll

Downloader (2)

Adware-POP.dldr

Adware-ClearSearch.dldr

Dropper (2)

Adware-BetterInet.dr

Adware-abetterintrnt.dr

Generic (3)

Dialer-RAS.aw.gen

Keylog-Perfect.gen

Dialer-RAS.dd.gen

HTML document (1)

Keylogger (1)

Remote Access (1)

Tool (43)

Win32 (5)

iGetNet

SFind

RemAdm-RemoteAdmin

Rpcxss