Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

Latest Update
DAT Version 4982
DAT Release Date 03/12/2007
Threats Detected 235220
New Detections 18
Enhanced Detections 342

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Program (1)
  Tool (1)
    HTool-PCAny
Trojan (8)
   (3)
    Generic.abb
    Generic.aba
    Generic.dx
  Damaged (1)
    W32/Tinit.dam
  Tool (1)
    HTool-ExpMS06040
  Win32 (3)
    W32/Generic.aap!worm
    W32/Generic.aaq!worm
    Generic PWS.x
Virus (9)
  Downloader (1)
    W32/Wuke.dldr
  Parasitic (5)
    W32/HLLP.Philis.ho
    W32/HLLP.Philis.hp
    W32/HLLP.Philis.hn
    W32/HLLP.Philis.hm
    W32/HLLP.Philis.hl
  Script (1)
    W32/Pahooka.bat
  Win32 (1)
    W32/Ridnu.b
  Worm (1)
    W32/Pahooka.worm

Enhanced Detections:

Internet Worm (2)
  Internet Relay Chat (2)
    W32/Sdbot.worm!7AF3267C
    W32/Nirbot.worm
Program (24)
   (4)
    Junk-NavQuar
    Generic AboutBlank
    Generic KeyLog
    Generic PUP.a
  - (2)
    Iroffer
    Proxy-OSS
  Adware (9)
    Adware-Cydoor
    Adware-Gain
    Adware-Searchcentrix
    Adware-Quickbar
    Adware-CDNHelper
    Adware-DesktopMedia
    Adware-PestTrap
    Adware-JMX
    Adware-CommanderNET
  Downloader (1)
    LSPP.dldr
  Dropper (2)
    Adware-Boran.dr
    Spyware-WebHancer.dr
  Generic (2)
    AdwareDropper-I.gen
    IBIS Dropper.gen
  Spyware (2)
    Spyware-Webhancer
    Spyware-JuanSearch
  Win32 (2)
    Picture-Aardcook
    PortScan-XShareZ
Trojan (88)
   (6)
    Generic.dw
    Generic Downloader.bd
    Generic.dv
    Generic BackDoor.t
    Generic Spy.e
    Generic Script
  - (2)
    NTRootKit-J
    Spam-Mailbot
  Application extension (3)
    PWS-LegMir.dll
    Spy-Agent.ba.dll
    Matcash.dll
  Application extension Generi (1)
    Puper.dll.gen
  Damaged (2)
    W32/Nuwar.dam
    BackDoor-AWQ.b.dam
  Downloader (12)
    W32/Bagle.ew
    JS/Exploit-CodeBase.dldr
    W32/Bagle.cj
    Downloader-AAP
    Downloader-AXI
    PWS-Banker.dldr
    Downloader-AGR
    VBS/Downloader-BAU
    Downloader-ZQ
    Downloader-AUW
    Downloader-BAL
    Downloader-ASH
  Downloader Generic (1)
    W32/Bagle.dldr
  Dropper (5)
    BackDoor-AGS.dr
    Spy-Agent.br.dr
    PWS-Gamania.dr
    Puper.dr
    PWS-Lineage.dr
  Exploit (10)
    Exploit-MSJet
    Exploit-PPT
    Exploit-CVE2006-6134
    Exploit-ObscuredHtml
    Exploit-MS06-021.b
    Exploit-MS06-021.c
    Exploit-CHMChunk
    Exploit-MS06-027
    Exploit-CVE2007-0031
    Exploit-CVE2007-0515
  Generic (4)
    PWS-Banker.gen.q
    PWS-Banker.gen.ad
    PWS-Banker.gen.bb
    Exploit-HLPWorkshop.gen
  Heuristic (5)
    New Malware.ao
    New Malware.al!enc
    New Malware.j
    New Downloader.b
    New Malware.ai
  Password (3)
    PWS-LegMir
    PWS-LDPinch
    PWS-LDPinch.dr!4f8fa1f
  Password Stealer (7)
    PWS-Gamania
    PWS-Maran
    PWS-Banker.gen.ac
    PWS-LDPinch!6e51bf02
    PWS-Hangame
    PWS-WoW
    PWS-Lineage
  Proxy (2)
    Proxy-FBSR
