Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4292
DAT Release Date 09/10/2003
Threats Detected 79859
New Detections 158
Enhanced Detections 92

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Internet Worm (1)
  Open Share Worm (1)
    W32/Sluter.worm.b
Program (16)
   (1)
    Generator.EMME3
  Adware (1)
    Adware-MemWatcher
  Downloader (1)
    LopAdvert.dldr
  Generic (7)
    Dialer-RAS.bk.gen
    Dialer-RAS.bm.gen
    Dialer-RAS.bn.gen
    Dialer-RAS.bl.gen
    Dialer-RAS.bj.gen
    Dialer-RAS.bh.gen
    Dialer-RAS.bi.gen
  Joke (1)
    ProgLaunch joke
  Malware Tool (4)
    VTool/sfg
    VTool/mat3
    HTool/webcam
    HTool/ipc
  Win32 (1)
    RPCScan
Trojan (71)
   (15)
    Loader.b
    Jan
    Two-and-a-Half
    Nuker
    JMB
    Include
    Crusades
    Blatant2
    Blatant
    B2E.rup3
    B2E.rup2
    ASD
    Antywirus
    BL
    B2T
  Disk erasing (2)
    QZap335
    QZap334
  Downloader (6)
    Downloader-EB
    Downloader-EC
    Downloader-EA
    Downloader-DY
    Downloader-EE
    Downloader-DA.b
  Dropper (4)
    Generic Dropper
    CoreFlood.dr
    Battus.dr
    MultiDropper-HH
  Exploit (4)
    Exploit-ObjectData
    UNIX/Exploit-Xmandb
    Exploit-LocalWMD
    Exploit-IIS.Scan
  File deleting (1)
    QDel343
  Flooder (2)
    FDoS-Mixtar
    FDoS-Panoil
  Internet Relay Chat (1)
    IRC-Whisper
  Malware Tool (3)
    Flooder.kit
    NTRootKit-F
    Linux/RootKit-K
  Password (1)
    PWS-Moneykeeper
  Password Stealer (2)
    PWS-Stelcookie
    PWS-Stck
  Proxy (1)
    Proxy-FBSR
  Remote Access (3)
    Proxy-Thunker
    BackDoor-AYR
    BackDoor-AYQ
  Script (21)
    VBS/Envoy
    VBS/DDoS-iFrameNet.d
    Bat/subst
    Bat/set3
    Bat/scroll
    Bat/qd110
    Bat/qd108
    Bat/pee
    Bat/flag
    Bat/chan
    Bat/avk3
    Bat/sss
    Bat/set2
    Bat/qd111
    Bat/qd109
    Bat/pop
    Bat/pas4
    Bat/cze
    Bat/avk2
    BackDoor-AMQ.bat
    Tooner.bat
  StartPage (1)
    StartPage-S
  Win32 (4)
    Tooner
    Del-405
    Lohet
    DMster
Virus (70)
   (14)
    Rali.1306
    Nostar.3072.h
    Vfw
    VCS.795
    Lucky.2200
    Meihua.1844
    Maverick.1383
    Fayo.1999
    Amuck.3184c
    HLLT.9543
    HLLT.6728
    BootDr257
    HLLT.9812
    HLLT.7936
  Dropper (6)
    Jeru.Sunday.dr
    Zorm/e.dr
    VCL.NED.dr
    TPE.1.3.dr
    Backfont.dr
    Idiot-Vulture.dr
  Dropper multipartite (2)
    Changsha.mp.dr
    Markus.mp.dr
  Dropper Worm (1)
    W32/Eyeveg.worm.dr
  Email (5)
    W32/Dumaru.i@MM
    W32/Dumaru.g@MM
    W32/Dumaru.f@MM
    W32/Stepaik@M
    W32/Dumaru.h@MM
  File Infector (1)
    MPB/Kynel
  Generic Worm (2)
    W32/Sdbot.worm.gen.b
    W32/Darby.worm.gen
  HTML document (1)
    VBS/Zulu.htm.h
  Internet Worm (4)
    W32/Gaobot.worm.aa
    W32/Pereban@MM
    W32/Nexiv.worm
    W32/Dumaru.j@MM
  Macro (4)
    X97M/Suhd
    XM/Uedasan
    WM/NJ-DLK1
    W97M/Drome
  Malware Tool (2)
    Beebs.kit
    Bat/bvg.kit
  multipartite (1)
    Sooty.mp.512
  Open Share Worm (1)
    W32/Eyeveg.worm
  Overwriting (1)
    HLL.ow.5120b
  Overwriting Script (1)
    VBS/Z0X.ow.vbs
  P2P Worm (1)
    W32/Cake.worm!p2p
  Parasitic (1)
    HLLP.8391
  Script (7)
    VBS/Smat
    VBS/NoMercy.f
    VBS/Calera
    VBS/Yozis
    VBS/Nomekop
    VBS/Bleeb
    W32/Bugsoft.bat
  Source code (1)
    W32/Darby.src
  Unpacked (1)
    HLLT.6728.unp
  VbScript (1)
    VBS/Vags.kit
  Win32 (5)
    W32/Limper
    W32/Lamhav
    W32/Ladmar
    W32/Darby
    W32/Pate.b1
  Worm (7)
    W32/Randon.worm.p
    W32/Spybot.worm.ni
    W32/Gaobot.worm.ab
    W32/Darby.worm.d
    W32/Darby.worm.c
    W32/Darby.worm.b
    W32/Apove.worm

