Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4313
DAT Release Date 01/07/2004
Threats Detected 84320
New Detections 181
Enhanced Detections 132

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
W32/Mimail.p@MM Low-Profiled Low-Profiled

New Detections:

Internet Worm (1)
  P2P Worm (1)
    W32/Apsiv.worm!p2p
Program (28)
   (1)
    Generated.HW
  Adware (5)
    Adware-Aide
    Adware-VirtualGirl
    Adware-FriendXMS
    Adware-EZSearch
    Adware-Searchcentrix
  Configuration settings (1)
    DXDlg-FTP.ini
  Generic (4)
    Dialer-RAS.co.gen
    DXDlg-FTP.gen
    Dialer-RAS.cp.gen
    Dialer-RAS.cn.gen
  Malware Tool (11)
    HTool/thu
    HTool/sea
    HTool/lst
    VTool/spa5
    VTool/sfo
    VTool/ozz
    VTool/ex2
    HTool/aris
    VTool/oci
    VTool/sgx
    PWCrack-Minuet
  Win32 (6)
    DXDlg-FTP
    GetInfo
    Fport
    Delshare.g
    CGIscan
    PortScan-THunter
Trojan (44)
  Application extension (2)
    BackDoor-AGS.dll
    BackDoor-CBH.dll
  Disk erasing (1)
    QZap354
  Downloader (4)
    BackDoor-AWQ.b.dldr
    Downloader-GC
    Downloader-GB
    Downloader-GD
  Dropper (1)
    BackDoor-ATR.dr
  Exploit (1)
    JS/Exploit-LnkRun
  Flooder (1)
    FDoS-Jord
  Generic (1)
    Proxy-Cidra.gen
  Remote Access (6)
    BackDoor-CBH
    BackDoor-CBI
    BackDoor-CBF
    BackDoor-CBG
    BackDoor-CBE
    BackDoor-AWQ.b
  Script (14)
    Bat/qd165
    Bat/qd163
    Bat/onei
    Bat/M110
    Bat/cygw
    JS/Uniz
    Bat/toff
    Bat/sy4
    Bat/qz71
    Bat/qd164
    Bat/qd162
    Bat/obw
    Bat/irs
    Bat/blw
  StartPage (3)
    StartPage-AR
    StartPage-AP
    StartPage-AQ
  Win32 (10)
    AddShare-E
    Del-435
    DoS-Bkill.b
    Del-437
    DoS-Bkill.a
    Uploader-L
    Del-436
    Speil
    Del-434
    Del-433
Virus (108)
   (19)
    LME.6450
    Nov17.768a
    Fairz.2102
    Cvex4.e
    Walker
    Kellie.382
    Abomb.272
    Batboy
    Kellie.332
    Cave.234
    Youth.555.f
    VCG.Strelka.6986
    PKVX
    Wasp.1850
    V2PX.1266
    Ogle.442
    Lucky.2338
    OC/star
    Luky.695
  Companion (3)
    W32/Peana.cmp.c
    W32/Zerogav.cmp.b
    W32/Zerogav.cmp.a
  Damaged (1)
    Danish Tiny.dam
  Dropper (10)
    Jeru.dr.1548
    Jeru.dr.1536
    Genesis.dr
    Pixel.dr
    Jeru.dr.1552
    Jeru.dr.1540
    Grog.dr
    W95/Babylonia.dr
    Nuke.dr
    Sylvia.dr
  E-mail (1)
    W32/Mimail.t@MM
  E-mail worm (1)
    W32/Mimail.p@MM
  multipartite (2)
    Matthew.mp.2658
    Predator.mp.2338
  Parasitic (1)
    Dichotomy.apd
  Peer To Peer (1)
    W32/Duster!p2p
  Script (2)
    Bat/tas
    Bat/shutdown
  Worm (67)
    W32/Spybot.worm.xx
    W32/Spybot.worm.ya
    W32/Spybot.worm.xf
    W32/Spybot.worm.wy
    W32/Spybot.worm.ww
    W32/Spybot.worm.wm
    W32/Spybot.worm.yj
    W32/Spybot.worm.yh
    W32/Spybot.worm.yf
    W32/Spybot.worm.xt
    W32/Spybot.worm.xr
    W32/Spybot.worm.xq
    W32/Spybot.worm.xo
    W32/Spybot.worm.xn
    W32/Spybot.worm.xm
    W32/Spybot.worm.xl
    W32/Spybot.worm.wd
    W32/Spybot.worm.xi
    W32/Spybot.worm.xe
    W32/Gaobot.worm.fx
    W32/Gaobot.worm.fy
    W32/Spybot.worm.yg
    W32/Spybot.worm.yc
    W32/Spybot.worm.wk
    W32/Spybot.worm.wj
    W32/Spybot.worm.wi
    W32/Spybot.worm.wg
    W32/Spybot.worm.we
    W32/Spybot.worm.wa
    W32/Gaobot.worm.gb
    W32/Spybot.worm.wl
    W32/Spybot.worm.wh
    W32/Spybot.worm.wf
    W32/Spybot.worm.wc
    W32/Spybot.worm.wv
    W32/Spybot.worm.wt
    W32/Spybot.worm.wr
    W32/Spybot.worm.wp
    W32/Spybot.worm.wn
    W32/Spybot.worm.xc
    W32/Spybot.worm.xa
    W32/Spybot.worm.wu
    W32/Spybot.worm.ws
    W32/Spybot.worm.wq
    W32/Spybot.worm.wo
    W32/Spybot.worm.xk
    W32/Spybot.worm.xg
    W32/Spybot.worm.xd
    W32/Spybot.worm.xb
    W32/Spybot.worm.wz
    W32/Spybot.worm.wx
    W32/Gaobot.worm.gc
    W32/Spybot.worm.yd
    W32/Spybot.worm.xz
    W32/Spybot.worm.xj
    W32/Spybot.worm.xh
    W32/Wilsef.worm
    W32/Gaobot.worm.gd
    W32/Gaobot.worm.ga
    W32/Gaobot.worm.fz
    W32/Spybot.worm.ye
    W32/Spybot.worm.yb
    W32/Spybot.worm.xw
    W32/Spybot.worm.xv
    W32/Spybot.worm.xu
    W32/Spybot.worm.xs
    W32/Spybot.worm.xp

