Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

Latest Update
DAT Version 4972
DAT Release Date 02/27/2007
Threats Detected 231362
New Detections 13
Enhanced Detections 174

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (2)
   (1)
    Generic Toolbar
  Dropper (1)
    Adware-LugSearch.dr
Trojan (10)
   (4)
    Generic.aaq
    Generic.aap
    Generic.aao
    FrogExer
  Downloader (1)
    Downloader-VideoCach
  Exploit (1)
    Exploit-CVE2007-1092!demo
  Win32 (4)
    W32/Generic.aaf!worm
    W32/Generic.aad!worm
    W32/Generic.aae!worm
    W32/Generic.aac!worm
Virus (1)
  Generic (1)
    W32/Wuke.sys.gen

Enhanced Detections:

Program (8)
   (2)
    Generic AboutBlank
    Generic PUP.d
  Adware (5)
    Adware-BDSearch
    Adware-BDSearch.sys
    Adware-CramToolbar
    Adware-CDNHelper
    Adware-Softomate
  Application extension (1)
    Adware-BDSearch.dll
Trojan (75)
   (8)
    Generic BackDoor.d
    Generic.dq
    Generic.dp
    Generic.dn
    Generic.ds
    Generic MultiDropper.f
    AdClicker-FA
    Generic.do
  Application extension (3)
    PWS-LegMir.dll
    BackDoor-AWQ.dll
    Spy-Agent.ba.dll
  Demonstration (1)
    JS/Exploit-DialogArg.a.demo
  Downloader (8)
    Downloader-AYU
    PWS-Banker.dldr.d
    Downloader-BAE
    PWS-WoW.dldr
    Downloader-AYN
    Downloader-AYJ
    PWS-Banker.dldr
    Downloader-AXR
  Dropper (6)
    MultiDropper-FD
    BackDoor-AWQ.dr
    PWS-Banker.dr.a
    PWS-Lineage.dr
    MultiDropper-LX
    PWS-WoW.dr
  Exploit (6)
    Exploit-ByteVerify
    Exploit-ByteVerify.a
    Exploit-CVE2006-4534
    Exploit-CVE2006-4704!demo
    JS/Exploit-DialogArg.b
    JS/Exploit-DialogArg.a
  Generic (4)
    PWS-Banker.gen.ad
    PWS-Banker.gen.g
    PWS-Banker.gen.t
    JS/Exploit-DialogArg.gen
  Heuristic (13)
    New Malware.d
    New Malware.am
    New Malware.ao
    New Malware.al!enc
    New Malware.an
    New Malware.ag
    New Malware.ah
    New Malware.ai
    New Malware.z
    New Malware.w
    New Malware.aq
    New Malware.av
    New Malware.ap
  Malware Tool (1)
    NTRootKit-U
  Password (1)
    PWS-LegMir
  Password Stealer (7)
    PWS-JA
    Generic PWS.u
    PWS-Banker!1d2e
    PWS-Banker.gen.ac
    PWS-Banker.gen.aa
    PWS-WoW
    PWS-Lineage
  Remote Access (5)
    BackDoor-AWQ.b
    BackDoor-AWQ
    BackDoor-CZF
    BackDoor-CVM
    BackDoor-CWT
  Script (1)
    Generic component
  Spyware (1)
    FormSpy
  Win32 (10)
    Spy-Agent.bg
    Generic MultiDropper.a
    AdClicker-EV
    Spy-Agent.ba
    Generic Downloader.af
    Generic Dropper.i
    Generic Downloader.ab
    Generic Spy.b
    Generic ProcKill.a
    QLowZones-35
Virus (91)
  - (1)
    W32/Wuke!htm
  Damaged (1)
    W32/Mytob.dam
  Downloader Worm (1)
    W32/Sdbot.worm.dldr
  Dropper (1)
    W32/Wuke.dr
  E-mail (4)
    W32/Mytob.ig@MM
    W32/Mytob.gr@MM
    W32/Mytob.ih@MM
    W32/Mytob.ii@MM
  Email (73)
    W32/Mytob.ao@MM
    W32/Mytob.al@MM
    W32/Mytob.ew@MM
    W32/Mytob.ie@MM
    W32/Mytob.fa@MM
    W32/Mytob.ft@MM
    W32/Mytob.fs@MM
    W32/Mytob.aw@MM
    W32/Mytob.fr@MM
    W32/Mytob.ba@MM
    W32/Mytob.bc@MM
    W32/Mytob.bb@MM
    W32/Mytob.bd@MM
    W32/Mytob.id@MM
    W32/Mytob.fu@MM
    W32/Mytob.fw@MM
    W32/Mytob.fv@MM
    W32/Mytob.ge@MM
    W32/Mytob.go@MM
    W32/Mytob.bu@MM
    W32/Mytob.bq@MM
    W32/Mytob.by@MM
    W32/Mytob.cq@MM
    W32/Mytob.ck@MM
    W32/Mytob.fz@MM
    W32/Mytob.gf@MM
    W32/Mytob.gn@MM
    W32/Mytob.gp@MM
    W32/Mytob.cw@MM
    W32/Mytob.p@MM
    W32/Mytob.i@MM
    W32/Mytob.k@MM
    W32/Mytob.r@MM
    W32/Mytob.gm@MM
    W32/Mytob.gs@MM
    W32/Mytob.m@MM
    W32/Mytob.bs@MM
    W32/Mytob.de@MM
    W32/Mytob.cb@MM
    W32/Mytob.do@MM
    W32/Mytob.dl@MM
    W32/Mytob.in@MM
    W32/Mytob.h@MM
    W32/Mytob.j@MM
    W32/Mytob.l@MM
    W32/Mytob.o@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.y@MM
    W32/Mytob.cr@MM
    W32/Mytob.cl@MM
    W32/Mytob.ci@MM
    W32/Mytob.cx@MM
    W32/Mytob.cy@MM
    W32/Mytob.dn@MM
    W32/Mytob.ei@MM
    W32/Mytob.aa@MM
    W32/Mytob.ad@MM
    W32/Mytob.dw@MM
    W32/Mytob.dv@MM
    W32/Mytob.du@MM
    W32/Mytob.aj@MM
    W32/Mytob.z@MM
    W32/Mytob.hq@MM
    W32/Mytob.eg@MM
    W32/Mytob.ho@MM
    W32/Mytob.hn@MM
    W32/Mytob.hk@MM
    W32/Mytob.hm@MM
    W32/Mytob.hj@MM
    W32/Mytob.ha@MM
    W32/Mytob.em@MM
    W32/Mytob.en@MM
  Email Generic (2)
    W32/Rontokbro.gen@MM
    W32/Mytob.gen@MM
  Generic (2)
    W32/IRCbot.gen
    W32/IRCbot.gen.b
  Generic Worm (1)
    W32/Sdbot.worm.gen.h
  Internet Worm (1)
    W32/Spybot.worm.gen
  Script (1)
    VBS/IE-Title
  VbScript (1)
    New Script
  Win32 (2)
    W32/USBAgent
    W32/Wuke