Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version 4293
DAT Release Date 09/17/2003
Threats Detected 80177
New Detections 200
Enhanced Detections 96

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (37)
   (1)
    VObj23
  Com file (1)
    Generator.COMSMEG
  Downloader (1)
    Adware-NS.dldr
  Malware Tool (31)
    VTool/sha
    VTool/ros
    VTool/nus
    VTool/biz
    VTool/btr
    VTool/wor
    VTool/tin
    VTool/ste2
    VTool/sps
    VTool/skull
    VTool/sec
    VTool/pyv
    VTool/mte2
    VTool/mis
    VTool/mik
    VTool/map
    VTool/libm
    VTool/lia4
    VTool/knd
    VTool/kid
    VTool/khd
    VTool/imm
    VTool/did
    VTool/cry4
    VTool/coc
    VTool/arm2
    VTool/fod
    VTool/dfo
    VTool/creatu
    VTool/bsv
    VTool/arm
  Script (1)
    Tool/zz5
  Source code (1)
    LoveYou.src
  Tool (1)
    Tool-AOL.Deceased
Trojan (70)
   (7)
    Imitator
    Enko
    Boot Bomba
    Illumin
    BTVS
    QReg-8
    DoS-BZ2
  - (1)
    Click-1
  Application extension (2)
    W32/Dumaru.dll
    BackDoor-AYV.dll
  Damaged (2)
    Pixel.dam
    MultiDropper-DC.dam
  Demonstration (1)
    Exploit-DcomRpc.2.demo
  Disk erasing (1)
    QZap336
  Dropper (4)
    Bat/cbv.drp
    MultiDropper-HK
    MultiDropper-HJ
    Proxy-Thunker.dr
  Exploit (6)
    UNIX/Exploit-SendMai
    Exploit-ElSo
    Exploit-HTA.Behind
    LNK/Exploit-VortLink
    Exploit-HA.HVG
    Exploit-DcomRpc.2
  File deleting (1)
    B2E.QDel2
  Internet Relay Chat (6)
    IRC/Josco
    IRC-Mushashi
    IRC-Deleio
    IRC/Flood.dd
    IRC/Flood.dc
    IRC/Flood.db
  Java Applet (1)
    JV/Shinwow
  Malware Tool (2)
    Kit-SAFHVM
    PHP/Spam-Xploiter
  Password (2)
    PWS-Netspurt
    PWS-Runbox
  Password Stealer (1)
    PWS-Putil
  Remote Access (7)
    Backdoor-AYP
    BackDoor-AYW
    JV/BackDoor-KBD
    BackDoor-AYX
    BackDoor-AYV
    BackDoor-AYT
    BackDoor-AYS
  Script (19)
    Bat/bolt
    JS/Ultras
    VBS/Iwill
    VBS/DDoS-iFrameNet.e
    Bat/set4
    Bat/qz48
    Bat/qd116
    Bat/qd114
    Bat/qd112
    Bat/hbbg
    Bat/cmo
    JS/Tinybar.reg
    VBS/Josco
    Bat/sto
    Bat/rgw
    Bat/qz47
    Bat/qd115
    Bat/qd113
    Bat/dt48
  StartPage (2)
    Bat/StartPage-U
    StartPage-T
  Win32 (5)
    IRC-Uhil
    Uploader-H
    Del-406
    Generic VB.b
    AdClicker-U
Virus (93)
   (12)
    Backfont.908
    Jeru.1812a
    BW.Pedal
    Akuku.1111c
    Red Devil.830f
    Grope
    HLLT.5555b
    Zorm/g.1185
    Jeru.1812b
    Frodo.4096f
    VCC.k
    Centar.103
  Application extension (1)
    W32/Kickin.dll
  Companion Dropper (1)
    Univ.cmp.dr
  Configuration settings (1)
    W32/Scrambler.ini
  Dropper (11)
    W95/Rinim.476.dr
    Zorm/g.1185.dr
    Quit.dr
    Sailor-Mercury.dr
    No-Boot.dr
    W32/Sankey.dr
    W95/Luna.dr
    W95/Henky.Megamix.dr
    W32/Dumaru.dr
    W95/Damm.dr
    W95/Poppy.dr
  Dropper multipartite (1)
    Weird Al.mp.dr
  E-mail (2)
    VBS/Ryon@MM
    VBS/Ryon@MM
  Email (1)
    W32/Dumaru.k@MM
  Email Generic (2)
    W32/Dumaru.gen@MM
    W32/Kickin.gen.a@MM
  Generic (1)
    Exploit-DcomRpc.g.gen
  Internet Worm (2)
    W32/Yaha.x@MM
    W32/Yaha.y@MM
  multipartite (1)
    Anticad.mp.4096.u
  Object (2)
    Winstart.obj
    W95/Lizard.obj
  Parasitic (1)
    Rajaat.apd
  Peer To Peer (1)
    W32/Generic.c!p2p
  PowerPoint Macro (1)
    PP97M/AcceV
  Script (6)
    Bat/Degir
    W32/Syney.bat
    JS/SAFHVM
    VBS/Mita
    VBS/Grez
    Bat/mkw
  Source code (1)
    Linux/Adm.src
  Win32 (3)
    W32/Lykov.b
    W32/Sankey
    W32/Lykov.a
  Win9x (2)
    W95/Luna.2467
    W95/Luna.2670
  Worm (40)
    W32/Spybot.worm.nu
    W32/Blaxe.worm
    W32/Spybot.worm.nj
    W32/Spybot.worm.oa
    W32/Spybot.worm.ny
    W32/Spybot.worm.nw
    W32/Spybot.worm.nt
    W32/Spybot.worm.nr
    W32/Spybot.worm.np
    W32/Spybot.worm.nn
    W32/Spybot.worm.nl
    W32/Spybot.worm.oi
    W32/Spybot.worm.og
    W32/Spybot.worm.od
    W32/Spybot.worm.ob
    W32/Spybot.worm.os
    W32/Raleka.worm.c
    W32/Spybot.worm.op
    W32/Spybot.worm.nz
    W32/Spybot.worm.or
    W32/Spybot.worm.oq
    W32/Spybot.worm.oo
    W32/Spybot.worm.on
    W32/Spybot.worm.om
    W32/Spybot.worm.ol
    W32/Spybot.worm.ok
    W32/Spybot.worm.oj
    W32/Spybot.worm.oh
    W32/Spybot.worm.of
    W32/Spybot.worm.oc
    W32/Spybot.worm.nx
    W32/Spybot.worm.nv
    W32/Spybot.worm.ns
    W32/Spybot.worm.nq
    W32/Spybot.worm.no
    W32/Spybot.worm.nm
    W32/Spybot.worm.nk
    W32/Bajos.worm.b
    W32/Bajos.worm.a
    W32/Alcop.az.worm

