Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4288
DAT Release Date 08/20/2003
Threats Detected 78792
New Detections 244
Enhanced Detections 270

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (4)
   (1)
    IMIServ
  Keylogger (1)
    Keylog-ABSpy
  Win32 (2)
    DTReg
    CyberSensor
Trojan (77)
   (4)
    Shark.b
    B2C.Delwin2
    B2C/Delgo
    B2C.Delwin
  Application extension (3)
    PWS-Wincap.dll
    PWS-Train.dll
    BackDoor-AYC.dll
  Configurator (1)
    MultiDropper-HB.cfg
  Dialer (1)
    PornDial-180
  Disk erasing (3)
    QZap331
    B2C/QZap3
    QZap332
  Downloader (4)
    Downloader-DQ
    Sniff-Systrim.ldr
    Downloader-DR
    Downloader-DP
  Dropper (9)
    PWS-Wincap.dr
    Trioj.dr
    Adware-Wink.dr
    MultiDropper-HB
    PWS-Train.dr
    Downloader-DQ.dr
    Downloader-DP.dr
    Downloader-DM.dr
    BackDoor-AYC.dr
  Dropper Worm (1)
    W32/MoFei.worm.dr
  Exploit (2)
    Exploit-ElmKo
    Exploit-Shellcode
  File deleting (1)
    QDel341
  Flooder (4)
    FDoS-KingB
    FDoS-Bustah
    FDoS-Ranon
    FDoS-CrazyP
  Generic (2)
    PWS-AIMFake.gen
    Sniff-Systrim.gen
  Internet Relay Chat (2)
    IRC-Nust
    IRC-Plunik
  Malware Tool (1)
    Kit-Belash
  Password (2)
    PWS-LDPinch
    PWS-Wincap
  Password Stealer (2)
    PWS-Train
    PWS-ICQDecrypt
  Remote Access (6)
    Woodcot
    BackDoor-AYF
    BackDoor-AYE
    BackDoor-AYC
    BackDoor-AYB
    BackDoor-AYD
  Script (20)
    Univ.bat/99a
    Univ.bat/99
    Univ.bat/98
    Bat/esec
    VBS/Ripme
    VBS/Regflood
    VBS/Pokef
    Bat/qz45
    Bat/qd107
    Bat/qd106
    Bat/qd105
    Bat/qd104
    Bat/qd103
    Bat/qd102
    Bat/flash
    Bat/dt47
    Bat/dt45
    Bat/dt44
    Bat/coll
    Bat/ang
  Win32 (9)
    Trioj
    Xbomber.b
    Spy-Syslog
    Sniff-Systrim.a
    Dir-6
    Berok
    Xbomber.a
    RedKitty
    Dir-3
Virus (163)
   (23)
    Jerusalem.1558
    Jerusalem.1805
    Jerusalem.1297
    Jeru.Sunday.1636c
    Jeru.1552
    Jeru.2080
    Jeru.1808k
    Jeru.1808j
    Jeru.1808i
    Jeru.1808g
    Jeru.1808e
    GrnCat.1575.r
    Raubkopie.xx
    Quest.485
    Dot-Eater.944.f
    Keypress.xx
    Jeru.1808h
    Jeru.1808f
    Jeru.cho
    ShiftObj.760c
    Dot-Eater.944.e
    MCGY.2824c
    HLL.sub.4943b
  Companion (3)
    HLL.cmp.Gimta
    W32/Bobep.cmp.b
    W32/Bobep.cmp.a
  Companion Dropper (1)
    VCL.cmp.drx
  Companion Dropper multiparti (1)
    Gold Bug.mp.cmp.drx
  Companion Generic (1)
    W32/Lash.cmp.gen
  Damaged (6)
    Zherkov.a.dam
    Npox.567.dam
    Univ/r.dam
    Mantis.dam
    W32/Lovsan.dam
    W97M/Bablas.dam
  Damaged Parasitic (1)
    Skid.cav.dam
  Dropper (60)
