Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4360
DAT Release Date 05/12/2004
Threats Detected 90134
New Detections 187
Enhanced Detections 297

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
W32/Wallon.worm.a Low-Profiled Low-Profiled

New Detections:

Program (14)
  Adware (3)
    Adware-CommanderNET
    Adware-WinTools
    Adware-BestSearch
  Dialer (1)
    Dialer-200
  Downloader (1)
    Downloader-JV
  Joke (1)
    Joke-LoveScreen
  Malware Tool (2)
    HTool/Client
    HTool/RPC
  Tool (2)
    Tool-Mdctr
    Tool-Hadic
  Win32 (4)
    SimpelFTP
    Areser
    InstSrv
    Cometsystems
Trojan (35)
  Application extension (2)
    PWS-Dolche.dll
    Keylog-PP.dll
  Configurator (2)
    BackDoor-CEP.cfg
    MultiDropper-KJ.cfg
  Denial Of Svc (1)
    DDoS-Chessmess
  Downloader (5)
    Downloader-JY
    Downloader-JW
    Downloader-JX
    Downloader-JU
    Downloader-JT
  Dropper (3)
    MultiDropper-KJ
    Proxy-Minit.dr
    MultiDropper-KK
  Exploit (2)
    Exploit-LHA Overflow
    Exploit-IIS.ssl.pct
  Flooder (1)
    FDoS-Yahoo.Tunnel
  Generic (2)
    Downloader-JT.gen
    Spy-Tofger.gen.a
  Internet Relay Chat (1)
    IRC/Lamen
  Keylogger (2)
    Keylog-PP
    Keylog-Megahard
  Malware Tool (1)
    Downloader-JT.kit
  Password Stealer (1)
    PWS-Dolche
  Remote Access (3)
    BackDoor-CEQ
    BackDoor-CEP
    BackDoor-BCY
  StartPage (3)
    StartPage-CZ
    StartPage-CX
    StartPage-CY
  Tool (2)
    Tool-MSADC
    Tool-Cart32Scan
  Win32 (4)
    Del-452
    Instrushell
    Del-451
    AdClicker-AM
Virus (138)
   (98)
    Zoom.276
    Zoom.260
    YCHV.1080
    Wamin.346
    Trakia.a
    Tesv.232
    QRes.316
    OPA.600
    Cruiser.846
    Xany.834
    Xany.316
    Xany.96b
    Xany.88a
    Xany.60
    Vor.600
    Virdem.836
    Trakia.b
    Suicide.544
    Snake.210
    Shatin.1637
    Revenge.2816
    Redarc.267
    Pendulum.1098
    Pendulum.1066
    Orchid.351
    Orchid.a
    Krang
    GoodLuck.300
    Glacier.1196
    Glacier.1183
    Click.375
    Billboard
    Baloo.630
    Baloo.525
    Ycock.1024
    Tiny-GM.168
    Tiny-GM.129
    Tenbytes.1514
    Tenbytes.1411
    Suit.1167
    Pulsar.539
    ParInt.837
    OPA.1100
    Olga.4448
    Munya.3025
    Messy.2204
    Lupus.663
    Luky.1060
    Llp.791
    Isly.624
    HNY.690
    Deicide.300
    Blackjack
    Armagates.533
    Alla.1827
    Xany.336
    Xany.125
    Xany.90
    Xany.87
    Virugene.PSI.193
    Violetta.3840
    StealthBomber.2155
    Snake.98
    ResQ.3774
    Pendulum.999
    Pendulum.1085
    Pendulum.1059
    Orchid.311
    Later.959
    Unkm.2682
    Frizer
    Click.329
    Baloo.643
    Baloo.589
    Apadana.1500
    Xeno.5809
    Typer.704
    Tiny-GM.163
