Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4273
DAT Release Date 06/25/2003
Threats Detected 75257
New Detections 219
Enhanced Detections 94

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
W32/Sobig.e@MM Medium Medium
Sniff-Systrim Low-Profiled Low-Profiled
Downloader-BN.b Low-Profiled Low-Profiled

New Detections:

Internet Worm (3)
  Open Share Worm (1)
    W32/Slanper.worm
  P2P Worm (2)
    W32/Aplch.worm
    W32/Specx.worm
Program (21)
   (1)
    StealthProxy
  Adware (2)
    Adware-TVMedia
    Adware-TVelocity
  Dialer (1)
    Dialer-RAS.aq
  Downloader (1)
    Downloader-CX
  ICQ Messaging (1)
    ICQ-UIN-IP
  Malware Tool (9)
    VTool/kom
    VTool/gcp2
    VTool/fes
    VTool/cre3
    VTool/pme
    VTool/isp3
    VTool/fff
    VTool/cre4
    VTool/bum
  Script (1)
    Tool/bat
  Win32 (5)
    UpYours
    Nauka
    VecnaGold
    InsertDLL
    HiddenRun
Trojan (89)
   (5)
    Beccato
    Blah
    Cypress
    ASP/Cofus
    Miff
  - (3)
    Linux/Typot
    ProcKill-AJ
    AdClicker-O
  Application extension (5)
    BackDoor-AQI.dll
    Tureb.dll
    PWS-Jiang.dll
    BackDoor-AWG.dll
    BackDoor-AVY.dll
  Client (2)
    BackDoor-AWG.cli
    BackDoor-AWA.cli
  Configurator (2)
    BackDoor-AVT.cfg
    BackDoor-AWG.cfg
  Downloader (3)
    Downloader-BN.b
    JS/Downloader-CY
    Downloader-CW
  Dropper (10)
    MultiDropper-GL
    Generic BackDoor.dr
    Miff.dr
    BackDoor-AVZ.dr
    MultiDropper-GM
    AVClean.dr
    BackDoor-AWD.dr
    IRC/Flood.co.dr
    IRC/Flood.cm.dr
    AnalogX-Proxy.dr
  Exploit (1)
    KillSAP
  File deleting (5)
    QDel394
    QDel397
    QDel396
    QDel395
    QDel393
  File Deletion (3)
    W32/Mooder
    Maran
    QDel390
  Flooder (3)
    FDoS-Doraah
    FDoS-XFlood
    FDoS-Silent
  Generic (1)
    PWS-Kcom.gen
  Internet Relay Chat (1)
    IRC/Flood.bu.hidewin
  Keylogger (1)
    Keylog-NKeys
  Malware Tool (1)
    Kit-Nevec
  mIRC client (1)
    IRC/Flood.bu.mirc
  Password (2)
    Sniff-Systrim
    PWS-Sincom
  Password Stealer (4)
    PWS-Xuxa
    PWS-Huo
    PWS-Gestron
    PWS-HotAim
  Remote Access (14)
    BackDoor-AVT
    BackDoor-AVY
    BackDoor-AVW
    BackDoor-AWE
    BackDoor-AWD
    BackDoor-AWB
    BackDoor-AVV
    BackDoor-AVS
    Linux/BackDoor-DKit
    BackDoor-AWF
    BackDoor-AWC
    BackDoor-AWA.srv
    BackDoor-AVZ
    BackDoor-AVU
  Script (6)
    VBS/Nevec
    VBS/Piky
    Bat/hks
    Bat/fib
    IRC/Flood.bat.c
    IRC/Flood.bat.d
  Server (2)
    BackDoor-ATR.svr
    BackDoor-AWG.svr
  StartPage (2)
    StartPage-L
    StartPage-M
  Trojan (4)
    Salvia
    QDel391
    Belnow
    QDel392
  Win32 (8)
    IRC/Flood.cm
    Tureb
    Jumpkey
    Belnow.b
    Barjac
    Adietr
    APStrojan.tu
    Belnow.a
Virus (106)
   (11)
    ARCV.Anna.748
    TNSE.461
    Obj.150
    Guben.1097
    HLLT.8209b
    VICE01b
    Grog SAV
    Sunk.748
    Invert.dd
    ABAP/Delins
    BootDr247
  Application extension (1)
    W32/Sality.dll
  Companion (1)
    HLL.cmp.8209b
  Damaged (9)
    YD.1049.dam
    YD.1049.dam.e
    YD.1049.dam.c
    Jerusalem.dam
    YD.1049.dam.d
    YD.1049.dam.b
    YD.1049.dam.a
    HLLT.7504b.dam
    W32/Pate.dam
  Dropper (5)
    Univ/h.dr
    Lockjaw.dr
    HLL.8209b.dr
    ARCV.Anna.748.dr
    HLLT.7504c.dr
  Dropper Worm (1)
    W32/Fibot.worm.dr
  Email (7)
    VBS/Artized@MM
    W32/Nool@MM
    W32/Lovgate.n@M
    W32/Fourseman.o@MM
    W32/Fourseman.l@MM
    W32/Ardurk.i@MM
    W32/Ardurk.j@MM
  Email Generic (2)
    JS/Fortnight.gen@M
    W32/Kickin.gen@MM
  Floppy Worm (1)
    W32/Anirak.worm
  Generic (1)
    W32/Tabeci.gen
  Generic Worm (1)
    W32/Spybot.worm.gr
  Heuristic (1)
    VBS/Aznew
  Internet Worm (6)
    W32/Nofear.b@MM
    W32/Gant.d@MM
    W32/Sobig.e@MM
    W32/Randbot.worm
    W32/Nofear.c@MM
    W32/Israz.worm
  Macro (4)
    W97M/Macreg
    W97M/Bihand
    A97M/Astigma
    W97M/Lexail
  Script (8)
    VBS/Ethstress
    VBS/Byebud
    Bat/phe
    Bat/lsb
    Bat/kir
    Bat/flo
    Bat/but.1589
    W32/Nool.vbs
  Script Worm (1)
    W32/Fibot.worm.bat
  Win32 (5)
    W32/Sality.a
    W32/Sality.c
    W32/Sality.b
    W32/Maya.4608
    W32/Lamfest
  Worm (41)
    W32/Spybot.worm.gz
    W32/Spybot.worm.hf
    W32/Spybot.worm.gk
    W32/Opaserv.worm.aa
    W32/Spybot.worm.hj
    W32/Spybot.worm.gy
    W32/Spybot.worm.hi
    W32/Spybot.worm.hh
    W32/Spybot.worm.he
    W32/Spybot.worm.hd
    W32/Spybot.worm.hc
    W32/Spybot.worm.hb
    W32/Spybot.worm.ha
    W32/Spybot.worm.gx
    W32/Spybot.worm.gw
    W32/Spybot.worm.gv
    W32/Spybot.worm.gu
    W32/Spybot.worm.gt
    W32/Spybot.worm.gs
    W32/Spybot.worm.gq
    W32/Spybot.worm.gp
    W32/Spybot.worm.go
    W32/Spybot.worm.gn
    W32/Spybot.worm.gm
    W32/Spybot.worm.gl
    W32/Vecex.worm
    W32/HLLP.Vampore.worm.b
    W32/HLLP.Vampore.worm.a
    W32/Randex.worm.c
    W32/Opaserv.worm.ab
    W32/Opaserv.worm.z
    W32/Opaserv.worm.y
    W32/Opaserv.worm.x
    W32/Merda.worm
    W32/Lolit.worm
    W32/Lamirc.worm.b
    W32/Lamirc.worm.a
    W32/Fibot.worm
    W32/Carpet.worm.b
    W32/Browney.c.worm
    W32/Carpet.worm.a

