McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4365
DAT Release Date	06/09/2004
Threats Detected	91591
New Detections	118
Enhanced Detections	305

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
W32/Plexus.a@MM	Low-Profiled	Low-Profiled

New Detections:

Program (23)

Adware (2)

Dialer (5)

Generic (1)

Dialer-RAS.dd.gen

Keylogger (1)

KeyLog-Amecisco.sys

Malware Tool (7)

Proxy (1)

Proxy-FatalError

Spyware (1)

Spyware-PWCapture

StartPage (1)

StartPage-VipCrib

Tool (4)

Trojan (48)

(3)

AntiNAV

Application extension (4)

BackDoor-CFI.dll

Keylog-Isapass.dll

AdClicker-AF.dll

BackDoor-CFK.dll

Dialer (1)

QDial23

Downloader (10)

JS/Keylog-Briss.ldr

Dropper (4)

MultiDropper-KR

MultiDropper-KP

BackDoor-CFD.dr

MultiDropper-KQ

Exploit (1)

Exploit-DirTraversal

Flooder (1)

Password Stealer (1)

Remote Access (9)

Script (5)

HTML/Debeski.bat

StartPage (5)

StartPage-DC!hosts

Trojan (1)

Win32 (3)

Rutop

Generic Dropper.c

Virus (46)

(1)

Ktd.359

Application extension (1)

Exploit-Lsass.dll

Companion (2)

W32/Intrust.cmp

Damaged (1)

W32/Sober.g.dam

Dropper (1)

Dropper Generic (1)

StartPage-DM.dr.gen

Dropper Worm (1)

W32/Sdbot.worm.dr

Email (6)

W32/Shutface@MM

W32/Plexus.c@MM

W32/Netsky.af@MM

W32/Bugbear.i@MM

W32/Plexus.d@MM

W32/Plexus.b@MM

Email Generic (2)

W32/Plexus.gen@MM

W32/Pereban.gen@MM

Generic Internet Relay Chat (1)

W32/Dansh.worm.gen!irc

Generic Worm (6)

W32/Svoy.worm.gen

W32/Silva.worm.gen

W32/Sdbot.worm.gen.p

W32/Sdbot.worm.gen.q

W32/Randbot.worm.gen.h

W32/Nullpole.worm.gen

Intended (1)

W97M/Bihand.intd

Internet Worm (2)

W32/Plexus.a@MM

W32/Dansh.worm!irc

Macro (1)

WM/Nowoc

Parasitic (2)

Win32 (5)

W32/Plexus!hosts

W32/Bagle!proxy

Worm (12)

W32/Korgo.worm.i

W32/Yesenio.worm!vbs

W32/Yesenio.worm

W32/Randon.worm.ay

W32/Randon.worm.ax

W32/Korgo.worm.k

W32/Korgo.worm.j

W32/Korgo.worm.o

W32/Korgo.worm.n

W32/Korgo.worm.l

W32/Korgo.worm.m

W32/Korgo.worm.h

Enhanced Detections:

Internet Worm (9)

E-mail worm (6)

W32/Netsky.i@MM

W32/Netsky.b@MM

W32/Netsky.t@MM

W32/Netsky.s@MM

W32/Netsky.c@MM

W32/Netsky.a@MM

P2P Worm (2)

W32/Generic.worm!p2p

Worm (1)

W32/Polybot.gen!irc

Program (31)

(1)

Suspicious IFrame.b

- (2)

RemoteProcessLaunch

Adware (8)

Adware-Websearch

Adware-SearchAid

Adware-Virtumondo

Dialer (1)

Exploit (1)

Keylogger (1)

Keylog-Amecisco

Remote Access (1)

Spyware (1)

Spyware-LoverSpy

Tool (14)

Win32 (1)

Packed mIRC Client

Trojan (89)

(2)

Generic BackDoor.d

Zpass

- (1)

Application extension (4)

Downloader-DA.dll

BackDoor-CDF.dll

Client (2)

Configurator (2)

MultiDropper-EU.cfg

Denial Of Svc (2)

Downloader (9)

Downloader-DA.b

StartPage-BS.dldr

Dropper (10)

Backdoor-AWQ.dr

MultiDropper-IY

IRC/Flood.ba.dr

MultiDropper-EU

BackDoor-AMQ.dr

MultiDropper-KG

Exploit (4)

Exploit-ObjectData

Exploit-MhtRedir.gen

Generic (7)

Exploit-DcomRpc.gen

PWS-Bancban.gen.b

Exploit-URLSpoof.gen

IRC/Flood.gen.b

Keylog-Stawin.gen

BackDoor-BAC.gen

PWS-LegMir.gen.e

Heuristic (2)

Internet Relay Chat (6)

