Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

Latest Update
DAT Version 4971
DAT Release Date 02/26/2007
Threats Detected 231291
New Detections 19
Enhanced Detections 244

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (2)
  Dropper (1)
    KillAndClean.dr
  Win32 (1)
    KillAndClean
Trojan (15)
   (6)
    Generic.aan
    Generic.aal
    Generic.aam
    Generic.aak
    QHosts-75!hosts
    Spy-Agent.bv
  Dropper (1)
    Spy-Agent.bv.dr
  Macro (2)
    W97M/Kukudro.y
    W97M/Kukudro.z
  Win32 (6)
    W32/Generic.aab!worm
    W32/Generic.aaa!worm
    Uploader-AH
    Spy-Agent.bv.sys
    Spy-Agent.bv!inf
    QHosts-75
Virus (2)
  Macro (1)
    W97M/Blic
  Parasitic (1)
    W32/HLLP.Philis.gq

Enhanced Detections:

Program (23)
   (7)
    Generic AboutBlank
    Generic PUP.d
    Generic PUP.h
    PCast
    Generic KeyLog
    Generic PUP.a
    Winfixer.lnk
  - (1)
    RemAdm-PSKill
  Adware (6)
    Adware-TCent
    Adware-Lop
    Adware-BDSearch
    Adware-DoDoor
    Adware-DesktopMedia
    Adware-Softomate
  Damaged (1)
    NDotNet.dam
  Dropper (2)
    Adware-DesktopMedia.dr
    Adware-DoDoor.dr
  Generic (1)
    IBIS Dropper.gen
  Joke (1)
    Joke-Monday
  Registry (2)
    NDotNet
    Ptop
  Win32 (2)
    Generic HTool.b
    UnSpyPC
Trojan (80)
   (9)
    Generic.cf
    Generic.dq
    Generic.h
    Generic.dp
    Generic.dn
    Generic.ds
    Generic.dg
    Generic.do
    Generic.g
  Application extension (2)
    BackDoor-CVM.dll
    PWS-Lineage.dll
  Application extension Generi (1)
    Puper.dll.gen
  Configuration settings (1)
    HackerDefender.ini
  Downloader (8)
    Downloader-AAP
    Downloader-AXB
    Downloader-BAJ
    Downloader-AXI
    Downloader-BAS
    PWS-Banker.dldr
    Downloader-AUW
    Downloader-ASH
  Dropper (4)
    MultiDropper-FD
    MultiDropper-RA
    Puper.dr
    Allsum.dr
  Exploit (7)
    Exploit-ByteVerify
    Exploit-MS01-034
    Exploit-CVE2006-4534
    Exploit-CVE2006-3445
    Exploit-CVE2006-5585
    Exploit-CVE2006-3014!demo
    Exploit-1Table
  Generic (4)
    PWS-JA.gen
    Downloader-BAI.gen.d
    Puper.gen
    Downloader-BAI.gen.b
  Malware Tool (1)
    NTRootKit-U
  Password (2)
    PWS-LegMir
    PWS-LDPinch
  Password Stealer (6)
    PWS-JA
    PWS-Banker.gen.ac
    PWS-Banker.gen.h
    PWS-Zhengtu
    PWS-Banker.gen.aa
    PWS-Lineage
  Proxy (3)
    Proxy-Agent.au
    Proxy-Agent.ai
    Proxy-Piky
  Remote Access (6)
    BackDoor-AWQ.b
    BackDoor-DIR
    BackDoor-CZY
    BackDoor-CSB
    BackDoor-DKV
    Generic BackDoor.k
  Script (3)
    VBS/Soad
    Generic component
    Generic Downloader.bs
  Settings Change (1)
    QLowZones-14
  Win32 (22)
    Generic Downloader.b
    Generic Delphi
    Generic MultiDropper.d
    Timese
    Generic Downloader.d
    QLowZones-42
    Generic Downloader.s
    DeadDuck
    Spy-Agent.ba
    Generic Proxy.b
    FakeAlert-D
    Uploader-AF
    Generic Downloader.k
    Generic Dropper.p
    Generic PWS.o
    Generic BackDoor.u
    Generic Downloader.ab
    Vundo
    DNSChanger.d
    Generic Spy.b
    Generic Downloader.h
    Generic AdClicker.d
Virus (141)
   (1)
    Spartak
  Configuration settings (1)
    W32/HLLP.Philis.ini
  Downloader Worm (1)
    W32/Sdbot.worm.dldr
  Dropper (1)
    W32/HLLP.Philis.dr
  E-mail worm (1)