Enhanced Detections:

Program (4)
   (1)
    Simulated Virus
  Malware Tool (2)
    VTool/isp
    VTool/gcp
  Win32 (1)
    RemoteFileExp
Trojan (44)
   (1)
    ASP/Raph
  Application extension (8)
    KeyLog-God.dll
    QQSpy.dll
    BackDoor-GQ.dll
    Keylog-Hasig.dll
    Keylog-Cyanure.dll
    BackDoor-HQ.dll
    BackDoor-CG.dll
    Zlored.dll
  Com file (1)
    IRC/X-Text.com
  Configurator (1)
    PWS-AIMFake.cfg
  Downloader (7)
    Downloader-BW
    Downloader-BN
    IRC/Flood.s.dldr
    IRC/Flood.s.ldr
    Downloader-BC
    Downloader-X.ldr
    Downloader-X
  Dropper (2)
    Downloader-BN.dr
    IRC/Flood.s.dr
  Exploit (1)
    UNIX/Exploit-Typo
  Flooder (1)
    FDoS-ICQBomb.b
  Malware Tool (3)
    VBS/Acid.kit
    Kit-DllLoad
    VBS/Wshv.Kit
  Password Stealer (1)
    PWS-AIMFake
  ProcKill (1)
    ProcKill-U
  Remote Access (9)
    BackDoor-ANI
    BackDoor-ATD
    BackDoor-AUG
    BackDoor-AUR
    BackDoor-WM
    BackDoor-AM
    BackDoor-AHT
    BackDoor-TO
    BackDoor-BD
  Script (5)
    JS/DDoS-Yams
    PWS-Watsn.bat
    Bat/pas
    VBS/Zambo
    BackDoor-WM.bat
  Server (1)
    BackDoor-AOP.svr
  Win32 (2)
    BackDoor-AB
    Nuclearprank
Virus (46)
   (7)
    Intruder
    VCL.Dome
    Dreg
    TNSE.450
    Aza
    Bero
    Vesna
  Application extension (1)
    New Win32.dll
  Companion (1)
    HLL.cmp.8209
  Configuration settings (1)
    Yozis.ini
  Damaged (1)
    Oracle.997.dam
  Dropper (2)
    Worker.dr
    Datalock.dr
  Dropper Parasitic (1)
    Leo.333.cav.dr
  E-mail (1)
    W32/Danvee@MM
  Email (2)
    JS/TheFly.a@MM
    JS/TheFly.b@MM
  File Infector (1)
    Mayak
  Heuristic (1)
    New Win32.tls
  Intended (1)
    W32/Tabeci.intd
  Internet Relay Chat (3)
    IRC/CoolNote
    IRC/TooLame
    IRC/Baby
  Macro (1)
    W97M/Debilbyte.b
  Overwriting (1)
    UNIX/Dumb.ow
  P2P Worm (1)
    W32/Browney.a.worm
  Parasitic (1)
    Leo.333.cav
  Script (9)
    W32/PetTick.vbs
    W32/PetTick.bat
    VBS/Daydream
    Bat/fl
    Bat/zz3
    VBS/Loveletter.cy
    Yozis.vbs
    VBS/WCover.a
    VBS/Bee.a
  Unix (1)
    UNIX/Attack
  Win32 (3)
    W32/Pate.c
    W32/Pate.a
    W32/PetTick
  Worm (6)
    W32/Pate.b
    W32/Eissa.worm.a
    W32/GenericP2P.worm
    W32/Randex.worm.a
    W32/Randex.worm.b
    W32/Browney.b.worm