    Tenbytes.1431
    Tenbytes.1410
    Spreader.951
    QRes
    Poxie.265
    OtherEnd.162
    Oksana.692
    Moon.278
    Lupus.665
    Lupus.532
    Junk.671
    HNY.711
    Dows.2304
    Cyberloard
    CV.743
    Critter
    Bauh.974
    Anarchyst.1268
    Alfons
    AFV.517
  Application extension Worm (2)
    W32/Gaobot.worm.dll
    W32/Tumbi.worm.dll
  Companion (1)
    HLL.cmp.9424
  Downloader Worm (1)
    W32/Wallon.worm.dldr
  Dropper (5)
    Scramble.1254.dr
    Xeno.5809.dr
    Scramble.1256.dr
    Scramble.1253.dr
    LME.dr
  Dropper Worm (1)
    W32/Dedler.worm.dr
  Email (2)
    W32/Bugbear.h@MM
    W32/Dumaru.ai@MM
  Generic Worm (5)
    W32/Gaobot.worm.gen.p
    W32/Cycle.worm.gen
    W32/Wallon.worm.gen
    W32/Gaobot.worm.gen.q
    W32/Gaobot.worm.gen.o
  Internet Worm (1)
    W32/Wallon.worm.a
  Overwriting (2)
    Orchid.ow.121
    Orchid.ow.120
  Parasitic (1)
    Cyberloard.cav.381
  Script (1)
    PHP/Aracna
  Universal (2)
    Univ.topsy
    Univ.prepend
  Win32 (12)
    W32/Polybot.av
    W32/Appix.f!rar
    W32/Riaz
    W32/Polybot.aw
    W32/Polybot.au
    W32/Polybot.as
    W32/Polybot.aq
    W32/Polybot.ao
    W32/Bugbear.h!zip
    W32/Polybot.at
    W32/Polybot.ar
    W32/Polybot.ap
  Worm (4)
    W32/Wallon.worm!eml
    W32/Wallon.worm
    W32/Randon.worm.ar
    W32/Opaserv.worm.ak

Enhanced Detections:

Internet Worm (4)
  E-mail worm (1)
    W32/Bugbear.gen@MM
  P2P Worm (2)
    W32/Generic.worm!p2p
    W32/Spybot.worm.lk
  Worm (1)
    W32/Polybot.gen!irc
Program (31)
  - (3)
    Proxy-OSS
    PSKill
    KeyHook.dll
  Adware (16)
    Adware-KeenValue
    Adware-TopMoxie
    Adware-PortalScan
    Adware-180Solutions
    Adware-HotBar
    Adware-SideSearch
    Adware-BB
    Adware-BHO.gen
    Adware-Gator
    Adware-SearchAid
    Adware-Virtumondo
    Adware-Apropos
    Adware-CnsMin
    Adware-IEDriver
    Adware-Lop
    Adware-StatBlaster
  Application extension (1)
    Dialer-Generic.dll
  Dialer (1)
    Dialer-Generic
  Dropper (2)
    Adware-Lop.dr
    Adware-IEDriver.dr
  Generic (1)
    Dialer-RAS.bb.gen
  Password (1)
    Keylog-Hoddle
  Remote Access (1)
    ServU-Daemon
  Spyware (1)
    Keylog-Perfect
  Tool (3)
    HideRun
    Tool-NetCat
    Tool-CGIScan
  Win32 (1)
    AdwareDropper-B
Trojan (91)
   (4)
    Generic PWS.b
    Generic BackDoor.d
    Orion
    Gigi
  - (1)
    IRC-Deport
  Application extension (6)
    BackDoor-AXJ.dll
    Downloader-DA.dll
    PWS-LegMir.dll
    PWS-Wincap.dll
    BackDoor-CCT.dll
    BackDoor-AKM.dll
  Downloader (6)
    Downloader-CY
    Proxy-Mitglieder
    Downloader-IZ
    Downloader-IQ
    Downloader-IF
    Proxy-Mitglieder.dldr
  Dropper (9)
    IRC/Flood.dt.dr
    PWS-Wincap.dr