IRC/Flood.ba.hidewin

Keylogger (1)

mIRC client (1)

IRC/Flood.ba.mirc

Password (5)

PWS-Moneykeeper

PWS-Iyus

Proxy (1)

Remote Access (12)

Script (7)

Univ.script/99a

JS/AdClicker-AF

Bat/kbd3

Server (1)

Settings Change (1)

StartPage (1)

Win32 (8)

Generic Downloader.a

Generic BackDoor.b

Generic BackDoor.f

Myxq

Virus (176)

(1)

Vinnitsa

Client Worm (1)

W32/Gool.worm.cli

Configurator Worm (1)

W32/Gool.worm.cfg

Damaged (3)

W32/Netsky.q.dam

W32/Netsky.c.dam

W32/Polybot.dam

Damaged Worm (2)

W32/Spybot.worm.dam

W32/Gaobot.worm.dam

Dropper Worm (1)

W32/Gool.worm.dr

E-mail (10)

W32/Netsky.w@MM

W32/Netsky.u@MM

W32/Netsky.g@MM

W32/Netsky.l@MM

W32/Netsky.k@MM

W32/NetSky.h@MM

W32/Netsky.v@MM

W32/Netsky.y@MM

W32/Netsky.z@MM

W32/Netsky.ab@MM

E-mail worm (10)

W32/Netsky.n@MM

W32/Netsky.j@MM

W32/Netsky.o@MM

W32/Netsky.x@MM

W32/Netsky.e@MM

W32/Netsky.f@MM

W32/Netsky.d@MM

W32/Bagle.aa@MM

W32/Netsky.ac@MM

Email (2)

W32/Netsky.ad@MM

Email Generic (2)

W32/Dumaru.gen@MM

W32/Netsky.gen@MM

Email Worm (1)

W32/Netsky.aa@MM

Generic Worm (22)

W32/Sdbot.worm.gen.b

W32/Keco.worm.gen

W32/Sdbot.worm.gen

W32/Spybot.worm.gen.e

W32/Gaobot.worm.gen.k

W32/Gaobot.worm.gen.g

W32/Gaobot.worm.gen.f

W32/Gaobot.worm.gen.e

W32/Gaobot.worm.gen.l

W32/Spybot.worm.gen.d

W32/Sdbot.worm.gen.n

W32/Sdbot.worm.gen.j

W32/Sdbot.worm.gen.h

W32/Sdbot.worm.gen.o

W32/Sdbot.worm.gen.m

W32/Sdbot.worm.gen.k

W32/Sdbot.worm.gen.i

W32/Sdbot.worm.gen.g

W32/Randbot.worm.gen.d

W32/Randbot.worm.gen.b

W32/Gaobot.worm.gen.r

W32/Gaobot.worm.gen.h

Heuristic (2)

New AOL

Internet Relay Chat Worm (1)

W32/Rosya.worm!irc

Internet Worm (3)

W32/Polybot.l!irc

W32/Gaobot.worm.ali

W32/Gaobot.worm.gen.q

Overwriting (2)

Script (2)

Bat/a

Universal (3)

Univ/d

VbScript (1)

VBS/Zeha

VBScript worm (1)

Win32 (100)

W32/NGVCK.a.7397

W32/NGVCK.a.8809

W32/NGVCK.a.4768

W32/NGVCK.a.2404

W32/NGVCK.a.2280

W32/NGVCK.a.1365

W32/NGVCK.a.2389

W32/NGVCK.a.4907

W32/NGVCK.a.3072a

W32/NGVCK.a.1934

W32/NGVCK.a.3560

W32/NGVCK.a.2522/2537

W32/NGVCK.a.2342

W32/NGVCK.a.2218

W32/NGVCK.a.2754

W32/NGVCK.a.9412

W32/NGVCK.a.1947

W32/NGVCK.a.1416

W32/NGVCK.a.3072b

W32/NGVCK.a.1988

W32/NGVCK.a.2092

W32/NGVCK.a.2651

W32/NGVCK.a.1056

W32/NGVCK.a.2751

W32/NGVCK.a.9632

W32/NGVCK.a.1107

W32/NGVCK.a.1700

W32/NGVCK.a.3146

W32/NGVCK.a.3250

W32/NGVCK.a.1455

W32/NGVCK.a.3427

W32/NGVCK.a.5216

W32/NGVCK.a.1364

W32/NGVCK.a.2522

W32/NGVCK.a.926

W32/NGVCK.a.1352

W32/NGVCK.a.2266

W32/NGVCK.a.919

W32/NGVCK.a.1840

W32/NGVCK.a.968

W32/NGVCK.a.5675

W32/NGVCK.a.2134

Win9x (2)

Worm (3)

W32/Bizex.worm!dldr

W32/Dedler.worm

W32/Korgo.worm.g