Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4305
DAT Release Date 11/19/2003
Threats Detected 82669
New Detections 194
Enhanced Detections 199

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Internet Worm (1)
  - (1)
    W32/Wozer.worm
Program (21)
   (1)
    Tool/W311
  Adware (6)
    Adware-PortalScan
    Adware-SafeSearch
    Adware PortalScan
    Adware-MyWay
    Adware-MSM
    Adware-UCMore
  Downloader (1)
    Downloader-FL
  Generic (2)
    Dialer-RAS.cd.gen
    Dialer-RAS.cc.gen
  Joke (2)
    Uriel.joke
    CasKade Joke
  Malware Tool (8)
    PWCrack-Cracknt
    PWCrack-Brutus
    HTool/Nitari
    Htool/Atomicx
    VTool/ppo
    VTool/lib
    VTool/kad
    HTool/hct
  Win32 (1)
    Antipol
Trojan (48)
   (1)
    Edgecrusher
  Application extension (1)
    Downloader-FK.dll
  Client (1)
    BackDoor-BBX.cli
  Configurator (3)
    MultiDropper-IL.cfg
    Downloader-FI.cfg
    MultiDropper-IK.cfg
  Downloader (4)
    Downloader-DH.b
    Downloader-FK
    Downloader-FJ
    Downloader-DS.b
  Dropper (6)
    MultiDropper-IL
    MultiDropper-IH
    MultiDropper-IJ
    MultiDropper-IK
    BackDoor-BBN.dr
    BackDoor-PC.dr
  Exploit (2)
    Exploit-Sfind
    Linux/Exploit-Messal
  Flooder (1)
    FDoS-Unreal
  Generic (3)
    Downloader-FI.gen
    PWS-Bancos.gen
    BackDoor-WO.gen
  Internet Relay Chat (4)
    IRC/Flood.do
    IRC/Jermy
    IRC-Fyle.b
    IRC/Flood.dn
  Keylogger (2)
    Keylog-Pspy
    Keylog-BHive
  Macro (1)
    W97M/Tabi
  Password Stealer (2)
    PWS-FakeFleet
    PWS-Robber
  Remote Access (3)
    BackDoor-BBW
    BackDoor-BBU
    BackDoor-BBV
  Script (12)
    Bat/sta
    Bat/dt61
    VBS/DDoS-iFrameNet.f
    Bat/rmd
    Bat/qz61
    Bat/pss
    Bat/pol
    Bat/png
    Bat/padec
    Bat/mkd11
    Bat/kaz3
    Bat/fuf
  Server (1)
    BackDoor-BBX.svr
  Win32 (1)
    AdClicker-Z
Virus (124)
   (32)
    Tardy.1108
    Pepe.c.enc
    Chung-Li.2052
    ACGb.aj
    ACGb.ak
    Quest.783
    Patia.2711
    Guppy.371
    Glaurung.1073
    Angel.7371
    Coolun.7992
    Kbwin
    Carnage
    HLL.5120b
    HLLT.8496
    HLLT.7776c
    HLLT.7712b
    HLLT.7712a
    HLLT.7520
    HLLT.7376
    HLLT.5767
    HLLT.MF.4736
    HLL.9792
    HLL.9696
    HLL.9680
    HLL.8752b
    HLL.7968
    HLL.6736
    HLL.5344
    HLL
    HLL.3360
    BootDr273
  Companion (5)
    HLL.cmp.6096b
    HLL.cmp.5264
    HLL.cmp.4720
    Bat/wag.cmp
    W32/Egolet.cmp.d
  Configuration settings (1)
    W32/Reckus.ini
  Dropper (4)
    Intruder.dr
    Pepe.c.dr
    Deadman.193.dr
    W95/Repus.175.dr
  Email (2)
    W32/Scrambler.o@MM
    W32/Scrambler.n@MM
  Email Generic (1)
    W32/Jekt.gen@MM
  Generic (2)
    W32/Randex.gen
    W32/Halen.gen
  Generic Worm (1)
    W32/Sachiel.worm.gen
  Internet Relay Chat (2)
