Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4231
DAT Release Date 10/30/2002
Threats Detected 62051
New Detections 138
Enhanced Detections 334

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Internet Worm (2)
  P2P Worm (1)
    W32/Loxar.worm.gen!p2p
  Win32 (1)
    W32/Sponge@MM
Program (8)
  - (2)
    Friend Greeting application (IV)
    Friend Greeting
  Dialer (1)
    PornDial-96
  Joke (1)
    FakeDel joke
  Keylogger (1)
    Keylog-KeyMon
  Tool (2)
    Tool-AIMRV
    Tool-Zombie
  Win32 (1)
    KCom-HTTPServ
Trojan (40)
   (1)
    CGILogger-A
  Configurator (1)
    PWS-CSJacker.cfg
  Disk erasing (1)
    QZap246
  Downloader (2)
    Downloader-BM
    Downloader-BL
  Dropper (2)
    IRC/Flood.bg.dr
    PWS-NetCfg.dr
  Exploit (1)
    Exploit-GetAd
  File Deletion (1)
    Ahero
  Flooder (6)
    FDoS-Aginst
    FDoS-Fury
    FDoS-KillZone
    FDoS-Metamorp
    FDoS-Blurred
    FDoS-Overload
  Internet Relay Chat (3)
    IRC-Dospa
    IRC/Flood.bg
    IRC/Flood.bf
  Malware Tool (1)
    Kit-Kagra
  Password (1)
    PWS-Msnfake
  Password Stealer (6)
    PWS-NetCfg
    PWS-Myut
    PWS-AIMZip
    PWS-OverG
    PWS-EvilDoer
    PWS-CSJacker
  Remote Access (4)
    BackDoor-AMA
    BackDoor-AMB
    Backdoor-ALZ
    Backdoor-AMC
  Script (1)
    Bat/abj
  VbScript (2)
    VBS/Ultras
    VBS/Helvis
  Win32 (7)
    AdClicker-H
    Garra
    Privoxy
    PirDir
    KeySpy-Keyen
    ICQPager-C
    CGIPager-A
Virus (88)
   (34)
    Medical.188
    VCL.1725
    Jeru.1808.h
    Jeru.1808.g
    Jeru.1808.e
    Jeru.1808.c
    Jeru.1808.a
    DEDB.1709
    Torn.4336
    SZA.2588b
    SZA.2207
    SZA.2158
    SZA.2037
    SZA.1864
    Fission.517
    VIP.1221
    Jeru.1808.f
    Jeru.1808.d
    Jeru.1808.b
    SZA.2588a
    Droopy.454
    HLLT.DNazi.8665
    HLLT.Krile.5696.b
    HLLT.Krile.5696.a
    HLLT.Krile.5055
    HLLT.Krile.4569
    HLLT.Krile.5864
    HLLT.Krile.5228
    HLLT.Krile.5776
    HLLT.Krile.5744
    HLLT.Krile.5575
    HLLT.Krile.5017
    HLLT.Krile.5000
    HLLT.Krile.4515
  Companion Dropper (1)
    Terra.cmp.dr
  Configuration settings (2)
    W32/Oror@MM.ini
    W32/Merkur.ini
  Damaged (8)
    Auspar.369.dam
    SZA.dam.2588a
    SZA.dam.2158
    SZA.dam.1864
    SZA.dam.2588b
    SZA.dam.2207
    SZA.dam.2037
    W32/Yaha.g.dam
  Dropper (7)
    Red Devil.dr
    Uruguay-6.dr
    Sailor-Venus.dr
    Overkill.dr
    DEDB.1709.dr
    VP.909.dr
    W97M/Teocatl.dr
  E-mail worm (4)
    W32/Merkur@MM