    W32/Feebs.gen@MM!61688
  Email (1)
    W32/Stration@MM
  Email Generic (1)
    W32/Rontokbro.gen@MM
  Generic (1)
    W32/IRCbot.gen.a
  Generic Worm (6)
    W32/Sdbot.worm.gen
    W32/IRCbot.worm.gen
    W32/Sdbot.worm.gen.n
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.ce
    W32/Sdbot.worm.gen.ax
  Internet Worm (1)
    W32/Spybot.worm.gen
  Parasitic (124)
    W32/HLLP.Philis
    W32/HLLP.Philis.cj
    W32/HLLP.Philis.bs
    W32/HLLP.Philis.fq
    W32/HLLP.Philis.ga
    W32/HLLP.Philis.gd
    W32/HLLP.Philis.ea
    W32/HLLP.Philis.cs
    W32/HLLP.Philis.cq
    W32/HLLP.Philis.em
    W32/HLLP.Philis.dg
    W32/HLLP.Philis.bw
    W32/HLLP.Philis.bu
    W32/HLLP.Philis.fz
    W32/HLLP.Philis.ef
    W32/HLLP.Philis.dy
    W32/HLLP.Philis.fa
    W32/HLLP.Philis.gh
    W32/HLLP.Philis.bv
    W32/HLLP.Philis.ex
    W32/HLLP.Philis.ez
    W32/HLLP.Philis.cl
    W32/HLLP.Philis.dx
    W32/HLLP.Philis.bq
    W32/HLLP.Philis.cm
    W32/HLLP.Philis.db
    W32/HLLP.Philis.dw
    W32/HLLP.Philis.da
    W32/HLLP.Philis.dv
    W32/HLLP.Philis.fj
    W32/HLLP.Philis.bm
    W32/HLLP.Philis.ca
    W32/HLLP.Philis.cz
    W32/HLLP.Philis.gi
    W32/HLLP.Philis.gf
    W32/HLLP.Philis.cr
    W32/HLLP.Philis.cp
    W32/HLLP.Philis.do
    W32/HLLP.Philis.dn
    W32/HLLP.Philis.ce
    W32/HLLP.Philis.cd
    W32/HLLP.Philis.by
    W32/HLLP.Philis.fd
    W32/HLLP.Philis.fc
    W32/HLLP.Philis.ee
    W32/HLLP.Philis.ec
    W32/HLLP.Philis.eb
    W32/HLLP.Philis.dm
    W32/HLLP.Philis.ed
    W32/HLLP.Philis.ck
    W32/HLLP.Philis.bx
    W32/HLLP.Philis.gk
    W32/HLLP.Philis.gl
    W32/HLLP.Philis.ge
    W32/HLLP.Philis.en
    W32/HLLP.Philis.el
    W32/HLLP.Philis.fn
    W32/HLLP.Philis.eu
    W32/HLLP.Philis.et
    W32/HLLP.Philis.eq
    W32/HLLP.Philis.es
    W32/HLLP.Philis.er
    W32/HLLP.Philis.ep
    W32/HLLP.Philis.fl
    W32/HLLP.Philis.du
    W32/HLLP.Philis.dk
    W32/HLLP.Philis.di
    W32/HLLP.Philis.bp
    W32/HLLP.Philis.eh
    W32/HLLP.Philis.dt
    W32/HLLP.Philis.cy
    W32/HLLP.Philis.ej
    W32/HLLP.Philis.ei
    W32/HLLP.Philis.bt
    W32/HLLP.Philis.ch
    W32/HLLP.Philis.ci
    W32/HLLP.Philis.gn
    W32/HLLP.Philis.gm
    W32/HLLP.Philis.dq
    W32/HLLP.Philis.ev
    W32/HLLP.Philis.fb
    W32/HLLP.Philis.fh
    W32/HLLP.Philis.ff
    W32/HLLP.Philis.dl
    W32/HLLP.Philis.dj
    W32/HLLP.Philis.dh
    W32/HLLP.Philis.dp
    W32/HLLP.Philis.fi
    W32/HLLP.Philis.fr
    W32/HLLP.Philis.fg
    W32/HLLP.Philis.fe
    W32/HLLP.Philis.fk
    W32/HLLP.Philis.ds
    W32/HLLP.Philis.cc
    W32/HLLP.Philis.bz
    W32/HLLP.Philis.eg
    W32/HLLP.Philis.eo
    W32/HLLP.Philis.cx
    W32/HLLP.Philis.df
    W32/HLLP.Philis.fp
    W32/HLLP.Philis.fx
    W32/HLLP.Philis.gc
    W32/HLLP.Philis.cn
    W32/HLLP.Philis.ft
    W32/HLLP.Philis.gp
    W32/HLLP.Philis.fm
    W32/HLLP.Philis.fu
    W32/HLLP.Philis.gj
    W32/HLLP.Philis.fw
    W32/HLLP.Philis.fv
    W32/HLLP.Philis.fs
    W32/HLLP.Philis.ew
    W32/HLLP.Philis.go
    W32/HLLP.Philis.cv
    W32/HLLP.Philis.ct
    W32/HLLP.Philis.de
    W32/HLLP.Philis.dc
    W32/HLLP.Philis.gb
    W32/HLLP.Philis.cw
    W32/HLLP.Philis.cu
    W32/HLLP.Philis.dd
    W32/HLLP.Philis.co
    W32/HLLP.Philis.cg
    W32/HLLP.Philis.cf
  Win32 (1)
    W32/Generic.m
  Worm (1)
    W32/HLLP.Philis.gg