McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4245
DAT Release Date	01/29/2003
Threats Detected	63605
New Detections	200
Enhanced Detections	187

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
Sadhound	Low-Profiled	Low-Profiled
W32/Sdbot.18976	Low-Profiled	Low-Profiled

New Detections:

Malware (1)

Denial Of Svc (1)

Program (36)

(1)

- (1)

Closer

Adware (1)

Application extension (1)

ScreenCapture.dll

Dialer (2)

Keylogger (1)

Malware Tool (21)

Tool (1)

Win31 (1)

Win32 (6)

Trojan (70)

(1)

Winsex.c

- (2)

W32/Sdbot.18976

KeyLog-TweakPan

Application extension (2)

BackDoor-APK.dll

BackDoor-AMR.dll

Client (1)

BackDoor-APJ.cli

Configuration settings (1)

ManifestDest.ini

Configurator (1)

BackDoor-APJ.cfg

Downloader (1)

Downloader-BO.c

Dropper (8)

Downloader-BO.dr.b

BackDoor-AGS.dr

MultiDropper-FG

MultiDropper-FF

Exploit (3)

Linux/Exploit-Da2

File deleting (8)

QDel367

QDel366

QDel361

QDel368

QDel364

QDel363

QDel362

QDel365

Flooder (2)

FDoS-AutoAttack

Java Applet (1)

Linux (1)

Linux/Shinject.v04

Malware Tool (2)

Password (1)

Password Stealer (3)

ProcKill (5)

Remote Access (8)

BackDoor-ANF.log

BackDoor-ALI.sys

BackDoor-ALI.srv

Script (4)

Bat/qd11

Bat/wag

Bat/qz13

IRC/Flood.ba.bat

StartPage (1)

Win32 (14)

Mecool

KillAppl

IPGetter

Halloway

Blakhal

Reboot-W

Ashcan

APCrack

Virus (93)

(10)

Bobo.513

Dark Avenger.1028

Application extension (1)

W32/Netspree.dll

Companion (1)

Dropper (12)

Hymn.dr

W95/RainSong.4262.b.dr

W95/RainSong.4262.a.dr

Werewolf.685b.dr

Email (10)

W32/BackZat.d@MM

W32/Sowsat.e@MM

W32/Sowsat.d@MM

W32/Kameral.c@MM

W32/Kameral.b@MM

W32/Kameral.a@MM

W32/Duksten.l@MM

W32/Duksten.k@MM

W32/Cherich.d@MM

Email Generic (2)

W32/Sowsat.gen@MM@MM

W32/BackZat.gen@MM

Generic Worm (1)

W32/Kazmor.worm.gen

Intended (2)

VBS/Dasbud.intd

W32/Chatter.intd

Internet Relay Chat (2)

IRC/Eroc

Internet Worm (2)

W32/Netspree.worm

Macro (1)

W97M/Ant

Malware Tool (1)

mIRC Worm (1)

Parasitic (1)

W95/Radix.cav.436

Script (21)

Bat/shk

Bat/tns

VBS/Bian

Bat/pef2

Bat/ora

Bat/hny

Bat/duk

Bat/dic2

Bat/damn

Bat/cic

Bat/bgo

Bat/arh

Bat/wst

Bat/obs

Bat/mel

Bat/cbt2

W32/Yougdos.bat

W32/Yougdos.reg

W32/Netspree.bat

Win32 (5)

Win9x (2)

W95/RainSong.4262.b

W95/RainSong.4262.a

Word document (6)

Worm (12)

W32/Amazex.j.worm

W32/Nilit.g.worm

W32/Titog.worm.e

W32/Osapex.c.worm

W32/Legend.worm

W32/Kazmor.worm.g

W32/Grexon.worm

W32/Dormer.worm.d

W32/Nevereg.worm

Enhanced Detections:

Internet Worm (1)

Open Share Worm (1)

W32/Ultimax.worm

Program (7)

Configurator (1)

Script (2)

Bat/ack

Bat/ace

Source code (1)

Generator.SRCG non

Tool (1)

Win32 (2)

Trojan (35)

Client (1)

BackDoor-ANF.cli

Configurator (2)

BackDoor-KE.cfg

Dropper (6)

MultiDropper-FB

IRC/Flood.bd.dr

Hide Minimized.dr

Prova.dr

MultiDropper-CH

Generic (2)

JavaScript (1)

Malware Tool (1)

VBS/RunScript.Kit

mIRC client (1)

IRC/Flood.bd.mirc

Password (1)

Password Stealer (2)

Plugin component (1)

BackDoor-ANF.plugin

Remote Access (4)

BackDoor-ANF.utl

Script (7)

Bat/abc

Bat/abi

Bat/acg

Bat/acf

Bat/acc

Bat/acb

Bat/aca

Server (2)

BackDoor-ANF.svr

BackDoor-KE.svr

Trojan (1)

Prova

Win32 (2)

Reboot-V

SysMan

Worm (1)

W32/Fix.12288@M

Virus (144)

(5)

MF

Evil-Spirit.1710

Hymn.c

Auspar

- (2)

Application extension (3)

W32/Dupator.dll

Boot (1)

Satria

Companion (3)

W32/Egolet.cmp.b

W32/Egolet.cmp.a

Damaged (7)

W32/Magistr.dam3

W32/Darling.dam

W32/Magistr.a.dam5

W32/Magistr.dam2

W32/Magistr.b.dam1

W32/Magistr.a.dam1

W32/Magistr.dam4

Dropper (11)

W95/RainSong.4386.dr

W95/RainSong.4036.dr

Dropper Overwriting (1)

E-mail worm (2)

W32/Frethem.f@MM

Email (15)

W32/Duksten.f@MM

W32/Duksten.a@MM

W32/Duksten.g@MM

W32/Duksten.i@MM

W32/Frethem.i@MM

W32/Frethem.h@MM

W32/Frethem.g@MM

W32/Frethem.e@MM

W32/Frethem.d@MM

W32/Frethem.c@MM

W32/Frethem.b@MM

W32/Frethem.a@MM

W32/Creepy.b@MM

Email Generic (1)

W32/CryptoLab.gen@MM

File Infector (1)

W32/Fix.36864@M

Generic (2)

W32/HLLP.8192.gen

HTML document (5)

Intended (2)

W32/Darling.intd

Internet Worm (1)

W32/Creepy.a@MM

Malware Tool (1)

multipartite (1)

Doomm.mp

Overwriting (1)

Parasitic (2)

W32/Elkern.cav.c

Script (44)

W32/Chiton.f.bat

Bat/dic

Bat/ae

Bat/r

Bat/k

Bat/cod

VBS/Voodoo.2312

Bat/ms

Bat/mm

Bat/ma

Bat/jg

Bat/je

Bat/hi

Bat/bs

Bat/bi

Bat/mr

Bat/ai

Win32 (9)

W32/Chiton.f.eml

W32/Flee

Win9x (10)

W95/Cvirus.176128

W95/Cvirus.311296

Worm (14)

W32/Fantast.worm.a

W32/Flechal.worm

W32/Decencia.worm

W32/Beavuh.worm

W32/Titog.worm.b

W32/Titog.worm.c

W32/Kazmor.worm.f

W32/Kazmor.worm.d

W32/Kazmor.worm.e

W32/Kazmor.worm.c

W32/Kazmor.worm.b

W32/Kazmor.worm.a

W32/Dissed.worm