McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4368
DAT Release Date	06/23/2004
Threats Detected	92380
New Detections	107
Enhanced Detections	312

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (10)

Dialer (1)

Downloader (1)

Adware-Websearch.dldr

Generic (1)

Dialer-RAS.dg.gen

Proxy (1)

StartPage (1)

StartPage-MSearch

Tool (3)

Tool-DeepFreeze

Win32 (2)

Trojan (63)

(2)

Veto

RemoteAdmin!cfg

Application extension (2)

Proxy-Redirector.dll

Configurator (1)

BackDoor-CFX.cfg

Demonstration (2)

JS/Exploit-DialogArg.b.demo

JS/Exploit-DialogArg.a.demo

Downloader (8)

VBS/BackDoor-BCB.dldr

Generic (8)

JS/Exploit-DialogArg.gen

Proxy-Cidra.gen.b

Keylog-Stawin.gen.b

PWS-LDPinch.gen

Internet Relay Chat (1)

Keylogger (5)

Keylog-Personal

Malware Tool (1)

PWS-QQPass.c.kit

Password Stealer (1)

Proxy (1)

Remote Access (9)

Script (1)

StartPage (9)

StartPage-EB!hosts

StartPage-DU!text

Win32 (12)

Winkick

SrvEnum

QUrl-2

Del-455

ProcInfo

Generic Keylogger.b

Kaland

Virus (34)

(3)

SymbOS/Cabir.rsc

Damaged (1)

W32/Bugbear.19196.dam

Dropper (1)

VBS/Dismissed.dr

Email (5)

W32/Bugbear.19196@MM

W32/Bugbear.41788@MM

W32/Alcop.bk@MM

W32/Alcop.bj@MM

W32/Bugbear.69916@MM

Generic Worm (1)

W32/Sdbot.worm.gen.s

Internet Worm (1)

W32/Korgo.worm.r

Parasitic (2)

Peer To Peer (2)

W32/Ourtime!p2p

Win32 (7)

W32/FunLove.3626

W32/Bugbear.17916intd

Worm (11)

W32/Spidere.worm

W32/Randon.worm.ba

W32/Randon.worm.az

W32/Nachi.worm.m

W32/Korgo.worm.u

W32/Korgo.worm.t

W32/Korgo.worm.s

W32/Korgo.worm.p

W32/Setclo.worm

W32/Korgo.worm.q

Enhanced Detections:

Internet Worm (4)

E-mail (1)

W32/Bagle.gen@MM

P2P Worm (1)

W32/Spybot.worm.lk

Win32 (1)

Worm (1)

W32/Polybot.gen!irc

Malware (1)

Win32 (1)

Program (47)

(3)

NDotNet

Suspicious IFrame.b

- (1)

Starr

Adware (4)

Application extension (1)

Spyware-SafeSurf.dll

Dialer (1)

Downloader (1)

Generic (1)

Keylog-Perfect.gen

Malware Tool (1)

Remote Access (1)

Spyware (1)

Spyware-SafeSurf

Tool (30)

HideRun

Win32 (2)

Xwxload

Trojan (136)

(4)

Generic BackDoor.d

Generic Keylogger

- (3)

Application extension (4)

Keylog-Spider.dll

Keylog-Stawin.dll

Configurator (3)

PWS-AIMFake.cfg

Demonstration (2)

JS/Exploit-DialogArg.demo

Exploit-DcomRpc.b.demo

Downloader (4)

HackerDefender.dldr

Dropper (4)

Dropper Generic (1)

IRC-Sdbot.dr.gen

Dropper Script (1)

Exploit (5)

Exploit-MhtRedir.gen

Exploit-DcomRpc.b

JS/Exploit-DialogArg.b

JS/Exploit-DialogArg.a

Generic (8)

Proxy-Cidra.gen

VBS/IEstart.gen.f

Exploit-URLSpoof.gen

IRC/Flood.gen.c

StartPage-AI.gen

PWS-Bancban.gen.c

PWS-LegMir.gen.e

Heuristic (2)

Internet Relay Chat (1)