    VBS/Gichty@MM
    W32/Lamecada.a@MM
    W32/Oror.b@MM
  Email (5)
    W32/Wonna@MM
    W32/Chet.c@MM
    W32/Lamecada.b@mm
    W32/Duksten.f@MM
    W32/Duksten.a@MM
  Generic (1)
    W32/Fatuous.gen
  Generic Worm (1)
    W32/Opaserv.worm.gen
  HTML document (1)
    W32/Sponge.html
  Intended (2)
    MSIL/Generic.intd
    W97M/Uglykid.b.intd
  Internet Relay Chat (3)
    IRC/Untouch
    IRC/Matit
    IRC/Diam
  Macro (1)
    W97M/Grumble
  Script (2)
    DEDB.1709.bat
    W32/Merkur.bat
  Universal (1)
    Univ/h
  Unpacked (1)
    HLLT.DNazi.8665.unp
  Win32 (2)
    W32/Duksten.eml
    W32/Cako
  Win9x (1)
    W95/Murkry.441intd
  Worm (11)
    W32/Opaserv.worm.i
    HLLW.Melli.5552
    W32/Zaka.worm.r
    W32/Zaka.worm.q
    W32/Sytro.worm.at
    W32/Spear.worm.i
    W32/Spear.worm.h
    W32/Spear.worm.g
    W32/Sachiel.worm.d
    W32/Loxar.worm
    W32/Exploter.worm

Enhanced Detections:

Program (4)
  - (1)
    IMIServ.download
  Application extension (1)
    IMIServ.dll
  Exploit (1)
    Fakedll
  Server (1)
    IMIServ.svr
Trojan (9)
   (1)
    Fly
  Application extension (1)
    IRC/Flood.o.dll
  Dropper (1)
    SysMono.dr
  Exploit (1)
    Exploit-Teso212
  Generic (1)
    X97M/Neg.c.gen
  Linux (1)
    Linux/Backdoor.121
  Macro (1)
    XM/LMV.b
  Password Stealer (1)
    PWS-gen.M2
  Win32 (1)
    SysMono
Virus (321)
   (150)
    Sailor Pluto.3741
    HLL.5113
    HLLT.DNazi.8297
    HLLT.8288b
    HLLT.7981
    HLLT.Teterin.7999
    HLLT.Teterin.7878
    HLLT.7808.a
    HLLT.6480.a
    HLLT.7808.b
    HLLT.6917
    HLLT.6480.b
    HLLT.6256.b
    HLLT.6256.a
    HLLT.5046
    HLLT.6126
    HLLT.5175
    HLLT.5381
    HLLT.4869
    HLLT.4754
    HLLT.4926
    HLLT.4885
    HLLT.4641
    HLLT.4949b
    HLLT.4949a
    HLLT.4725
    HLLT.4709b
    HLLT.4709a
    HLLT.4631
    HLLT.4630
    HLLT.4629
    HLLT.4536
    HLLT.4484
    HLLT.4482
    HLLT.4423
    HLLT.4156
    HLLT.3779
    HLLT.4395b
    HLLT.3990
    HLLT.3680
    HLL.OJ.sub
    Jeru.Wanderer.1570b
    Jeru.Wanderer.1455b
    Number of the Beast
    MtE.Insuff
    BW.1258dr
    BootDr68
    Twitch.a
    TMS.11712.b
    Snark.819
    Slovakia.1956
    Sara.6672
    Pinc.12576
    Mutant
    HLLT.5260b
    Sailor Pluto.3672b
    Sailor Pluto.3630
    Sailor Mercury
    Jeru.Zerotime.2163
    Jeru.Zerotime.2126.b
    Jeru.Zerotime.1716b
    Jeru.Wanderer.1884
    Jeru.Wanderer.1854
    Jeru.Wanderer.1809
    Jeru.Wanderer.1811
    Jeru.Wanderer.1653e
