McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4364
DAT Release Date	06/02/2004
Threats Detected	91110
New Detections	92
Enhanced Detections	533

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
W32/Korgo.worm.g	Low-Profiled	Low-Profiled
W64/Rugrat	Low-Profiled	Low-Profiled

New Detections:

Program (5)

Downloader (1)

Malware Tool (2)

HTool/Scan-MS04-011

Tool (1)

Win32 (1)

PortScan-Ghirai

Trojan (53)

(2)

Generic Downloader.e

Application extension (2)

StartPage-DH.dll

Configurator (1)

BackDoor-CFC.cfg

Downloader (14)

Downloader-JY.dldr

AdClicker-O.dldr

Dropper (7)

MultiDropper-KO

IRC/Flood.ee.dr

MultiDropper-KM.b

Flooder (1)

Generic (2)

Internet Relay Chat (4)

Keylogger (1)

Password Stealer (1)

Remote Access (4)

BackDoor-CFC.srv

Script (2)

Downloader-KM.bat

Settings Change (2)

StartPage (4)

Win32 (6)

LogOff

Generic StartPage.c

DDoS-MobileBomb

Virus (34)

(8)

Retribution.1663

Jinx

Damaged Worm (1)

W32/Sddrop.worm.dam

Dropper (1)

Email (4)

W32/Dumaru.av@MM

W32/Bagle@MM!vbs

File Infector (1)

Generic Worm (1)

W32/Winfig.worm.gen

HTML document (1)

Script (2)

VBS/Nyar

W32/StingFake.bat

Win32 (8)

W32/NGVCK.a.2134

Worm (7)

W32/Parparo.worm

W32/Randon.worm.aw

W32/Gaobot.worm.pp

W32/Korgo.worm.g

W32/Korgo.worm.e

W32/Korgo.worm.f

Enhanced Detections:

Program (284)

(12)

Friend Greeting.eml

FormatD

Crack-Invircible

Durell

AntiDW

Reset

- (13)

Dsnif

Iroffer

Reboot-E

PrcView

Free-Scratch-Cards

Closer

Starr

Pepe-bar

IMIServ.download

Friend Greeting

Dlder

Adware (19)

Adware-TopMoxie

Adware-PortalScan

Adware-Superbar

Adware-SAHAgent

Adware-BetterInet

Adware-FreeComm

Adware-Cantfind

Adware-Homepage

Adware-StatBlaster

Adware-WildMedia

Application extension (3)

PWCrack-Revealer.dll

Client (2)

NetbusPro.cli.pak

CyberSensor.cli

Configurator (1)

Demonstration (5)

Demo-WallBreaker

Demo-AdoRead50x

Joke-Demo-Finjokan

Downloader (4)

IdentDaemon.ldr

Dropper (4)

PWCrack-Cain.dr

Adware-BetterInet.dr

Kim.dr

Exploit (3)

Exploit-GkWarez

Exploit-Agressor

Flooder (2)

Generic (2)

Dialer-RAS.db.gen

Exploit-MIME.gen.c

HTML document (1)

ICQ Messaging (1)

ICQ-Info

Internet Relay Chat (1)

Joke (72)

Joke-SlipperyMouse

Joke-MovingMouse

Joke-MouseShoot

Joke-MessageMate

Joke-StressRelief

Joke-FakeReboot

Joke-ComputerShock

Joke-BrokenDisk

Joke-IconScroll

Joke-Flash-Itest

Joke-Flash-Ghost

Joke-FakeFormat.h

Joke-FakeFormat.f

Joke-FakeFormat.a

Joke-BlueSprite

Joke-Autodestruct

Keylogger (5)

Malware Tool (21)

PWCrack-Decoder

PWCrack-Diamond

PWCrack-HTTPBrute

PWCrack-SQLBrute

PWCrack-ZIPBrute

PWCrack-PWLCrack

PWCrack-L0phtCrack

PWCrack-CuteFTP

Password (4)

PWCrack-Leecher

PWDump

PWCrack-PWLView

Plugin component (2)

Firehole.plugin

CyberSensor.plugin.plugin

Self-extracting archive (1)

InstallRite.sfx

Server (2)

ControlTotal.svr

Source code (1)

Spam (1)

Spyware (3)

KeyLog-KeyRecord

Tool (30)

Reboot-X

Tool-DLLInjector

Tool-Sub7Stealer

Tool-Linklooker

Tool-AntiMacgyver

Linux/Tool-Elfwrsec

Tool-PsybncScan

Tool-HDProtectCrack

Vulnerability (1)

Win31 (3)

Kim

HideApp

Win32 (65)

FindPass

Aldscan

Restsec

PortScan-SuperScan

TSADBOT

WinSniff

RMRemove

UsrPatch

Blackbox

NetSVC

Parallaxis.Spider

MpAdvert

NetShare

Hhproxy

RemoteXS

Htthost

FTPback

Firehole

Yalta

Viewer-Orifice2K

Aardcook

Jolt

Exitwinc

QWHack

IMIServer.download

ERunAsX

RemAdm-RemoteAdmin

Outbound

Generic HTool.a

SmmSniff

Restrict

RemAdm-RemoteAnythng

CyberSensor.spy

Trojan (128)

