Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

Latest Update
DAT Version 4921
DAT Release Date 12/18/2006
Threats Detected 221197
New Detections 10
Enhanced Detections 194

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (2)
  Adware (2)
    Adware-UniBar.sys
    Adware-UniBar
Trojan (5)
  Downloader (3)
    VBS/Downloader-AZU
    BackDoor-DJD.dldr
    BackDoor-DKI.dldr
  Heuristic (1)
    New Malware.bc
  Proxy (1)
    Proxy-Agent.o!dam
Virus (3)
  Parasitic (1)
    W32/HLLP.Philis.cz
  Win32 (1)
    W32/Dzan.a
  Worm (1)
    W32/Vizim.worm

Enhanced Detections:

Program (15)
  Adware (8)
    Adware-PortalScan
    Adware-Adtomi
    Adware-Virtumundo
    Adware-SAHAgent
    Adware-PigSearch
    Adware-AdStart
    Adware-Newweb
    Adware-Malwarewipe
  Application extension (1)
    Adware-SAHAgent.dll
  Downloader (2)
    Downloader-FL
    Adware-SAHAgent.dldr
  Dropper (2)
    Adware-BB.dr
    Adware-CasClient.dr
  Script (1)
    IE Window Popper
  Tool (1)
    Tool-SRunner
Trojan (93)
   (6)
    Generic Downloader.o
    Generic Downloader.bd
    NetSniff
    Generic BackDoor.bb
    Generic.f
    Generic Spy.e
  - (2)
    Vundo.dldr
    Spam-Mailbot
  Application extension (3)
    BackDoor-BAE.dll
    BackDoor-CVM.dll
    PWS-WoW.dll
  Application extension Generi (1)
    Puper.dll.gen
  Damaged (1)
    BackDoor-AWQ.b.dam
  Damaged Generic (1)
    PWS-Banker.gen.ae.dam
  Downloader (11)
    W32/Bagle.ew
    W32/Bagle.cj
    Downloader-AZT
    Downloader-AZV
    Downloader-AZQ
    Downloader-AFW
    PWS-Banker.dldr
    Downloader-ZQ
    Downloader-ARL
    Downloader-AXO
    Downloader-AWM
  Downloader Generic (2)
    W32/Stration.gen.dldr
    W32/Bagle.dldr
  Dropper (3)
    BackDoor-DJD.dr
    MultiDropper-RE
    PWS-Lineage.dr
  Exploit (5)
    VBS/Exploit-ADODB
    Exploit-MSWord.a
    Exploit-OleModule
    Exploit-MS06-027
    Exploit-CVE-2006-5581
  Generic (7)
    PWS-Banker.gen.q
    PWS-Banker.gen.ae
    PWS-Banker.gen.ad
    PWS-Banker.gen.bb
    PWS-Banker.gen.p
    PWS-Banker.gen.l
    PWS-Banker.gen.g
  Heuristic (1)
    New Malware.ab
  Password Stealer (10)
    Generic PWS.d
    PWS-QQPass.b
    PWS-QQRob
    PWS-Satiloler.d
    PWS-Hook
    PWS-Banker.gen.ac
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-Zhengtu
    PWS-Lineage
  ProcKill (1)
    ProcKill-DY
  Proxy (2)
    Proxy-Horst
    Proxy-Agent.o
  Remote Access (10)
    BackDoor-ARR
    BackDoor-AWQ.b
    BackDoor-DIQ
    BackDoor-CSB
    BackDoor-DJD
    BackDoor-DKA
    BackDoor-CVM
    BackDoor-DKI
    BackDoor-DKH
    BackDoor-CMQ
  Spam (1)
    Spam-Maxy
  Win32 (26)
    Generic Downloader.b
    Generic Downloader.a