JavaScript (1)

Keylogger (2)

Parasitic (1)

Password (8)

PWS-WebMoney.gen

PWS-Iyus

Password Stealer (7)

PWS-Mir

PWS-Etry

Proxy (1)

Remote Access (10)

Script (3)

New CardStealer

VBS/ShareEnable

Server (2)

Backdoor-ARR.svr

Settings Change (2)

Spam (1)

Spyware (1)

StartPage (30)

Win32 (25)

Generic Downloader.b

Generic BackDoor.b

Generic BackDoor.f

He4Hook

Generic BackDoor.c

HaScreen

Virus (124)

Application extension (1)

W32/Bugbear.b.dll

Companion (1)

Spartak.cmp.2000

Damaged (3)

W32/Netsky.q.dam

W32/Lovgate.dam

Damaged Worm (4)

W32/Randbot.worm.dam

W32/Spybot.worm.dam

W32/Gaobot.worm.dam

W32/Sdbot.worm.dam

Dropper (2)

W32/Alcop.ao.dr

E-mail (1)

E-mail worm (3)

W32/Lovgate.f@M

W32/Generic.a@MM

W32/Lovgate.ab@MM

Email (52)

W32/Alcop.ak@MM

W32/Alcop.ah@MM

W32/Alcop.af@MM

W32/Alcop.ad@MM

W32/Alcop.ac@MM

W32/Alcop.ab@MM

W32/Alcop.aa@MM

W32/Alcop.am@MM

W32/Alcop.ai@MM

W32/Alcop.ag@MM

W32/Alcop.ae@MM

W32/Alcop.an@MM

W32/Lovgate.b@M

W32/Lovgate.g@M

W32/Alcop.aq@MM

W32/Alcop.ap@MM

W32/Lovgate.m@M

W32/Lovgate.n@M

W32/Alcop.bh@MM

W32/Alcop.bi@MM

W32/Lovgate.q@MM

W32/Lovgate.p@MM

W32/Lovgate.v@M

W32/Lovgate.t@MM

W32/Lovgate.u@MM

W32/Lovgate.w@M

W32/Lovgate.aa@MM

Generic Worm (18)

W32/Sdbot.worm.gen.a

W32/Sluter.worm.gen

W32/Gaobot.worm.gen.g

W32/Gaobot.worm.gen.f

W32/Gaobot.worm.gen.e

W32/Gaobot.worm.gen.l

W32/Sdbot.worm.gen.d

W32/Sdbot.worm.gen.n

W32/Sdbot.worm.gen.j

W32/Sdbot.worm.gen.h

W32/Randbot.worm.gen.a

W32/Sdbot.worm.gen.o

W32/Sdbot.worm.gen.m

W32/Sdbot.worm.gen.k

W32/Sdbot.worm.gen.i

W32/Sdbot.worm.gen.g

W32/Korgo.worm.gen

W32/Gaobot.worm.gen.h

Heuristic (1)

HTML document (1)

Internet Worm (2)

W32/Gaobot.worm.ali

W32/Gaobot.worm.gen.q

Linux (1)

Linux/Debilove.10714

Macro (1)

W97M/Coke.22231.a

Overwriting (1)

Peer To Peer (1)

W32/Generic.c!p2p

Script (1)

VbScript (1)

Win32 (6)

W32/Gobi

Win9x (1)

Worm (22)

W32/Lovgate.l@M

W32/Lovgate.a@M

W32/Lovgate.c@M

W32/Alcop.bg.worm

W32/Generic.worm.b

W32/Lovgate.s@MM

W32/Lovgate.x@MM

W32/Kazaver.worm

W32/Alcop.aw.worm

W32/Alcop.au.worm

W32/Alcop.av.worm

W32/Alcop.at.worm

W32/Alcop.ax.worm

W32/Alcop.az.worm

W32/Alcop.ba.worm

W32/Alcop.bc.worm

W32/Alcop.bb.worm

W32/Alcop.bf.worm

W32/Dedler.worm

W32/Korgo.worm.i

W32/Korgo.worm.k

W32/Korgo.worm.j