    Proxy-Agent.au
  Remote Access (7)
    BackDoor-AWQ.b
    BackDoor-AWI
    BackDoor-CUX
    BackDoor-DKA
    BackDoor-DKI
    BackDoor-BAC.sys
    BackDoor-CMQ
  Win32 (18)
    Generic Downloader.a
    Generic BackDoor.b
    Generic Downloader.c
    Generic Proxy.a
    Generic MultiDropper.d
    Generic Downloader.d
    Puper
    Generic Downloader.s
    QLowZones-15
    Generic BackDoor.be
    Generic Dropper.p
    Generic Downloader.q
    Generic Downloader.ab
    Vundo
    Generic Dropper.w
    QLowZones-3
    Generic Downloader.g
    AdClicker-BJ
Virus (228)
  Downloader (4)
    W32/Bagle.ci
    W32/Bagle.ck
    W32/Bagle.cl
    W32/Bagle.cn
  Dropper (1)
    W32/HLLP.Philis.dr
  Dropper Worm (1)
    W32/Kelvir.worm.dr
  E-mail (1)
    W32/Bagle.fd@MM
  E-mail worm (2)
    W32/Bagle.fc@MM
    W32/Bagle.fb@MM
  Email (4)
    W32/Stration@MM
    W32/Bagle.cd@MM
    W32/Nuwar@MM
    W32/Bagle.ff@MM
  Generic (5)
    W32/IRCbot.gen
    W32/HLLP.Philis.gr
    W32/IRCbot.gen.c
    W32/IRCbot.gen.a
    W32/Bagle.gen
  Generic Worm (11)
    W32/Sdbot.worm.gen.x
    W32/Sdbot.worm.gen.ce
    W32/Sdbot.worm.gen.bl
    W32/Sdbot.worm.gen.bk
    W32/Kelvir.worm.gen
    W32/Spybot.worm.gen.p
    W32/Sdbot.worm.gen.bz
    W32/Sdbot.worm.gen.bo
    W32/Sdbot.worm.gen.ax
    W32/Sdbot.worm.gen.bi
    W32/Sdbot.worm.gen.bj
  Heuristic (1)
    New Malware.b
  Internet Relay Chat Worm (1)
    W32/Sdbot.worm!73216
  Internet Worm (3)
    W32/Spybot.worm.gen
    W32/Kelvir.worm.bh
    W32/Kelvir.worm.f
  Parasitic (145)
    W32/HLLP.Philis
    W32/HLLP.Philis.cj
    W32/Elkern.cav.c
    W32/HLLP.Philis.bs
    W32/HLLP.Philis.fq
    W32/HLLP.Philis.ga
    W32/HLLP.Philis.gd
    W32/HLLP.Philis.gz
    W32/HLLP.Philis.hk
    W32/HLLP.Philis.ea
    W32/HLLP.Philis.cs
    W32/HLLP.Philis.cq
    W32/HLLP.Philis.em
    W32/HLLP.Philis.dg
    W32/HLLP.Philis.bw
    W32/HLLP.Philis.bu
    W32/HLLP.Philis.fz
    W32/HLLP.Philis.ef
    W32/HLLP.Philis.hh
    W32/HLLP.Philis.hf
    W32/HLLP.Philis.dy
    W32/HLLP.Philis.fa
    W32/HLLP.Philis.hc
    W32/HLLP.Philis.gh
    W32/HLLP.Philis.hd
    W32/HLLP.Philis.bv
    W32/HLLP.Philis.gx
    W32/HLLP.Philis.ex
    W32/HLLP.Philis.ez
    W32/HLLP.Philis.cl
    W32/HLLP.Philis.ha
    W32/HLLP.Philis.dx
    W32/HLLP.Philis.bq
    W32/HLLP.Philis.cm
    W32/HLLP.Philis.db
    W32/HLLP.Philis.dw
    W32/HLLP.Philis.da
    W32/HLLP.Philis.dv
    W32/HLLP.Philis.gq
    W32/HLLP.Philis.fj
    W32/HLLP.Philis.bm
    W32/HLLP.Philis.ca
    W32/HLLP.Philis.cz
    W32/HLLP.Philis.gi
    W32/HLLP.Philis.gf
    W32/HLLP.Philis.cr
    W32/HLLP.Philis.cp
    W32/HLLP.Philis.do
    W32/HLLP.Philis.dn
    W32/HLLP.Philis.ce
    W32/HLLP.Philis.cd
    W32/HLLP.Philis.by
    W32/HLLP.Philis.gv
    W32/HLLP.Philis.hj
    W32/HLLP.Philis.he
    W32/HLLP.Philis.fd
    W32/HLLP.Philis.fc
    W32/HLLP.Philis.gu
    W32/HLLP.Philis.ee
    W32/HLLP.Philis.ec
    W32/HLLP.Philis.eb
