Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

Latest Update
DAT Version 4954
DAT Release Date 02/01/2007
Threats Detected 225384
New Detections 10
Enhanced Detections 252

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Malware (1)
  Exploit (1)
    Exploit-MSExcel.h
Trojan (6)
   (2)
    Generic.dt
    Generic.du
  Downloader (1)
    Downloader-BAJ.sys
  Dropper (1)
    BackDoor-DKS.dr
  Password Stealer (1)
    PWS-QQRob!hosts
  Remote Access (1)
    BackDoor-DKS
Virus (3)
  Dropper (1)
    W32/Wuke.dr
  Parasitic (2)
    W32/HLLP.Philis.fj
    W32/HLLP.Philis.fl

Enhanced Detections:

Internet Worm (1)
  Internet Relay Chat (1)
    W32/Sdbot.worm!811a7027
Malware (1)
  Exploit (1)
    Exploit-MSWord.b
Program (18)
   (5)
    Generic PUP.f
    Hoax-LocalIFrame
    Generic PUP.e
    Generic PUP.a
    Generic HTTP
  - (1)
    CouponBar
  Adware (7)
    Adware-BHO.gen
    Adware-Starware
    Adware-TCent
    Adware-MokeAd
    Adware-Henbang
    Adware-DesktopMedia
    Adware-Baidu
  Application extension (1)
    Adware-Baidu.dll
  Dropper (1)
    Adware-Baidu.dr
  Internet Relay Chat (1)
    IRC/Client
  Script (1)
    JS/Seeker.s
  Win32 (1)
    Winfixer
Trojan (84)
   (7)
    Generic.cf
    Generic.de
    Generic.h
    Generic.dg
    Generic.df
    Generic.f
    Bad Link
  Application extension (3)
    Spy-Agent.ba.dll
    PWS-QQRob.dll
    BackDoor-CKB.dll
  Application extension Generi (1)
    BackDoor-CKB.dll.gen
  Demonstration (2)
    JS/Exploit-ScriptSrc.demo
    Exploit-IframeBO.demo
  Downloader (10)
    PWS-Banker.dldr.d
    Downloader-AAL
    Downloader-AAP
    Downloader-BAJ
    PWS-WoW.dldr
    Downloader-AXM
    Downloader-AYJ
    PWS-Banker.dldr
    Downloader-BAI!M711
    PWS-Banker.dldr.c
  Dropper (4)
    BackDoor-CKB.dr
    BackDoor-DIX.dr
    Allsum.dr
    PWS-WoW.dr
  Exploit (22)
    JS/Exploit-Search
    Exploit-FileName
    JS/Exploit-Navigate
    JS/Exploit-ObjectCDS
    JS/Exploit-BodyRef
    JS/Exploit-ScriptSrc
    Exploit-MSJet
    Exploit-CreateTxtRng
    Exploit-MS03-023
    JS/Exploit-DDay
    Exploit-ObjectBuffer
    Exploit-LocalWMD
    JS/Exploit-SaveRef
    JS/Exploit-Applet
    Exploit-CVE2006-4534
    Exploit-ObscuredHtml
    Exploit-FormHTML
    JS/Exploit-SetHome
    Exploit-IframeBO!shellcode
    Exploit-MSWord.e
    Exploit-1Table
    JS/Exploit-ADODB
  Generic (10)
    Exploit-MhtRedir.gen
    Exploit-URLSpoof.gen
    JS/Exploit-ScriptSrc.gen
    Exploit-ObjectData.gen
    PWS-Banker.gen.ad
    PWS-Banker.gen.l
    PWS-Banker.gen.j
    PWS-Banker.gen.t
    PWS-Banker.gen.ah
    JS/Seeker.gen.a
  Heuristic (1)
    New Malware.j
  HTML document (1)
    BackDoor-AXJ.htm
  Password Stealer (5)
    PWS-Gamania
    PWS-Banker!1d2e
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-WoW
  Proxy (1)
    Proxy-Agent.o
  Remote Access (6)
    BackDoor-ARR
    BackDoor-DIR
    BackDoor-DIX
    BackDoor-CKB.sys
    BackDoor-CMQ
    BackDoor-CKB
  Script (2)
    JS/Seeker.i
    Generic component
  Win32 (9)
    Generic BackDoor.f
    Generic Downloader.s
    Spy-Agent.ba
    ShipUp
    Generic Downloader.r
    Generic PWS.o
    Generic Downloader.ab
    DNSChanger.d
    Generic MultiDropper.o
Virus (147)
  Damaged (1)
    W32/Nuwar.dam
  Dropper (1)
    W32/HLLP.Philis.dr
  E-mail worm (1)
    JS/Yamanner@MM
  Email (3)
    W32/Stration@MM