    Another World.drx
    VICE.4000.dr
    Revelation.dr
    Halloechen.dr
    Xany.drx
    Vienna.drx
    VICE.drx
    V2PX.drx
    Univ/p.drx
    Univ/g.drx
    Univ/f.drx
    Tiny.dr
    Vbasic.5120.dr
    Durak.1559.dr
    Univ/r.drx
    Univ/j.drx
    Univ/c.drx
    Univ/a.drx
    Tremor.drx
    Satanbug.drx
    Prague.drx
    Phalcon.drx
    OC/f.drx
    Nostar.3584.drx
    Leprosy.drx
    Diametric.drx
    Casino.2330.drx
    Beer.drx
    Armagedon.drx
    Univ/d.drx
    Univ/b.drx
    Tardy.drx
    Raubkopie.drx
    Predator.drx
    Offspring.drx
    NRLG.b.drx
    Murphy.drx
    MPC.drx
    Mirrorop.drx
    MBR-EXE.drx
    Lesson.drx
    Lemming.drx
    Leech.drx
    Jeru.drx
    Irate.drx
    Iceland.drx
    GrnCat.1575.drx
    Ginger.Rainbow.drx
    Gift.drx
    Duwende.drx
    Dutch Tiny.drx
    Dir-II.drx
    Crusher.drx
    Coke.drx
    Carriers.drx
    Astra.drx
    Anti-Pascal.drx
    W32/Opdoc.c.dr
    W32/Opdoc.b.dr
    W32/Opdoc.a.dr
  Dropper multipartite (2)
    Playgame.mp.drx
    Matthew.mp.dr
  Dropper Overwriting (2)
    Univ.ow/a.drx
    Univ.ow/d.drx
  Dropper Parasitic (3)
    Pure.cav.drx
    Grog.cav.drx
    Cluster.cav.drx
  Email (5)
    W32/Nimda.s@MM
    W32/Sowsat.f@MM
    W32/Scrambler.k@MM
    W32/Menthol.b@MM
    W32/Menthol.a@MM
  Generic Worm (1)
    W32/Lovsan.worm.gen
  Internet Relay Chat (1)
    IRC/Muzik.e
  Internet Worm (1)
    W32/Cycle.worm.a
  Macro (1)
    X97M/Toot
  Overwriting (1)
    HLL.ow.7852
  Script (9)
    Univ.bat/a
    VBS/Tantea
    Bat/Pilth
    VBS/Mantan
    Bat/Ioana
    VBS/Chiva
    VBS/Bentex
    Bat/tra
    W32/Pywon.vbs
  Win32 (14)
    W32/Pywon
    W32/Opdoc.c
    W32/Opdoc.b
    W32/Opdoc.a
    W32/Kriz.3689
    W32/Franriv
    W32/Fomur
    W32/Dion.1060
    W32/Dion.1087
    W32/Dion.1097
    W32/Awfull.3318
    W32/Awfull.3254
    W32/Awfull.2376
    W32/Awfull.3571
  Win9x (11)
    W95/Yildiz.392
    W95/Yildiz.383
    W95/Yildiz.371
    W95/Quza.3370
    W95/Quza.3361b
    W95/Quza.3361a
    W95/Quza.2344
    W95/Quza.1751
    W95/Quza.1386
    W95/Leviathan.2973
    W95/Leviathan.2961
  Worm (16)
    W32/Spybot.worm.mc
    W32/Spybot.worm.ma
    W32/Spybot.worm.mf
    W32/Tzet.worm.c
    W32/Spybot.worm.mg
    W32/Spybot.worm.me
    W32/Spybot.worm.mb
    W32/Spybot.worm.lw
    W32/Spybot.worm.ly
    W32/Spybot.worm.lv
    W32/Renol.worm.a
    W32/Razac.worm
    W32/Poetas.worm
    W32/Perdex.worm
    W32/Darby.b.worm
    W32/Darby.a.worm

Enhanced Detections:

Internet Worm (1)
  E-mail worm (1)
    W32/Wukill.worm
Program (56)
  - (4)
    Dsnif
    JV/Port25
    FTapp
    Dlder
  Adware (3)
    DSSAgent