    AdClicker-O.dr
    PWS-Bancban.dr
    IRC-Sdbot.dr
    IRC/Flood.ak.dr
    MultiDropper-IY
    IRC-Demfire.dr
    MultiDropper-JD
  Dropper Script (1)
    Seeker.reg.dr
  Exploit (7)
    Exploit-Sfind
    VBS/Psyme
    Exploit-MS03-043
    Exploit-Knox
    Exploit-Gtkftpd
    Exploit-Lhs
    Exploit-MS04-011
  Flooder (2)
    FDoS-Bnet
    FDoS-SMSBomb
  Generic (4)
    Proxy-Mitglieder.gen
    BackDoor-AZV.gen
    Spy-Tofger.gen
    Exploit-MhtRedir.gen
  Heuristic (1)
    New Malware.d
  HTML document (1)
    BackDoor-AXJ.htm
  Internet Relay Chat (2)
    IRC/Flood.dt.hidewin
    IRC/Flood.cl
  Java Applet (1)
    JV/Shinwow
  mIRC client (2)
    IRC/Flood.ak.mirc
    IRC-Demfire.mirc
  Parasitic (1)
    Qhosts.apd
  Password (5)
    PWS-Moneykeeper
    PWS-LegMir
    PWS-LDPinch
    PWS-Wincap
    Spy-Tofger
  Password Stealer (2)
    PWS-Hooker
    PWS-Banker
  Proxy (2)
    Proxy-FBSR
    Proxy-Minit
  Remote Access (11)
    IRC/Flood.c.dr
    BackDoor-AXJ
    BackDoor-CAC
    BackDoor-AKM
    BackDoor-AVW
    BackDoor-AOP
    BackDoor-CEC
    BackDoor-CCT
    BackDoor-AEP
    BackDoor-UK
    BackDoor-TC
  Script (5)
    Univ.script/99c
    Univ.script/99b
    Univ.script/99a
    Bat/rbt
    Bat/gho5
  Settings Change (1)
    SWCall
  Spyware (1)
    Keylog-Perfect.dr
  StartPage (4)
    StartPage-CP
    StartPage-BT
    StartPage-CM
    StartPage-CV
  Win32 (12)
    IRC/Flood.dz
    Generic Downloader.a
    Generic BackDoor.b
    HackerDefender
    Generic BackDoor.h
    Generic Delphi
    Generic BackDoor.e
    Sneaker
    Orifice2K
    Generic MSVC
    Timese
    Generic BackDoor.g
Virus (171)
   (19)
    Xany
    USA.1339
    Xany.127
    China.882
    Foetus
    Tiny-DI
    Tamsui.19033
    Ming
    Jos.1000
    Digger.600
    XS.851
    Nanjing
    Luky.1083
    Banger
    Prospero
    Ital.578
    IT.457
    China.884
    ITS.1531
  Application extension (1)
    W32/Bugbear.b.dll
  Application extension Generi (1)
    W32/Bagle.dll.gen
  Damaged (3)
    W32/Netsky.q.dam
    Tiny-DI.dam
    W32/Polybot.dam
  Damaged Worm (3)
    W32/Opaserv.worm.dam
    W32/Spybot.worm.dam
    W32/Gaobot.worm.dam
  Dropper (5)
    Univ/f.dr
    Foetus.dr
    Banger.dr
    Univ.top.dr
    Univ.pre.dr
  Dropper Worm (1)
    W32/Spybot.worm.dr
  E-mail (1)
    W32/Dumaru.ad@MM
  E-mail worm (1)
    W32/Dumaru.y@MM
  Email (9)
    W32/Dumaru.aa@MM
    W32/Dumaru.z@MM
    W32/Dumaru.af@MM
    W32/Dumaru.ab@MM
    W32/Dumaru.ag@MM
    W32/Dumaru.ae@MM
    W32/Dumaru.ah@MM
    W32/Bugbear.d@MM
    W32/Bugbear.c@MM
  Email Generic (1)
    W32/Mydoom.gen@MM
  File Infector (4)
    MPB/Kynel
    Scramble
    Tolbuhin
    Tony
  Generic Worm (29)
    W32/Opaserv.worm.gen
    W32/Spybot.worm.gen.b
