Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4276
DAT Release Date 07/09/2003
Threats Detected 76149
New Detections 197
Enhanced Detections 105

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
W32/Mylife.m@MM Low-Profiled Low-Profiled

New Detections:

Program (23)
   (1)
    CC-generator
  Adware (2)
    Adware-Superbar
    Adware-180Solutions
  Application extension (1)
    WebRecorder.dll
  Demonstration (2)
    Demo-AdoRead50x
    Demo-Ordy
  Dialer (1)
    Dialer-RAS.as
  Joke (1)
    ScreenMates joke
  Malware Tool (12)
    HTool/patch
    VTool/jul1
    VTool/dvq
    VTool/asm2
    HTool/lore
    VTool/irm
    VTool/draw
    HTool/crm
    VTool/xmx
    VTool/wpc
    VTool/rych
    VTool/jul2
  Password (1)
    JohnTheRipper
  Win32 (2)
    WebRecorder
    SrvCmd
Trojan (64)
   (5)
    Candyman
    Lifewire
    Cloak'n Dagger
    Bounce
    Benediction
  - (2)
    QDial11
    Crasher
  Client (1)
    BackDoor-AWL.cli
  Configurator (2)
    Proxy-DSocks.cfg
    BackDoor-AWL.cfg
  Dialer (1)
    PornDial-179
  Disk erasing (1)
    QZap327
  Downloader (2)
    Downloader-BW.f
    Downloader-DE
  Dropper (3)
    Bat/qd87.dr
    MultiDropper-GO
    PWS-QQThief.dr
  File deleting (2)
    QDel339
    QDel399
  File Deletion (1)
    Qdel279
  Flooder (4)
    FDoS-Shab
    FDoS-Lanmen
    FDoS-RPCNuke
    FDoS-Auflood
  Generic (7)
    Uploader-B.gen
    BackDoor-AVW.gen
    BackDoor-EZ.gen
    BackDoor-DB.gen
    BackDoor-PC.gen
    BackDoor-EX.gen.b
    BackDoor-EX.gen
  Keylogger (1)
    Keylog-Sunf
  Malware Tool (1)
    Kit-Plik
  Password (1)
    PWS-Bancos
  Password Stealer (1)
    PWS-Mir
  Proxy (1)
    Proxy-DSocks
  Remote Access (8)
    BackDoor-AWM
    BackDoor-AWX
    BackDoor-AWP
    BackDoor-AWO
    BackDoor-AWN
    BackDoor-AWK
    BackDoor-AWG
    BackDoor-DF
  Script (12)
    B2C.Batchman
    VBS/Muertev
    Bat/qz44
    Bat/qz42
    Bat/qd88
    Bat/qd87
    Bat/qd86
    Bat/loop9
    Bat/kef
    Bat/dt40
    VBS/Plik
    Bat/blr
  Server (1)
    BackDoor-AWL.svr
  Settings Change (1)
    Startpage-N
  Tool (1)
    Tool-Chern
  Win31 (1)
    MP3con
  Win32 (4)
    GirlFriend
    OpenCD
    DiskFill-H
    DiskFill-I
Virus (110)
   (11)
    Vlasov
    T&V
    Tox.296
    Tox.203
    Deadbyte
    Tiny.142
    OC/g
    HLLT.7390
    HLL.sub.5296
    BootDr249
    needs more cleaning
  Companion (2)
    W32/NGVCK.8192.cmp
    W32/Agent.cmp
  Dropper (1)
    Tox.296.dr
  Dropper Worm (1)
    IRC/Seiseni.worm.dr
  E-mail (1)
    W32/Mylife.m@MM
  Email (4)
    VBS/Genarn@MM
    W32/Nofear.d@MM
    W32/Ardurk.k@MM
    W32/Xau@MM
  Email Generic (1)
    W32/Mapson.gen@MM
  Intended (2)
    W95/Boza.h.intd
    W95/Boza.i.intd
  Internet Worm (1)
    W32/Graps.worm
  Macro (2)
    X97M/Vovan
    W97M/Hopper
  Overwriting (1)
    HLL.ow.5712
  Parasitic (2)
    HLLP.16400.pas
    W32/HLLP.18431d
  Script (20)
    BAT/Sillybtg
    VBS/Monsun
    PHP/Fcbotev.2730
    VBS/Ddeo
    Bat/dvq.c
    Bat/cw.1800
    Bat/cw.1773c
    Bat/cw.1773b
    Bat/cw.1773a
    Bat/cw.1749c
    Bat/cw.1749b
    Bat/cw.1749a
    Bat/cw.765b
    Bat/cw.765a
    W32/Graps.bat
    Bat/cw.650
    W32/Evan.vbs
    Bat/cw.387
    Bat/cw.298
    Fabi.bat
  Unpacked (1)
    HLLT.7390.unp
  Win32 (3)
    W32/Pesin
    W32/Evan
    W32/Tenrobot.d
  Win9x (4)
    W95/Drol.int
    W95/Drol.a
    W95/Quza.c
    W95/Drol.b
  Worm (53)
    W32/Spybot.worm.iq
    W32/Spybot.worm.hw
    W32/Pesin.worm.gen
    W32/Spybot.worm.ja
    W32/Spybot.worm.ip
    W32/Spybot.worm.il
    W32/Spybot.worm.ij
    W32/Spybot.worm.ih
    W32/Spybot.worm.if
    W32/Spybot.worm.id
    W32/Spybot.worm.ib
    W32/Spybot.worm.hz
    W32/Spybot.worm.hx
    W32/Spybot.worm.hv
    W32/Spybot.worm.ht
    W32/Spybot.worm.hr
    W32/Spybot.worm.hp
    W32/Spybot.worm.iy
    W32/Spybot.worm.iz
    W32/Spybot.worm.iv
    W32/Spybot.worm.ik
    W32/Spybot.worm.iw
    W32/Spybot.worm.ir
    W32/Spybot.worm.io
    W32/Spybot.worm.im
    W32/Spybot.worm.ii
    W32/Spybot.worm.ig
    W32/Spybot.worm.ie
    W32/Spybot.worm.ic
    W32/Spybot.worm.ia
    W32/Spybot.worm.hy
    W32/Spybot.worm.in
    W32/Spybot.worm.hu
    W32/Spybot.worm.hs
    W32/Spybot.worm.hq
    W32/Spybot.worm.ho
    W32/Spybot.worm.hn
    W32/Spybot.worm.hm
    IRC/Seiseni.worm
    HLLW.5120
    W32/Scorvan.worm
    W32/Ronoper.worm.h
    W32/Mumu.worm
    W32/Lore.worm
    W32/EnerKaz.worm.v
    W32/Alcop.aw.worm
    W32/Alcop.au.worm
    W32/Ronoper.worm.o
    W32/Ronoper.worm.g
    W32/Alcop.av.worm
    W32/Alcop.at.worm
    W32/Ronoper.worm.n
    W32/Ronoper.worm.m

