Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4254
DAT Release Date 03/26/2003
Threats Detected 68644
New Detections 130
Enhanced Detections 111

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
W32/Lovgate.f@M Low-Profiled Low-Profiled
BackDoor-ARR Low-Profiled Low-Profiled
W32/Bugbros@MM Low-Profiled Low-Profiled
Exploit-MS03-007.Crpt Low-Profiled Low-Profiled

New Detections:

Malware (1)
  Denial Of Svc (1)
    FDoS-Csium
Program (21)
   (6)
    WVTool/dkm
    Generator.WW
    Generated.MOF
    Generator.MOF
    Generated.CSTG
    Generator.CSTG
  - (1)
    Downloader-BR
  Dialer (2)
    PornDial-155
    PornDial-156
  Downloader (1)
    PornDial-155.ldr
  Exploit (1)
    Exploit-MS03-007.scan
  Malware Tool (4)
    VTool/wsh
    VTool/tpu2
    VTool/tpu1
    VTool/tpr
  multipartite (1)
    Generator.MPE
  Remote Access (1)
    PortScan-Sburrow
  Tool (1)
    VTool/Sharpei
  Win32 (3)
    SQL-Browser
    NetShare
    WVTool/xasm
Trojan (60)
   (1)
    Grizz
  - (1)
    VBS/Asnar
  Application extension (2)
    SMTPMail.dll
    BackDoor-ARS.dll
  Configuration settings (1)
    BackDoor-ARS.ini
  Configurator (1)
    ICQPager-K.cfg
  Downloader (2)
    JS/Cisp
    Downloader-CG
  Dropper (3)
    Bat/dt26.dr
    BackDoor-ARZ.dr
    BackDoor-ARS.dr
  Exploit (4)
    JS/Exploit-MS03-008
    Exploit-MS03-007.Crpt
    JS/Exploit-UserName
    Exploit-Sohlp
  File Deletion (1)
    Qdel374
  Generic (3)
    PWS-Fantast.gen
    BackDoor-ARU.gen
    BackDoor-AGL.gen
  HTML (1)
    HTML/Suar
  Macintosh (1)
    MacOS/ChinaTalk
  Malware Tool (1)
    Spam-Avril
  Password (1)
    HTML/Ebscam
  Password Stealer (5)
    PWS-Fantast.e
    PWS-Fantast.d
    PWS-Fantast.c
    PWS-Fantast.b
    PWS-Fantast.a
  ProcKill (1)
    ProcKill-AG
  Remote Access (12)
    IRC-Rewt
    BackDoor-ARR
    Backdoor-ARU
    BackDoor-ARY
    BackDoor-ASA
    BackDoor-ARZ
    BackDoor-ARW
    BackDoor-ARV
    BackDoor-ARS
    BackDoor-ARQ
    BackDoor-ARP
    BackDoor-UO
  Script (7)
    VBS/Zaged
    Bat/zz6
    Bat/gat
    Bat/dt26
    Bat/cfu
    Bat/bom
    VBS/Daysun
  Settings Change (2)
    Daysun
    StartPage-G
  StartPage (2)
    StartPage-J
    StartPage-I
  Trojan (3)
    Qdel376
    Qdel375
    Stoplete
  Uploader (1)
    Uploader-D.a
  Win32 (4)
    XPlain
    Uploader-D
    Systentry
    ICQPager-K
Virus (48)
   (11)
    Rag-Doll.945
    Rag-Doll.942
    Rag-Doll.x
    BW.Wimp.1430
    BootDr241
    Rotor.1725
    Rabid.5737
    Dot-Eater.944.d
    CVM.1367
    Crocodile.1592
    Bebe.1004d
  Configuration settings (1)
    VBS/Ardin.ini
  Dropper (5)
    Univ/i.dropped
    Univ/ow.a.dr
    Prague.dr
    Gift.dr
    Coke.dr
  Dropper Worm (1)
    W32/Gaobot.worm.dr
  E-mail (1)
    W32/Wanor@MM
  E-mail worm (3)
    W32/Lovgate.f@M
    W32/Holar.e@MM
    W32/Bugbros@MM
  Email (4)
    W32/Zokrim@MM
    W32/Vote.d@MM
    W32/Spinac@MM
    W32/Lovgate.g@M
  Generic Worm (3)
    W32/Taripox.worm.gen
    W32/Randon.worm.d.gen
    W32/Randon.worm.a.gen
  Intended (2)
    VBS/Sucop.c.intd
    VBS/Singri.intd
  Internet Worm (1)
    W32/Bibrog.e@MM
  Script (6)
    VBS/Trads
    VBS/Horty.g
    Bat/zz5
    Bat/cap
    Bat/ata
    W97M/Twopey.h.bat
  Win32 (1)
    W32/Fosforo.d
  Worm (9)
    W32/Lovgate.j@M
    W32/Sddrop.worm.b
    W32/Sddrop.worm.a
    W32/Randon.worm.i
    W32/Randon.worm.h
    W32/Randon.worm.g
    W32/Randon.worm.c
    W32/Randon.worm.b
    W32/HideDoc.worm