(2)

FormatA

- (1)

Adshow

Application extension (4)

BackDoor-AXJ.dll

Spy-Hiddukel.dll

BackDoor-AGB.dll

Client (1)

BackDoor-RP.cli

Configurator (2)

BackDoor-RP.cfg

MultiDropper-GK.cfg

Demonstration (1)

Exploit-BMP.demo

Dialer (1)

QDial22

Downloader (2)

Downloader-DH.b

Proxy-Mitglieder

Downloader Generic (1)

Proxy-FBSR.gen.dldr

Dropper (10)

VBS/Inor

BackDoor-ACH.dr

BackDoor-Sub7.dr

MultiDropper-KM

Exploit (3)

Exploit-ByteVerify

Exploit-MS04-011

Exploit-BMP.dldr

Flooder (1)

Generic (4)

JS/Seeker.gen.m

Exploit-Lsass.g.gen

Spy-Tofger.gen.a

Internet Relay Chat (2)

Java Applet (1)

JavaScript (1)

JS/Loop

Macro (1)

Password (6)

Password Stealer (2)

Proxy (1)

Remote Access (60)

Script (4)

New CardStealer

IRC/Flood.bat.f

BackDoor-BQ.bat

Server (3)

BackDoor-WF.svr

BackDoor-RP.svr

BackDoor-KT.svr

Settings Change (1)

VbScript (1)

Win32 (11)

Spy-Idwi

Generic Downloader.c

Worm (1)

Virus (121)

(14)

Mirea

Mad.1680

Mad.2311

Disillusion.1108

Application extension Worm (2)

W32/MoFei.worm.dll

W32/Tumbi.worm.dll

Damaged (5)

Mad.dam

W32/Lovgate.dam

Dropper (6)

Keypress.1232a.dr

Keypress.1232d.dr

Univ.topsy.dropped

E-mail (2)

W32/Dumaru.ad@MM

E-mail worm (4)

W32/Lovgate.f@M

W32/Generic.a@MM

W32/Dumaru.y@MM

W32/Lovgate.ab@MM

Email (22)

W32/Dumaru.aa@MM

W32/Dumaru.z@MM

W32/Lovgate.b@M

W32/Lovgate.g@M

W32/Lovgate.m@M

W32/Lovgate.n@M

W32/Dumaru.af@MM

W32/Dumaru.ab@MM

W32/Dumaru.ag@MM

W32/Dumaru.ae@MM

W32/Dumaru.ah@MM

W32/Lovgate.q@MM

W32/Lovgate.p@MM

W32/Lovgate.v@M

W32/Lovgate.t@MM

W32/Lovgate.u@MM

W32/Lovgate.w@M

W32/Lovgate.aa@MM

W32/Dumaru.al@MM

W32/Dumaru.ak@MM

W32/Dumaru.aj@MM

W32/Dumaru.ai@MM

Email Generic (1)

W32/Plage.gen@M

File Infector (3)

Tony

DM.310

Generic (2)

Exploit-DcomRpc.g.gen

Generic Worm (4)

W32/Gaobot.worm.gen.d

W32/Spybot.worm.gen.k

W32/Wozer.worm.gen

W32/Korgo.worm.gen

Heuristic (1)

Internet Worm (3)

W32/Sddrop.worm

W32/Spybot.worm.lz

Macro (1)

mIRC Worm (1)

W32/Protoride.worm

Open Share Worm (1)

W32/Dedler.worm.gen

Overwriting (1)

Parasitic (4)

W32/HLLP.Philis.d

W32/HLLP.Philis.c

W32/HLLP.Philis.b

W32/HLLP.Philis.a

Script (2)

VBS/Mita

Universal (3)

Univ/a

Univ/g

Univ/j

VbScript (1)

VBScript worm (1)

Win32 (10)

Worm (27)

W32/Gaobot.worm

W32/Lovgate.l@M

W32/Lovgate.a@M

W32/Lovgate.c@M

W32/Spybot.worm.aax

W32/Spybot.worm.qu

W32/Spybot.worm.ob

W32/Spybot.worm.hf

W32/Generic.worm.b

W32/Lovgate.s@MM

W32/Lovgate.x@MM

W32/Spybot.worm.ago

W32/Spybot.worm.aaq

W32/Spybot.worm.vc

W32/Spybot.worm.si

W32/Spybot.worm.qt

W32/Spybot.worm.pp

W32/Spybot.worm.md

W32/Spybot.worm.lx

W32/Spybot.worm.dn

W32/Korgo.worm.d

W32/Korgo.worm.c

W32/Korgo.worm.b

W32/Korgo.worm.a

W32/Pinom.worm!backdoor