    Jeru.Wanderer.1653.d
    Jeru.Wanderer.1589
    Jeru.Wanderer.1591
    Jeru.Wanderer.1768
    Jeru.Wanderer.1448
    Jeru.Wanderer.1332a
    Jeru.Wanderer.1087
    Jeru.Wanderer.1029
    Jeru.VTech.2880
    Jeru.NaiTai.1636
    Jeru.Czech.e
    Jeru.Czech.b
    Jeru.Czech.a
    Jeru.Pipi.1552b
    Jeru.Pipi.1536
    Nutcracker.1960
    VP.909
    VME.2862
    VME.2854
    VME.2261
    VME.1833
    VME.1699
    Vengence.659
    Vengence.657
    TMS.11712.a
    Slovakia.2041
    Redarc.44136
    OC/x
    Nambul.2297dr
    Lead.6000
    Kalunu
    Jackpot.11632
    Dope
    Divider.3678
    Bashme.3323
    Arj-Self-Extr.5288
    HLLT.4160
    Info.199k
    DT.13120
    Divider.3680
    BootDr98
    Bashme.4984
    Bashme.3307
    HLLT.5555
    HLLT.4240c
    HLLT.4240b
    HLLT.4240a
    HLLT.4170
    Sailor Pluto.3768
    Sailor Pluto.3672a
    Sailor Pluto.3547
    Sailor Mars
    Jeru.Zerotime.2126.c
    Jeru.Zerotime.2126.a
    Jeru.Zerotime.1716a
    Jeru.Westwood.1829
    Jeru.Wanderer.1862
    Jeru.Wanderer.1852
    Jeru.Wanderer.1756
    Jeru.Wanderer.1783
    Jeru.Wanderer.1653.c
    Jeru.Wanderer.1653.b
    Jeru.Wanderer.1653.a
    Jeru.Wanderer.1570a
    Jeru.Wanderer.1455
    Jeru.Wanderer.1446
    Jeru.Wanderer.1332b
    Jeru.Wanderer.1324
    Jeru.VTech.2886
    Jeru.Czech.d
    Jeru.Pipi.1552a
    Jeruguru.1904.b
    Jeruguru.1904.a
    Wurm.10306
    Wurm.9948
    Krile.5762
    Krile.4608
    Krile.4592
    Jeru.Wanderer.1598
    Jeru.Wanderer.1234
    Jeru.Czech.c
    Jeru.Pipi.1552c
    Jeru.Exciter.2368
    Virdemo.6257
  Archive (1)
    Jeru.Czech.Zip
  Companion (6)
    HLL.cmp.8080
    HLL.cmp.6000b
    HLL.cmp.Dope.5129
    HLL.cmp.7690
    HLL.cmp.Dope.4870
    HLL.cmp.6208
  Damaged (5)
    Lesson.dam
    HLLT.4482.dam
    Xany.dam
    Jeru.NaiTai.1636.dam
    Jeru.VTech.dam
  Dropper (12)
    W32/Finaldo.dr
    HLLT.6917.dr
    Slowly.dr
    ACG.dr
    Oldyank.dr
    MFV.dr
    Cas-J.dr
    Vict.dr
    Olivia.dr
    Morphine.2048.dr
    Mith.dr
    Dark-Paranoid.dr
  Dropper multipartite (1)
    Voodoo.mp.dr
  Email (3)
    W32/Chet.b@MM
    W32/Chet.a@MM
    W32/Skud@MM
  File Infector (6)
    HLLT.9072a
    HLLW.31107
    HLLT.KRILE.5880
    HLLT.KRILE.5831
    HLLT.KRILE.5504
    AHAV
  Generic (9)
    XM/Laroux.gen
    W32/FunLove.gen
    W32/Belia.gen
    X97M/Barisada.gen
    X97M/Jerk.gen
    X97M/Stick.gen
    W97M/JulyKill.gen
    W97M/Fly.gen
    W97M/Bunnies.gen
  Generic Worm (9)
    W32/Leave.worm.gen.h