    IRC/Claw.2444
    IRC/Claw.2763
  multipartite (2)
    Shark.mp
    Pickle.mp
  Overwriting (1)
    HLL.ow.7424d
  Parasitic (4)
    HLLP.33152
    HLLP.8529
    HLLP.8177
    W32/Elkern.cav.f
  Peer To Peer Worm (2)
    W32/Reckus.worm.b!p2p
    W32/Reckus.worm.a!p2p
  Script (15)
    Bat/ast
    Bat/baj
    Bat/qd140
    Bat/baj2
    Bat/tery
    Bat/qwer
    Bat/qd141
    Bat/qd139
    Bat/qd138
    Bat/offi
    Bat/geez.218
    Bat/frp
    Bat/dt62
    Bat/baj1
    W32/Duster.bat
  Source code (1)
    P97M/Phlaco.src
  Win32 (6)
    W32/Mimail.hta
    W32/Randex.f
    W32/Mimail.i!data
    W32/Lamin.b
    W32/Hader
    W32/Lamin.a
  Win9x (3)
    W95/Icer.773
    W95/Yel.c
    W95/Icer.619
  Worm (40)
    W32/Spybot.worm.sn
    W32/Spybot.worm.sb
    W32/Spybot.worm.ke
    W32/Spybot.worm.hg
    W32/Spybot.worm.sq
    W32/Spybot.worm.sm
    W32/Spybot.worm.sk
    W32/Spybot.worm.sf
    W32/Spybot.worm.sd
    W32/Spybot.worm.sl
    W32/Spybot.worm.sg
    W32/Spybot.worm.se
    W32/Spybot.worm.sc
    W32/Spybot.worm.sa
    W32/Spybot.worm.ry
    W32/Spybot.worm.rs
    W32/Spybot.worm.sp
    W32/Spybot.worm.rw
    W32/Spybot.worm.sx
    W32/Spybot.worm.su
    W32/Spybot.worm.ss
    W32/Spybot.worm.sj
    W32/Spybot.worm.sh
    W32/Spybot.worm.rv
    W32/Spybot.worm.rr
    W32/Spybot.worm.st
    W32/Spybot.worm.sr
    W32/Spybot.worm.si
    W32/Spybot.worm.rz
    W32/Spybot.worm.rx
    W32/Spybot.worm.ru
    W32/Spybot.worm.rh
    W32/Spybot.worm.sv
    W32/Spybot.worm.rt
    W32/Tumbi.worm
    W32/Delinf.worm
    W32/Autex.worm
    W32/Antonio.worm
    W32/Alcop.bf.worm
    W32/Adawar.worm

Enhanced Detections:

Program (3)
   (1)
    VObj7
  Downloader (1)
    Adware-Lvup.dldr
  Malware Tool (1)
    VTool/mag5
Trojan (92)
   (1)
    Nuravo
  - (1)
    AIM-Canbot
  Downloader (9)
    Downloader-BW.e
    Downloader-BW.b
    Downloader-BW.c
    Downloader-BW.d
    Downloader-CR
    Downloader-CS
    Downloader-BW.f
    Downloader-CZ
    Downloader-BW.g
  Dropper (4)
    Multidropper-GN
    MultiDropper-EY
    BackDoor-KL.dr
    BackDoor-KT.dr
  File deleting (4)
    QDel355
    QDel353
    QDel354
    QDel383
  Flooder (3)
    FDoS-IrocsK
    FDoS-MWanted
    FDoS-LSky
  Generic (30)
    BackDoor-AKM.gen
    BackDoor-MD.gen
    BackDoor-BT.gen
    BackDoor-QT.gen
    MultiDropper-ER.gen
    BackDoor-ANG.gen
    BackDoor-AMZ.gen
    BackDoor-AOC.gen
    BackDoor-AOA.gen
    BackDoor-AOI.gen
    BackDoor-ABT.gen
    BackDoor-PB.gen
    AdClicker-C.gen
    BackDoor-AQG.gen
    BackDoor-AQR.gen
    MultiDropper-FM.gen
    BackDoor-AQY.gen
    VB-QDel.gen
    BackDoor-AQU.gen
    BackDoor-ARU.gen
    BackDoor-ATF.gen
    MultiDropper-FT.gen
    BackDoor-AMU.gen
    BackDoor-ABZ.gen
    BackDoor-AUO.gen
    BackDoor-IV.gen