    W32/Nuwar@MM
    W32/Avon@MM
  Generic Worm (2)
    W32/Sdbot.worm.gen.ce
    W32/Sdbot.worm.gen.ca
  Parasitic (133)
    W32/HLLP.Philis
    W32/HLLP.Philis.cj
    W32/HLLP.Philis.t
    W32/HLLP.Philis.s
    W32/HLLP.Philis.ad
    W32/HLLP.Philis.ae
    W32/HLLP.Philis.am
    W32/HLLP.Philis.ap
    W32/HLLP.Philis.aq
    W32/HLLP.Philis.bf
    W32/HLLP.Philis.bs
    W32/HLLP.Philis.au
    W32/HLLP.Philis.z
    W32/HLLP.Philis.ea
    W32/HLLP.Philis.ao
    W32/HLLP.Philis.an
    W32/HLLP.Philis.af
    W32/HLLP.Philis.cs
    W32/HLLP.Philis.cq
    W32/HLLP.Philis.em
    W32/HLLP.Philis.dg
    W32/HLLP.Philis.bw
    W32/HLLP.Philis.bu
    W32/HLLP.Philis.bd
    W32/HLLP.Philis.be
    W32/HLLP.Philis.ef
    W32/HLLP.Philis.dy
    W32/HLLP.Philis.fa
    W32/HLLP.Philis.ai
    W32/HLLP.Philis.ag
    W32/HLLP.Philis.ar
    W32/HLLP.Philis.bv
    W32/HLLP.Philis.av
    W32/HLLP.Philis.ey
    W32/HLLP.Philis.ex
    W32/HLLP.Philis.ez
    W32/HLLP.Philis.cl
    W32/HLLP.Philis.dx
    W32/HLLP.Philis.bq
    W32/HLLP.Philis.cm
    W32/HLLP.Philis.db
    W32/HLLP.Philis.dw
    W32/HLLP.Philis.al
    W32/HLLP.Philis.ak
    W32/HLLP.Philis.da
    W32/HLLP.Philis.dv
    W32/HLLP.Philis.bm
    W32/HLLP.Philis.at
    W32/HLLP.Philis.ca
    W32/HLLP.Philis.as
    W32/HLLP.Philis.cz
    W32/HLLP.Philis.aw
    W32/HLLP.Philis.ah
    W32/HLLP.Philis.aa
    W32/HLLP.Philis.cr
    W32/HLLP.Philis.cp
    W32/HLLP.Philis.do
    W32/HLLP.Philis.dn
    W32/HLLP.Philis.ce
    W32/HLLP.Philis.cd
    W32/HLLP.Philis.by
    W32/HLLP.Philis.ab
    W32/HLLP.Philis.fd
    W32/HLLP.Philis.fc
    W32/HLLP.Philis.ee
    W32/HLLP.Philis.ec
    W32/HLLP.Philis.eb
    W32/HLLP.Philis.dm
    W32/HLLP.Philis.ax
    W32/HLLP.Philis.u
    W32/HLLP.Philis.ed
    W32/HLLP.Philis.ck
    W32/HLLP.Philis.bx
    W32/HLLP.Philis.en
    W32/HLLP.Philis.el
    W32/HLLP.Philis.eu
    W32/HLLP.Philis.et
    W32/HLLP.Philis.eq
    W32/HLLP.Philis.es
    W32/HLLP.Philis.er
    W32/HLLP.Philis.ep
    W32/HLLP.Philis.ac
    W32/HLLP.Philis.du
    W32/HLLP.Philis.dk
    W32/HLLP.Philis.di
    W32/HLLP.Philis.bp
    W32/HLLP.Philis.eh
    W32/HLLP.Philis.aj
    W32/HLLP.Philis.dt
    W32/HLLP.Philis.cy
    W32/HLLP.Philis.ej
    W32/HLLP.Philis.ei
    W32/HLLP.Philis.bt
    W32/HLLP.Philis.ch
    W32/HLLP.Philis.ci
    W32/HLLP.Philis.v
    W32/HLLP.Philis.x
    W32/HLLP.Philis.dq
    W32/HLLP.Philis.ev
    W32/HLLP.Philis.fb
    W32/HLLP.Philis.fh
    W32/HLLP.Philis.ff
    W32/HLLP.Philis.dl
    W32/HLLP.Philis.dj
    W32/HLLP.Philis.dh
    W32/HLLP.Philis.dp
    W32/HLLP.Philis.fi
    W32/HLLP.Philis.fg
    W32/HLLP.Philis.fe
    W32/HLLP.Philis.fk
    W32/HLLP.Philis.ay
    W32/HLLP.Philis.az
    W32/HLLP.Philis.bg
    W32/HLLP.Philis.ds
    W32/HLLP.Philis.cc
    W32/HLLP.Philis.bz
    W32/HLLP.Philis.eg
    W32/HLLP.Philis.eo
    W32/HLLP.Philis.cx
    W32/HLLP.Philis.df
    W32/HLLP.Philis.cn
    W32/HLLP.Philis.ew
    W32/HLLP.Philis.cv
    W32/HLLP.Philis.ct
    W32/HLLP.Philis.de
    W32/HLLP.Philis.dc
    W32/HLLP.Philis.cw
    W32/HLLP.Philis.cu
    W32/HLLP.Philis.y
    W32/HLLP.Philis.dd
    W32/HLLP.Philis.co
    W32/HLLP.Philis.cg
    W32/HLLP.Philis.cf
  Win32 (5)
    New Poly Win32
    New Win32
    W32/Ridnu
    W32/Wuke
    W32/Fujacks!htm
  Worm (1)
    W32/Generic.worm!im
Vulnerability (1)
  Exploit (1)
    Exploit-IframeBO