    W32/Leave.worm.gen.f
    W32/Leave.worm.gen.d
    W32/Leave.worm.gen.b
    W32/Leave.worm.gen.g
    W32/Leave.worm.gen.e
    W32/Leave.worm.gen.i
    W32/Leave.worm.gen.c
    W32/Leave.worm.gen.a
  Intended (2)
    W32/Belia.intd
    W97M/VMPCK1.ay.intd
  Internet Relay Chat (1)
    IRC/Amri
  Macro (14)
    W97M/Eight.gen
    X97M/Extras
    X97M/Soldier
    XM/Robocop
    X97M/Edure
    XM/Compat
    W97M/Zmk.k
    W97M/Zmk.b
    W97M/VMPCK1.v
    W97M/Gnet
    W97M/Fly.a
    W97M/Diva
    X97M/Osource
    W97M/Ghostship
  Malware Tool (8)
    VCC2000.kit
    Zombie.FIRE.kit
    ACG.kit
    VCC.kit
    Clacker.kit
    AWVCK.kit
    VBS/SSIWG.Kit
    W97M/Zmk.Kit
  multipartite (1)
    Warmaker.mp.5747
  Overwriting (18)
    HLL.ow.7451
    HLL.ow.13936
    HLL.ow.13744
    HLL.ow.5057
    HLL.ow.4017
    HLL.ow.6726
    HLL.ow.6561
    HLL.ow.3505
    HLL.ow.2673
    HLL.ow.2229
    HLL.ow.2428
    Sett.ow.1106
    ORCE.ow
    Archinf.ow
    HLL.ow.13112.b
    HLL.ow.12288c
    HLL.ow.4317
    HLL.ow.13112.a
  Parasitic (20)
    HLLP.9787
    HLLP.9488
    HLLP.8636
    HLLP.Doggy.8421
    HLLP.Doggy.8308
    HLLP.7643
    HLLP.6549
    HLLP.7929
    HLLP.7720
    HLLP.6702
    HLLP.6002
    HLLP.5701
    HLLP.5299
    HLLP.5192
    HLLP.5153.b.Uncompr
    HLLP.4999
    HLLP.4960
    HLLP.5153.a
    HLLP.5667.b
    HLLP.5667.a
  Script (1)
    HLLT.5260b.bat
  Unpacked (37)
    HLLT.9072a.unp
    HLLT.DNazi.8297.unp
    HLLT.8288b.unp
    HLLT.7981.unp
    HLLT.6917.unp
    HLLT.Teterin.7999.unp
    HLLT.Teterin.7878.unp
    HLLT.6018.unp
    HLLT.5175.unp
    HLLT.5046.unp
    HLLT.4926.unp
    HLLT.4641.unp
    HLLT.4536.unp
    HLLT.4482.unp
    HLLT.4423.unp
    HLLT.4395b.unp
    HLLT.3990.unp
    HLLT.4156.unp
    HLLT.3990.unp.chop
    HLLP.9787.unp
    HLLP.7643.unp
    HLLP.6702.unp
    HLLP.6549.unp
    HLLP.7929.unp
    HLLP.6002.unp
    HLLP.5701.unp
    HLLP.5192.unp
    HLLP.5153.a.unp
    HLLP.4999.unp
    HLLT.5555.unp
    HLLT.5260b.unp
    HLLT.4240b.unp
    HLLT.4240a.unp
    HLLT.4170.unp
    HLLT.4160.unp
    Arj-Self-Extr.5288.unp
    Krile.5017.unp
  Win32 (1)
    W32/FunLove
  Worm (16)
    W32/Zaka.worm.p
    HLLW.Supertet
    W32/Zaka.worm.o
    W32/Zaka.worm.m
    W32/Zaka.worm.l
    W32/Zaka.worm.i
    W32/Zaka.worm.g
    W32/Zaka.worm.e
    W32/Zaka.worm.d
    W32/Zaka.worm.b
    W32/Zaka.worm.n
    W32/Zaka.worm.f
    W32/Zaka.worm.j
    W32/Zaka.worm.h
    W32/Zaka.worm.c
    W32/Zaka.worm.a