    W32/Gaobot.worm.gen.d
    W32/Sdbot.worm.gen
    W32/Spybot.worm.gen.e
    W32/Gaobot.worm.gen.g
    W32/Gaobot.worm.gen.f
    W32/Spybot.worm.gen.f
    W32/Spybot.worm.gen.a
    W32/Gaobot.worm.gen.c
    W32/Gaobot.worm.gen.l
    W32/Spybot.worm.gen.h
    W32/Spybot.worm.gen.g
    W32/Spybot.worm.gen.d
    W32/Spybot.worm.gen.c
    W32/Tumbi.worm.gen.b
    W32/Sdbot.worm.gen.n
    W32/Sdbot.worm.gen.j
    W32/Sdbot.worm.gen.h
    W32/Sasser.worm.gen
    W32/Randbot.worm.gen.c
    W32/Gaobot.worm.gen.n
    W32/Sdbot.worm.gen.o
    W32/Sdbot.worm.gen.m
    W32/Sdbot.worm.gen.k
    W32/Sdbot.worm.gen.i
    W32/Gaobot.worm.gen.b
    W32/Randbot.worm.gen.d
    W32/Gaobot.worm.gen.h
  Heuristic (1)
    New AOL
  Intended (1)
    W97M/UCK.intd
  Internet Worm (11)
    W32/Polybot.l!irc
    W32/Opaserv.worm.n
    W32/Opaserv.worm.m
    W32/Gaobot.worm.ali
    W32/Sasser.worm.b
    W32/Sasser.worm.c
    W32/Sasser.worm.d
    W32/Sasser.worm.a
    W32/Sasser.worm.e
    W32/Cycle.worm.a
    W32/Sasser.worm.f
  Macro (1)
    W97M/NiceDay
  MS Office Suite (1)
    VBA/Generic.src
  Open Share Worm (1)
    W32/Dedler.worm.gen
  Overwriting (1)
    Univ.ow/a
  Script (3)
    Univ.bat/a
    VBS/Generic
    W32/Appix.reg
  Universal (6)
    Univ/r
    Univ/f
    Univ/a
    Univ/g
    Univ/j
    Univ/jdt
  Win32 (36)
    W32/Polybot.ag
    W32/Polybot.v
    W32/Polybot.t
    W32/Polybot.s
    W32/Polybot.r
    W32/Polybot.q
    W32/Polybot.o
    W32/Polybot.n
    W32/Polybot.m
    W32/Polybot.k
    W32/Polybot.j
    W32/Polybot.i
    W32/Polybot.h
    W32/Polybot.g
    W32/Polybot.f
    W32/Polybot.e
    W32/Polybot.c
    W32/Polybot.a
    W32/Polybot.u
    W32/Polybot.d
    W32/Polybot.b
    W32/Polybot.ae
    W32/Polybot.ac
    W32/Polybot.aa
    W32/Polybot.y
    W32/Polybot.w
    W32/Polybot.ad
    W32/Polybot.ab
    W32/Polybot.z
    W32/Polybot.x
    W32/Polybot.af
    W32/Polybot.am
    W32/Polybot.aj
    W32/Polybot.an
    W32/Polybot.al
    W32/Polybot.ai
  Worm (31)
    W32/Gaobot.worm
    W32/Opaserv.worm.ae
    W32/Opaserv.worm.d
    W32/Opaserv.worm.w
    W32/Opaserv.worm.u
    W32/Opaserv.worm.s
    W32/Opaserv.worm.p
    W32/Opaserv.worm.l
    W32/Opaserv.worm.i
    W32/Gaobot.worm.gen
    W32/Opaserv.worm.ai
    W32/Generic.worm.b
    W32/Opaserv.worm.ah
    W32/Opaserv.worm.ac
    W32/Opaserv.worm.a
    W32/Opaserv.worm.v
    W32/Opaserv.worm.t
    W32/Opaserv.worm.q
    W32/Opaserv.worm.o
    W32/Opaserv.worm.h
    W32/Opaserv.worm.r
    W32/Opaserv.worm.k
    W32/Opaserv.worm.f
    W32/Opaserv.worm.e
    W32/Opaserv.worm.aa
    W32/Opaserv.worm.ad
    W32/Opaserv.worm.aj
    Univ.worm
    W32/Gaobot.worm.aja
    W32/Dedler.worm
    W32/Sasser.worm!ftp