McAfee Threat Center

Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

DAT Version	4296
DAT Release Date	10/01/2003
Threats Detected	80744
New Detections	137
Enhanced Detections	165

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name	Corporate Risk Assessment	Home Risk Assessment
W32/Smibag.worm	Low-Profiled	Low-Profiled
QHosts-1	Low-Profiled	Low-Profiled

New Detections:

Program (13)

(2)

VObj25

VObj26

Application extension (1)

Keylog-Hothook.dll

Malware Tool (7)

ProcKill (2)

Spyware (1)

Spyware-LoverSpy

Trojan (44)

(3)

Del-408

Dirs-7

Del-407

- (2)

QHosts-1

Application extension (2)

PWS-Mirhunt.dll

Configurator (1)

Denial Of Svc (1)

UNIX/FDoS-Aggin

Disk erasing (1)

QZap338

Downloader (1)

Dropper (6)

MultiDropper-HM

Downloader-EG.dr

BackDoor-AOP.dr

Exploit (1)

Exploit-Overnasm

Internet Relay Chat (1)

Java Applet (1)

Keylogger (1)

Malware Tool (2)

Kit-SME

PWCrack-Destrip

Password (1)

Password Stealer (6)

PWS-IN

ProcKill (1)

Remote Access (6)

Script (5)

JS/CardStealer.Scotia

Bat/hogy

Win32 (2)

Jkid

Vicety

Virus (80)

(11)

NcCrush

VCG.7057

Lucretia

VICE.xx

Lorz.340

Application extension Worm (1)

W32/Smibag.worm.dll

Companion (2)

W32/HLL.cmp.Nosyst

W32/Egolet.cmp.c

Configuration settings (1)

Damaged (10)

Dropper (7)

W32/Seppuku.h.dr

W32/Seppuku.g.dr

Dropper Worm (1)

W32/Smibag.worm.dr

Email (5)

W32/Delanab.c@MM

W32/Delanab.a@MM

W32/Delanab.b@MM

Internet Worm (2)

W32/Smibag.worm

W32/Zezer.worm.gen

Macro (1)

Overwriting (1)

W32/HLL.ow.Zush

Peer To Peer Worm (2)

W32/Specx.worm.b!p2p

W32/Specx.worm.a!p2p

Script (6)

Bat/inf

VBS/Hopa

Win32 (14)

W32/NGVCK.a.926

W32/NGVCK.2296dr

W32/NGVCK.a.1352

W32/NGVCK.a.2266

Win9x (1)

Worm (15)

W32/Spybot.worm.oz

W32/Opaserv.worm.ac

W32/Opaserv.worm.ad

W32/Spybot.worm.oy

W32/Spybot.worm.ox

W32/Unfair.worm

W32/Randon.worm.r

W32/Infober.worm

W32/Deborm.worm.ah

W32/Acinti.a.worm

W32/Randon.worm.q

W32/Imponex.worm

W32/Arequipa.worm.c

Enhanced Detections:

Internet Worm (1)

E-mail worm (1)

Program (10)

(10)

VObj4

VObj22

VObj21

VObj20

VObj16

VObj15

VObj13

VObj2

VObj23

VObj24

Trojan (78)

(1)

AOL Password (1)

Application extension (1)

BackDoor-AYC.dll

Client (4)

BackDoor-APJ.cli

BackDoor-FR.cli

BackDoor-FP.cli

BackDoor-AC.cli

Configurator (2)

BackDoor-FP.cfg

BackDoor-APJ.cfg

Demonstration (2)

Exploit-DcomRpc.2.demo

Downloader (2)

BackDoor-AAY.ldr

BackDoor-Sub7.ldr

Dropper (8)

BackDoor-AYC.dr

Exploit (2)

Exploit-DcomRpc.2

Exploit-IIS.Crash

Internet Relay Chat (5)

IRC/Flood.Winhelp

Malware Tool (5)

Password Stealer (2)

PWS-HE

Remote Access (38)

BackDoor-FP.svr

Backdoor-FK.svr

JV/BackDoor-KBD

BackDoor-Sub7.icq

BackDoor-AC.util

Script (1)

BackDoor-Sub7.regen

Server (3)

BackDoor-DV.svr

BackDoor-AC.svr

BackDoor-FR.svr

Win32 (1)

Virus (76)

(4)

Scitzo

Tardy

Manuel

Boot (6)

Dodgy

Pop

Hiwag

Companion (2)

W32/HLL.cmp.406528

Damaged (1)

Dropper (7)

W32/Seppuku.b.dr

W32/Lovelorn.dr

W32/Seppuku.f.dr

W32/Seppuku.a.dr

E-mail (1)

E-mail worm (2)

Email (29)

Email Generic (3)

W32/Oror.gen@MM

W32/Oror.gen.a@MM

W32/Sobig.gen@MM

Floppy Worm (1)

W32/Acinti.worm

Generic (1)

Intended (1)

W32/Seppuku.intd

Internet Worm (2)

Peer To Peer Worm (1)

W32/Silka.worm!p2p

Script (4)

Bat/bgo

Bat/kir

VBS/Grez

Win9x (1)

W95/Dedo

Worm (10)

W32/Chainsaw.worm

W32/Opaserv.worm.j

W32/Opaserv.worm.g

W32/Opaserv.worm.c

W32/Opaserv.worm.b

W32/Opaserv.worm.ab

W32/Opaserv.worm.z

W32/Opaserv.worm.y

W32/Opaserv.worm.x

W32/Arequipa.worm.b