    Downloader-BT
    Adware-ISTbar
  Application extension (1)
    KeyLog-Dks.dll
  Dialer (1)
    DialServer
  Downloader (2)
    IdentDaemon.ldr
    Downloader-BA
  Dropper (2)
    ILookup.dr
    Kim.dr
  Exploit (1)
    Exploit-Agressor
  HTML document (1)
    IMIServ.html
  ICQ Messaging (1)
    ICQ-UIN-IP
  Java Applet (4)
    JV/ExecTest
    JV/Rm
    JV/LoadLibrary
    JV/DeleteFile
  Keylogger (12)
    Keylog-2Spy
    Keylog-KeyMon
    Keylog-Payklog
    KeyLog-Phantom
    Keylog-M4log
    KeyLog-MSKS
    KeyLog-KeyGhost
    KeyLog-FPSpy
    KeyLog-Akuan
    Keylog-MSGate
    Keylog-Z0mbie
    Keylog-DGS
  Malware Tool (2)
    Kit-EXE2VBS
    Demo-VirSim.kit
  Password (2)
    Crack-SmartDraw
    JohnTheRipper
  Plugin component (1)
    CyberSensor.plugin
  Process (1)
    Keylog-Rogal
  Script (1)
    KeyLog-Phantom.bat
  Self-extracting archive (1)
    InstallRite.sfx
  Settings Change (1)
    Delshare
  Tool (1)
    Linux/Tool-Elfwrsec
  Win31 (2)
    Kim
    IdleToolz
  Win32 (12)
    Lophtcrack
    IPSpoof
    KCom-HTTPServ
    IntraSpy
    DFTP-Server
    MpAdvert
    MSN-Tnhbot
    LopAdvert
    NC99
    Jolt
    Katlogger
    Exitwinc
Trojan (27)
   (2)
    Snooby
    Killcmos.h
  - (1)
    JV/AntiURL
  Application extension (2)
    BackDoor-YQ.dll
    Keylog-Fearless.dll
  Downloader (2)
    Downloader-DN
    Downloader-DA
  Dropper (5)
    PWS-Sincom.dr
    AdClicker-M.dr
    FTapp.dr
    SennaSpy2001.dr
    IRC/Flood.cd.dr
  ICQ Messaging (1)
    ICQ-PortSniff
  Malware Tool (1)
    Spam-SMS.Bomb
  mIRC client (1)
    IRC/Flood.cd.mirc
  multipartite (1)
    Disable.mp.share
  Remote Access (1)
    BackDoor-ATR.srv
  Script (6)
    VBS/Rots
    Bat/dt99
    VBS/Nevec.b
    VBS/Nevec.a
    VBS/Nevec
    VBS/Mandoes
  Settings Change (1)
    KillCMOS
  Win32 (3)
    QDir3
    AdClicker-M
    Sniff-Systrim.b
Virus (186)
   (17)
    HLL.sub.4943
    BootDr101
    KOV.1712
    Crucifixion.2916
    MCGY.2803.e
    GrnCat.1989
    XRCE.145
    KOV.1722
    KOV.1592
    KOV.1712dr
    Evol.2834
    BootDr19
    Triyanto
    KOV.1722dr
    KOV.1592dr
    East.1600
    Orcam.2170
  Boot (1)
    Qwerty
  Companion (3)
    HLL.cmp.8001
    HLL.cmp.7421
    Insufficient.cmp
  Companion Dropper (6)
    VCL.cmp.dr
    Clonewar.cmp.dr
    Lockjaw.cmp.dr
    Baby.cmp.b.dr
    Insufficient.cmp.dr
    Mariano.cmp.dr
  Configuration settings (1)
    Bat/zzq.ini
  Damaged (1)
    W9xcc.dam
  Dropper (101)
    GCAE.dr
    Dir-II.dr
    Anti-Pascal.dr
    Univ/p.dr
    Leech.dr
    Iceland.dr
    VICE.dr
    Satanbug.dr
    Murphy.dr
    Xany.dr
    Raubkopie.dr
    Armagedon.dr
    Dutch Tiny.dr
    Tardy.dr