Enhanced Detections:

Program (64)
   (59)
    Generated.X87ME
    Generated.SAM
    Generated.PME
    Generated MPE3
    Generated MPE2
    Generated.Mime
    Generated.Kid
    Generator.Kid
    Generated.GCAE1
    Generated.Enth
    Generated.DSME
    Generated.DSCE
    Generated.DKME
    Generator.APME
    Generated.Perm
    Generated.INF
    Generator.RTP
    Generator.Hope
    Generator.aaa
    Generator.INF
    Generator.EMPE
    Generator.Mime
    Generated.Zombie
    Generator.Zombie
    Generated.X
    Generated.VGC
    Generator.VGC
    Generated.Trident
    Generated.Trash2-3
    Generator.Trash2-3
    Generated.Soulb
    Generator.Soulb
    Generator.SAM
    Generator.RSE
    Generated.RHQ
    Generator.RHQ
    Generator.PME
    Generated.Msg
    Generator.Msg
    Generated.MME
    Generator.MME
    Generated.JVS
    Generator.JVS
    Generated.Hier
    Generator.Hier
    Generator.GPE
    Generated.EMPE
    Generated.EMME2
    Generated.EMME1
    Generator.EMME
    Generator.DSME
    Generated.DPE
    Generator.DMU
    Generator.DKME
    Generator.D-Phantom
    Generator.CPE
    Generated.APE
    Generator.APE
    Generated.Amber
  Demonstration (1)
    Generator.Demo
  Malware Tool (1)
    PWCrack-Snitch
  multipartite (1)
    Generated.MPE1
  Spyware (1)
    Realtime-Spy
  Tool (1)
    Pest-Portscan
Trojan (9)
  Denial Of Svc (1)
    DDoS-Storm
  Dropper (1)
    ProphoFake.dr
  Exploit (1)
    Exploit-MS03-007
  Malware Tool (1)
    NGVCK.Kit
  Process (1)
    ProcKill-Z
  Remote Access (1)
    BackDoor-RQ
  Script (1)
    Bat/nom
  VbScript (1)
    VBS/Chimpn
  Win32 (1)
    ProphoFake
Virus (38)
   (25)
    QDrag.1079
    QDrag.1084
    QDrag.x
    Buendia
    Dead
    Bobo.513
    QDrag.y
    Murphy.Bros.2045
    Soulsick.1064
    Radi.2076
    Ontario.1028
    Ontario.1024b
    Ontario.1024a
    Nambul
    Harmware.3716
    Harmware.3515
    Harmware.3076
    Grass.357
    Ear-Ulife
    DRET.1710
    Die
    Coke
    Artemiev.2165
    Generated.Spirit.a
    Generator.Spirit
  Companion (1)
    Asim.cmp.1539
  Dropper (3)
    W32/Fosforo.dr
    Lorenzo.9214.dr
    Nambul.722b.dr
  File Infector (2)
    Burglar.1150
    Rogue.1807
  Intended (1)
    VBS/Bowlgy.intd
  Linux (1)
    Linux/BTM
  multipartite (1)
    Max.mp
  Script (1)
    Bat/sa
  Win32 (3)
    W32/LDE.c
    W32/LDE.b
    W32/LDE.a