Enhanced Detections:

Malware (1)
  Spyware (1)
    Spy-Snag
Program (8)
   (7)
    QTrash
    Gigi.b
    Credgen
    Black-Harmer
    XString
    Credgen.txt
    CryptMBR
  Joke (1)
    Finjokan.b joke
Trojan (27)
   (8)
    Shadow98
    Ritch
    CMOS Reset
    Asas
    Backfind
    Poopies
    AolDel
    PCBB EXE
  Downloader (1)
    Downloader-AK
  Internet Relay Chat (1)
    IRC/Backdoor.c
  Java Applet (1)
    JV/Javakbd
  Keylogger (1)
    Keylog-NKeys
  Malware Tool (1)
    YOFVG.kit
  mIRC Worm (1)
    JS/Judgement
  Remote Access (3)
    BackDoor-AET
    BackDoor-AWG
    BackDoor-ZO
  Script (8)
    Bat/set
    JS/Seeker.y
    JS/IBBM
    Bat/Moab
    VBS/Julerk
    JS/Slang
    VBS/Mill.g.bat
    VBS/Lisa
  Source code (1)
    Appkiller.src
  Win32 (1)
    AddShare-A
Virus (56)
   (24)
    HLL.MF
    Zorm/d
    Grope.1141
    Lesson
    Zorm/e
    Nostar.3072.f
    Nostar.3072.d
    Nostar.3072.c
    Nostar.3072.a
    XPEH
    Wasp.1776
    Schenk.1520
    Schenk.2010
    Schenk.423
    Meihua.2658
    Idiot-Vulture.2592
    Nostar.3072.g
    Nostar.3072.b
    DSCE.Encrypted
    Schenk.2011
    Schenk.420
    Schenk.1343
    Schenk.1341
    Idiot-Vulture.2032
  Dropper (4)
    Ambulance.dr
    VBS/Bound.dr
    Bat/jam.dr
    VBS/Mannak.dr
  Dropper multipartite (1)
    Nutcracker.mp.dr
  Email (3)
    VBS/Stages.27356@MM
    VBS/Stages.14559@MM
    VBS/Stages.2543@MM
  Email Generic (1)
    VBS/Stages.gen@MM
  Floppy Worm (1)
    W32/Gaga.worm
  Internet Relay Chat (2)
    IRC/Lucky
    IRC/Invadous
  Macro (1)
    X97M/Laroux.ns
  mIRC Worm (1)
    W97M/Wally.worm
  Parasitic (2)
    HLLP.8432
    HLLP.Yap.8421
  Partition (1)
    Sooty
  Script (13)
    VBS/BackZat
    VBS/Bound
    VBS/Yelp
    VBS/LittleBoy
    VBS/Gum
    Bat/joy.b
    Bat/joy.a
    Bat/jam.b
    Bat/jam.a
    Bat/jam
    VBS/Xxx
    VBS/Monel
    VBS/LittleBoy.bat
  Unpacked (1)
    HLLP.8432.unp
  Worm (1)
    W32/Ska@M