    HackerDefender
    DollarRevenue
    Generic MultiDropper.d
    Generic VB.b
    Generic Dropper.l
    Generic Downloader.ad
    Generic MultiDropper.a
    Generic Uploader.a
    Spy-Agent.bf
    QLowZones-42
    Generic Downloader.p
    Puper
    Generic StartPage.f
    DDoS-Rincux
    Spy-Agent.ba
    Generic BackDoor.be
    Generic BackDoor.s
    Generic PWS.o
    Generic QLowZones.a
    Generic Downloader.ab
    Generic VB.c
    Generic PWS.s
    Generic Downloader.av
    Generic AdClicker.d
Virus (86)
   (3)
    Patched-Function
    rootkit
    Elf
  Damaged (1)
    W32/Nuwar.dam
  Damaged Worm (1)
    W32/Sdbot.worm.dam
  Downloader (5)
    W32/Bagle.ci
    W32/Bagle.ck
    W32/Bagle.cl
    W32/Bagle.cn
    W32/Bagle.ey.dldr
  Downloader Worm (1)
    W32/Sdbot.worm.dldr
  E-mail (1)
    W32/Bagle.fd@MM
  E-mail worm (2)
    W32/Bagle.fc@MM
    W32/Bagle.fb@MM
  Email (6)
    W32/Bagle.cd@MM
    W32/Rontokbro.a@MM
    W32/Rontokbro.b@MM
    W32/Bagle.ez@MM
    W32/Nuwar@MM
    W32/Bagle.ff@MM
  Email Generic (1)
    W32/Rontokbro.gen@MM
  Generic (4)
    W32/Nuwar@MM.gen
    W32/IRCbot.gen
    W32/IRCbot.gen.a
    W32/Bagle.gen
  Generic Worm (11)
    W32/Sdbot.worm.gen.as
    W32/Spybot.worm.gen.bj
    W32/Sdbot.worm.gen.l
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.m
    W32/Sdbot.worm.gen.bz
    W32/Sdbot.worm.gen.ag
    W32/Sdbot.worm.gen.ax
    W32/Sdbot.worm.gen.bd
    W32/Sdbot.worm.gen.bj
    W32/Sdbot.worm.gen.y
  Internet Relay Chat Worm (1)
    W32/Sdbot.worm!73216
  Internet Worm (2)
    W32/Spybot.worm.gen
    W32/Sdbot.worm!MS06-040
  Macro (1)
    W97M/Eight.gen
  Parasitic (35)
    W32/HLLP.Philis.cj
    W32/HLLP.Philis.bs
    W32/HLLP.Philis.cs
    W32/HLLP.Philis.cq
    W32/HLLP.Philis.bw
    W32/HLLP.Philis.bu
    W32/HLLP.Philis.bv
    W32/HLLP.Philis.cl
    W32/HLLP.Philis.bq
    W32/HLLP.Philis.cm
    W32/HLLP.Philis.bm
    W32/HLLP.Philis.ca
    W32/HLLP.Philis.cr
    W32/HLLP.Philis.cp
    W32/HLLP.Philis.ce
    W32/HLLP.Philis.cd
    W32/HLLP.Philis.by
    W32/HLLP.Philis.ck
    W32/HLLP.Philis.bx
    W32/HLLP.Philis.bp
    W32/HLLP.Philis.cy
    W32/HLLP.Philis.bt
    W32/HLLP.Philis.ch
    W32/HLLP.Philis.ci
    W32/HLLP.Philis.cc
    W32/HLLP.Philis.bz
    W32/HLLP.Philis.cx
    W32/HLLP.Philis.cn
    W32/HLLP.Philis.cv
    W32/HLLP.Philis.ct
    W32/HLLP.Philis.cw
    W32/HLLP.Philis.cu
    W32/HLLP.Philis.co
    W32/HLLP.Philis.cg
    W32/HLLP.Philis.cf
  VbScript (1)
    New Script
  Win32 (9)
    New Win32.g1
    W32/Bagle.eb
    New Win32
    W32/Bagle.cp
    W32/Bagle.cq
    W32/Bagle.co
    W32/Bagle.cm
    W32/Bagle.dd
    W32/Bagle.dc
  Worm (1)
    W32/Mandei.worm