Enhanced Detections:

Internet Worm (1)
  Remote Access (1)
    SunOS/BoxPoison.worm
Program (4)
  Malware Tool (4)
    VTool/aso
    VTool/col
    VTool/nom2
    VTool/aex
Trojan (23)
  - (1)
    Crasher
  Application extension (1)
    Spy-Hiddukel.dll
  Configuration settings (1)
    BackDoor-IX.ini
  Demonstration (1)
    AntiTBSCAN.demo
  Exploit (2)
    Exploit-Nocnoc
    JS/Wipe
  Generic (2)
    VBS/RunScript.gen5
    JS/Seeker.gen.h
  Internet Relay Chat (2)
    IRC/Flood.as
    IRC/Sarz
  Java Applet (1)
    JV/Incon
  JavaScript (1)
    JS/Destroyer
  Malware Tool (1)
    Kit-HKPE
  Password Stealer (1)
    PWS-Watcher
  Remote Access (1)
    BackDoor-AQY
  Script (7)
    Bat/btg
    VBS/DDoS-iFrameNet.a
    VBS/DDoS-iFrameNet.c
    VBS/DDoS-iFrameNet.d
    VBS/Destroyer
    VBS/Satanik.c
    VBS/DDoS-iFrameNet.b
  Win32 (1)
    IPCScan
Virus (68)
   (35)
    Pony
    HLLT.4449
    VCCa.502
    VCCa.377b
    VCCa.377a
    VCCa.375
    VCCa.510b
    VCCa.510a
    VCCa.550.tro
    VCCa.550
    VCCa.547
    VCCa.546
    VCCa.353
    VCCa.352
    VCCa.265
    VCCd.538a
    VCCa.264a
    VCCa.264b
    Buzz
    Akuku.1111a
    Xav
    Jeru.1812
    Akuku.1111b
    BW.Poe
    VCCd.435b
    Pombero
    VCCm
    VCCg
    VCCd.636
    VCCd.435a
    VCCn
    VCCl
    VCCf
    VCCd.538b
    VCCb
  Damaged (1)
    W95/Henky.dam
  Defaced document (1)
    SunOS/BoxPoison.defaced
  Demonstration (1)
    JV/WMP-Exploit.demo
  Dropper (6)
    MPC.dr
    Diametric.dr
    Univ/ow.a.dr
    V2P6.dr
    VCCd.435b.dr
    VCCd.435a.dr
  Dropper multipartite (3)
    Blah.mp.3379.dr
    Blah.mp.3385b.dr
    Blah.mp.3385a.dr
  Dropper Worm (1)
    W32/Eyeveg.worm.dr
  E-mail (1)
    W32/Syney@MM
  Email (1)
    VBS/Bluemail@MM
  Generic (1)
    W95/Luna.gen
  Intended (1)
    PHP/Next.intd
  Internet Relay Chat (1)
    IRC/Satanik
  Malware Tool (1)
    Bat/hbb.kit
  multipartite (6)
    Blah.mp.3379
    Blah.mp.3385b
    Blah.mp.3385a
    Widma.mp.5741dr
    Weird Al.mp.512
    Blah.mp
  Script (4)
    VBS/Varin
    Bat/adi
    VBS/Ginseng
    Bat/stu
  Unix (1)
    UNIX/Gift
  Win32 (2)
    W32/Casal
    W32/RunFtp.js
  Worm (1)
    Linux/Kork.worm