Enhanced Detections:

Program (2)
  Joke (1)
    JS/Surprise joke
  Malware Tool (1)
    VTool/asm1
Trojan (39)
   (2)
    PolyXML
    Ansi/Error
  Application extension (1)
    Keylog-Kjie.dll
  Client (1)
    BackDoor-AQQ.cli
  Com file (1)
    VBS/Timofonica.com
  Configurator (2)
    PWS-Zimenok.cfg
    MultiDropper-FD.cfg
  Downloader (1)
    Downloader-BY
  Dropper (3)
    BackDoor-FP.dr
    MultiDropper-FZ
    Multiple.dr
  Exploit (4)
    UNIX/Exploit-Rogue
    PHP/Exploit-IIS
    UNIX/Exploit-WSFTP
    UNIX/Exploit-WebCache
  Internet Relay Chat (2)
    IRC/Sorry
    IRC/Korpie
  Malware Tool (2)
    Nuke-Vai
    Kit-Ardin.e
  Malware Tool Plugin componen (1)
    VBS/Rahc.Kit.plugin
  Password Stealer (1)
    PWS-Zimenok
  Plugin component (1)
    BackDoor-FP.plugin
  Remote Access (8)
    BackDoor-JY
    BackDoor-PN
    BackDoor-JX
    BackDoor-UX
    BackDoor-ASZ
    BackDoor-AWL
    BackDoor-AWJ
    BackDoor-KD
  Script (6)
    VBS/Stuck
    JS/Spam
    SiteX.bat
    VBS/Silverblue
    Bat/kt
    Bat/Fck
  Server (2)
    BackDoor-AWG.svr
    BackDoor-EY.svr
  Win32 (1)
    Systhread
Virus (64)
   (3)
    Scheriff
    Lucy.5505b
    HLL.sub. 5632
  E-mail (11)
    W32/MyLife.a@MM
    W32/MyLife.b@MM
    W32/MyLife.c@MM
    W32/MyLife.f@MM
    W32/MyLife.d@MM
    W32/MyLife.e@MM
    W32/MyLife.h@MM
    W32/MyLife.g@MM
    W32/MyLife.j@MM
    W32/MyLife.i@MM
    W32/MyLife.k@MM
  E-mail worm (1)
    W32/MyLife.l@MM
  Email (10)
    VBS/Wobble@MM
    W32/Ardurk.f@MM
    W32/Ardurk.e@MM
    W32/Ardurk.d@MM
    W32/Ardurk.b@MM
    W32/Ardurk.a@MM
    W32/Ardurk.g@MM
    VBS/Artized@MM
    W32/Ardurk.i@MM
    W32/Ardurk.j@MM
  Email Generic (1)
    W32/MyLife.gen@MM
  Email Script (1)
    VBS/Sigsys.bat@MM
  File Infector (1)
    Violator
  Generic (2)
    Bat/a.GR
    VBS/Pie.gen
  Intended (1)
    VBS/Reality.intd
  Internet Worm (3)
    W32/Nofear.b@MM
    W32/Nofear.a@MM
    W32/Nofear.c@MM
  Java Applet (1)
    JV/Strange Brew
  multipartite (2)
    One-Half.mp.3666
    One-Half.mp.3696
  Overwriting (1)
    Rush Hour.ow
  Script (18)
    VBS/Reality
    VBS/Wshvc
    VBS/Sudallic
    VBS/Sigsys
    VBS/Seven
    VBS/Reality.f
    VBS/Reality.e
    VBS/Reality.d
    VBS/Reality.c
    VBS/Reality.a
    VBS/Happy.g
    VBS/Happy.e
    VBS/Happy.d
    HLL.sub. 5632.bat
    VBS/Happy.h
    VBS/Happy.c
    VBS/Happy.b
    VBS/Happy.a
  Unix (1)
    UNIX/Plugh
  VbScript (2)
    VBS/Happy
    VBS/Happy.f
  Win9x (3)
    W95/Gingseng
    W95/Quza.b
    W95/Quza.a
  Worm (2)
    VBS/SSIWG2.worm
    IRC/Pif.worm