Enhanced Detections:

Internet Worm (2)
  - (1)
    W32/Unis@MM
  P2P Worm (1)
    W32/Franriv.worm
Program (24)
  - (1)
    NewDotNet
  Adware (1)
    Adware-BetterInet
  Dialer (2)
    PornDial-184
    Dialer-RAS.aj
  Generic (14)
    Dialer-RAS.cf.gen
    Dialer-RAS.bw.gen
    Dialer-RAS.bt.gen
    Dialer-RAS.br.gen
    Dialer-RAS.bk.gen
    Dialer-RAS.be.gen
    Dialer-RAS.ch.gen
    Dialer-RAS.ca.gen
    Dialer-RAS.bu.gen
    Dialer-RAS.bs.gen
    Dialer-RAS.bm.gen
    Dialer-RAS.bf.gen.b
    Dialer-RAS.ay.gen
    Dialer-RAS.au.gen
  Heuristic (1)
    NewDotNet
  Malware Tool (3)
    VTool/spa4
    VTool/spa3
    HTool/Sfi
  Win32 (2)
    Renamed mIRC Client
    HideWindow
Trojan (58)
  Application extension (2)
    BackDoor-CAR.dll
    BackDoor-BAE.dll
  Client (1)
    BackDoor-ATR.cli
  Configurator (3)
    MultiDropper-IL.cfg
    BackDoor-ATR.cfg
    BackDoor-AQF.cfg
  Downloader (4)
    Downloader-FX
    Downloader-DH.b
    Downloader-FT
    Downloader-DT
  Dropper (8)
    MultiDropper-IL
    MultiDropper-HU
    MultiDropper-GY
    MultiDropper-GK
    BackDoor-ARG.dr
    MultiDropper-HV
    MultiDropper-HQ
    MultiDropper-GS
  Exploit (2)
    Exploit-Shadwin
    Exploit-MS03-049.b
  Flooder (2)
    FDoS-RSeries
    FDoS-Bombit
  Generic (4)
    Uploader-B.gen
    StartPage-AO.gen
    PWS-QQCave.gen
    MultiDropper-DN.gen
  Internet Relay Chat (2)
    IRC-Onwe
    IRC-Ibot
  Malware Tool (2)
    Spam-NeoMail
    PWS-Sincom.kit
  Password (1)
    PWS-Sincom
  Password Stealer (7)
    PWS-NeedInfo
    PWS-MLD
    PWS-Jiang
    PWS-FakeFleet
    PWS-PWKiller
    PWS-Sina
    PWS-QQGet
  PornDialer (1)
    QDial18
  Remote Access (10)
    Woodcot
    BackDoor-AYW
    BackDoor-AXM
    BackDoor-AVY
    BackDoor-BAV
    CoreFlood
    BackDoor-HF
    BackDoor-AYM
    BackDoor-AVM
    Backdoor-TW
  Script (1)
    Bat/sdel
  Server (2)
    BackDoor-ATR.svr
    BackDoor-QQ.svr
  Win32 (6)
    Reboot-Z
    Synkiller
    Naldem
    DoS-Tenthose
    AdClicker-AC
    AdClicker-W
Virus (48)
   (26)
    Duwende
    V2PX.1251a
    V2PX.1455b
    V2PX.1251b
    V2PX.1252
    V2PX.1455a
    OC.dn
    V2PX.993
    V2PX.974
    V2PX.996
    V2PX.1000
    V2PX.1256b
    V2PX.1246
    V2PX.1190a
    V2PX.1260a
    V2PX.1260b
    V2PX.1006
    V2PX.1236
    V2PX.1440
    V2PX.1256a
    V2PX.1190b
    V2PX.1200
    V2PX.1620
    Messiah
    Nov17.768
    OC/dm
  Dropper (7)
    Westmont.dr
    Predator.dr
    Suriv.dr
    Duwende.dr
    VP.dr
    Tenbytes.dr
    W95/Drol.dr
  File Infector (3)
    Silly Willy
    W95/Babylonia
    V2PX
  multipartite (2)
    Predator.mp.c.2448
    Predator.mp.c.2424
  Overwriting (1)
    HLL.ow.2688
  Script (2)
    Bat/sy3
    Bat/shk
  Win32 (1)
    W32/Apop
  Win9x (1)
    W95/Spaces.gen
  Worm (5)
    W32/Tzet.worm.e
    W32/Tzet.worm.d
    W32/Tzet.worm.c
    W32/Tzet.worm.b
    W32/Tzet.worm.a