    V2PX.dr
    W32/Dion.dr
    Nostar.3584.dr
    Crusher.dr
    Leprosy.dr
    Prague.dr
    Gift.dr
    Coke.dr
    W95/Quza.dr
    Lesson.dr
    Irate.dr
    Another World.dr
    Rag-Doll.dr
    MBR-EXE.dr
    Beer.dr
    PHB.dr
    BitAddict.dr
    Baphos.dr
    Bat/zzq.dr
    Gotcha.dr
    OC/f.dr
    Black-Jec.dr
    Offspring.dr
    Mirrorop.dr
    Astra.dr
    Phalcon.dr
    VCCa.dr
    Trakia.dr
    Stealthboot.dr
    Riot.MMIR.dr
    Pollute.dr
    OC/u.dr
    MG3.dr
    Empire Monkey.dr
    Attitude.dr
    Psychosis.dr
    Proto-T.dr
    MPS-OPC.dr
    VComm.dr
    PrS.dr
    Pixel.h.dr
    Ninja.dr
    Lowercase.864.dr
    Krad.dr
    Dead.dr
    Asm.dr
    Amazon.dr
    Riot.Multiplex.dr
    Tremor.dr
    Lemming.dr
    Carriers.dr
    YD.2881.dr
    VRN.dr
    Vienna.367.dr
    Tron.dr
    Sterculius.dr
    ShiftObj.dr
    Shake.dr
    Pixel.k.dr
    Pixel.g.dr
    Pixel.a.dr
    Loz.2000.dr
    Lapis.dr
    Katie's.dr
    Joan.dr
    Guppy.dr
    Gergana.dr
    Eddy.dr
    DNA.dr
    Dementia.dr
    Carpe Diem.dr
    Brain.dr
    Alicino.dr
    Pony.dr
    Ping-Pong.dr
    OC/x.dr
    Miny.256.dr
    Medical.dr
    Leapfrog.dr
    Kilroy.dr
    Joan.dd.dr
    IT.dr
    Exebug.dr
    CPXK.1000.dr
    ARCV.Scroll.800.dr
    AlphaStrike.2000.dr
    Bat/zzq.drp
  Dropper Generic (1)
    Winstart.gen.dr
  Dropper multipartite (15)
    Ginger.Rainbow.mp.dr
    Ontario.mp.dr
    Max.mp.dr
    Ginger.Orsam.mp.dr
    Ginger.mp.dr
    Andropinis.mp.dr
    TPVO.mp.dr
    Smile.mp.dr
    MMIR.mp.dr
    Kiuca.mp.dr
    QMU.mp.dr
    Narcosis.mp.dr
    MCE.mp.dr
    Anthrax.mp.1024.dr
    Digress.mp.dr
  Dropper Overwriting (3)
    Univ.ow/c.dr
    Shhs.ow.dr
    Archinf.ow.dr
  Dropper Parasitic (5)
    Cluster.cav.dr
    Pure.cav.dr
    Skid.cav.dr
    Funked.cav.dr
    Buger.cav.dr
  Email (1)
    W32/Dumaru@MM
  File Infector (2)
    Revelation
    Shark
  Generic (2)
    W95/Quza.gen
    VBS/Yello.gen
  Generic multipartite (1)
    Tchechen.mp.gen
  Generic Worm (1)
    W32/Shower.worm!p2p.gen
  Internet Relay Chat (4)
    IRC/Muzik.c
    IRC/Muzik.a
    IRC/Muzik.b
    IRC/Muzik.d
  Macro (2)
    W97M/Adenu
    W97M/DMV
  Malware Tool (1)
    IVP.kit
  Multi-Partite (1)
    Delwin.mp.1759
  multipartite (3)
    Kiuca.mp
    Demiurg.mp.3061
    Dogcher.mp
  VbScript (3)
    VBS/Alphae
    VBS/Cocau
    VBS/VBSWG.gen@MM
  Win9x (9)
    W95/Leviathan.3137
    W95/Leviathan.3205dam
    W95/Leviathan.3040
    W95/Leviathan.3205
    W95/Leviathan.3244
    W95/Leviathan.3236b
    W95/Leviathan.3432
    W95/Leviathan.3240
    W95/Leviathan.3236a
  Worm (2)
    Bat/Primad.worm
    HLLW.Shizomur