    JV/IEStart.gen
    BackDoor-MQ.gen
    BackDoor-AXW.gen
    VB-BackDoor.b.gen
  Internet Relay Chat (1)
    IRC-Myst
  Malware Tool (2)
    Kit-Herpes
    Nuke-Ebeg
  ProcKill (1)
    ProcKill-AK
  Remote Access (24)
    BackDoor-KL
    Backdoor-AOE
    BackDoor-ZX
    BackDoor-QQ
    BackDoor-LR
    BackDoor-KT
    BackDoor-PC
    BackDoor-HV
    BackDoor-AQX
    BackDoor-ARD
    BackDoor-LA
    BackDoor-ASO
    BackDoor-AST
    BackDoor-AWC
    BackDoor-AWU
    BackDoor-AQQ
    BackDoor-AYB
    BackDoor-AYD
    BackDoor-AZB
    BackDoor-BBN
    BackDoor-XM
    BackDoor-LB
    BackDoor-LE
    BackDoor-LT
  Script (4)
    Bat/wag
    Bat/tz
    Bat/th
    Bat/ll
  Server (1)
    BackDoor-KT.svr
  Win32 (7)
    Enocider
    IRC/Flood.cd
    Provera
    OpenCD
    DiskFill-I
    DRevenge
    Niuzu
Virus (104)
   (47)
    Odessa.745
    HLL.5120
    HLL.8752
    HLL.3444
    Patia.2561
    Patia.2565
    Lockjaw
    Deadman
    Clau
    Tardy.1236
    Pepe.a
    ACGb.af
    ACGb.i
    ACGb.ai
    ACGb.ae
    ACGb.ag
    ACGb.ah
    Glaurung.1109
    HLL.3544
    Tardy.1232
    Tardy.1036
    Tardy.1228
    Tardy.1078
    Tardy.1066
    Tardy.668c
    Tardy.668b
    Tardy.664
    Tardy.581a
    Tardy.574
    Tardy.507c
    Tardy.507a
    Tardy.275
    Tardy.268b
    Tardy.1133
    Tardy.1080
    Tardy.1215
    Tardy.1076
    Tardy.668a
    Tardy.581b
    Tardy.578
    Tardy.510
    Tardy.507b
    Tardy.503
    Tardy.272
    Tardy.268a
    Tardy.1070
    Phalcon
  Companion (1)
    HLL.cmp.6096
  Damaged (7)
    HLLT.7504b.dam
    Tardy.578.dam
    Tardy.507b.dam
    Tardy.507a.dam
    Tardy.272.dam
    Pepe.a.dam
    Glaurung.1109.dam
  Dropper (11)
    Univ/c.dr
    Vor.dr
    W95/Repus.dr
    Odessa.dr
    W95/Repus.191.dr
    W95/Repus.162.dr
    W95/Repus.232.dr
    W95/Repus.167.dr
    Stealthboot.drx
    Pepe.dr
    PrS.drx
  Dropper multipartite (1)
    Smile.mp.drx
  Generic (2)
    W97M/Toraja.gen
    Serbu.3322.GR
  Intended (7)
    W95/Boza.e.intd
    W95/Boza.c.intd
    W95/Boza.f.intd
    W95/Boza.g.intd
    W95/Boza.h.intd
    W95/Boza.i.intd
    W95/Boza.j.intd
  Internet Relay Chat (2)
    IRC/Claw.2553
    IRC/Claw.2513
  Macro (1)
    P97M/Phlaco
  mIRC Worm (1)
    W32/Generic.worm!irc
  multipartite (2)
    Shimmer.mp
    Starship.mp
  Parasitic (3)
    HLLP.37931
    W32/Elkern.cav.e
    W32/Elkern.cav.d
  Peer To Peer (1)
    W32/Habaku!p2p
  Script (3)
    VBS/Bisquit
    Bat/ov
    Bat/fro
  Unpacked (1)
    HLLP.37931.unp
  Win32 (1)
    W32/Isis
  Win9x (12)
    W95/Repus.192
    W95/Repus.156
    W95/Repus.384
    W95/Repus.127
    W95/Boza.d
    W95/Boza.b
    W95/Boza.a
    W95/Repus.388
    W95/Repus.368
    W95/Repus.256c
    W95/Repus.256b
    W95/Repus.256a
  Worm (1)
    W32/Deborm.worm.ai