    W32/HLLP.Philis.dm
    W32/HLLP.Philis.hi
    W32/HLLP.Philis.ed
    W32/HLLP.Philis.ck
    W32/HLLP.Philis.bx
    W32/HLLP.Philis.gk
    W32/HLLP.Philis.gl
    W32/HLLP.Philis.ge
    W32/HLLP.Philis.en
    W32/HLLP.Philis.el
    W32/HLLP.Philis.fn
    W32/HLLP.Philis.eu
    W32/HLLP.Philis.et
    W32/HLLP.Philis.eq
    W32/HLLP.Philis.es
    W32/HLLP.Philis.er
    W32/HLLP.Philis.ep
    W32/HLLP.Philis.fl
    W32/HLLP.Philis.du
    W32/HLLP.Philis.dk
    W32/HLLP.Philis.di
    W32/HLLP.Philis.bp
    W32/HLLP.Philis.eh
    W32/HLLP.Philis.dt
    W32/HLLP.Philis.cy
    W32/HLLP.Philis.ej
    W32/HLLP.Philis.ei
    W32/HLLP.Philis.bt
    W32/HLLP.Philis.ch
    W32/HLLP.Philis.ci
    W32/HLLP.Philis.gn
    W32/HLLP.philis.hb
    W32/HLLP.Philis.gm
    W32/HLLP.Philis.dq
    W32/HLLP.Philis.ev
    W32/HLLP.Philis.fb
    W32/HLLP.Philis.fh
    W32/HLLP.Philis.ff
    W32/HLLP.Philis.dl
    W32/HLLP.Philis.dj
    W32/HLLP.Philis.dh
    W32/HLLP.Philis.dp
    W32/HLLP.Philis.fi
    W32/HLLP.Philis.fr
    W32/HLLP.Philis.gw
    W32/HLLP.Philis.fg
    W32/HLLP.Philis.fe
    W32/HLLP.Philis.fk
    W32/HLLP.Philis.ds
    W32/HLLP.Philis.cc
    W32/HLLP.Philis.bz
    W32/HLLP.Philis.eg
    W32/HLLP.Philis.eo
    W32/HLLP.Philis.cx
    W32/HLLP.Philis.df
    W32/HLLP.Philis.fp
    W32/HLLP.Philis.fx
    W32/HLLP.Philis.gc
    W32/HLLP.Philis.gt
    W32/HLLP.Philis.hg
    W32/HLLP.Philis.cn
    W32/HLLP.Philis.gs
    W32/HLLP.Philis.gy
    W32/HLLP.Philis.ft
    W32/HLLP.Philis.gp
    W32/HLLP.Philis.fm
    W32/HLLP.Philis.fu
    W32/HLLP.Philis.gj
    W32/HLLP.Philis.fw
    W32/HLLP.Philis.fv
    W32/HLLP.Philis.fs
    W32/HLLP.Philis.ew
    W32/HLLP.Philis.go
    W32/HLLP.Philis.cv
    W32/HLLP.Philis.ct
    W32/HLLP.Philis.de
    W32/HLLP.Philis.dc
    W32/HLLP.Philis.gb
    W32/HLLP.Philis.cw
    W32/HLLP.Philis.cu
    W32/HLLP.Philis.dd
    W32/HLLP.Philis.co
    W32/HLLP.Philis.cg
    W32/HLLP.Philis.cf
  Win32 (10)
    W32/Bagle.cp
    W32/Bagle.cq
    W32/Bagle.co
    W32/Bagle.cm
    W32/Bagle.dd
    W32/Bagle.ey
    W32/Cuckoo
    W32/Bagle.dc
    W32/Wuke
    W32/Ridnu.a
  Worm (39)
    W32/Kelvir.worm.eo
    W32/Kelvir.worm.ex
    W32/Kelvir.worm.al
    W32/Kelvir.worm.ap
    W32/Kelvir.worm.an
    W32/Kelvir.worm.ao
    W32/Kelvir.worm.am
    W32/Kelvir.worm.ec
    W32/Kelvir.worm.ax
    W32/Kelvir.worm.az
    W32/HLLP.Philis.gg
    W32/Kelvir.worm.ba
    W32/Kelvir.worm.ay
    W32/Kelvir.worm.bg
    W32/Spybot.worm!35700bf5
    W32/Kelvir.worm.e
    W32/Kelvir.worm.ca
    W32/Kelvir.worm.ci
    W32/Kelvir.worm.i
    W32/Kelvir.worm.o
    W32/Kelvir.worm.p
    W32/Kelvir.worm.l
    W32/Kelvir.worm.ch
    W32/Kelvir.worm.q
    W32/Kelvir.worm.w
    W32/Kelvir.worm.cu
    W32/Kelvir.worm.da
    W32/Kelvir.worm.cz
    W32/Kelvir.worm.dd
    W32/Kelvir.worm.cq
    W32/Kelvir.worm.cv
    W32/Kelvir.worm.cx
    W32/Kelvir.worm.cy
    W32/Kelvir.worm.ac
    W32/Kelvir.worm.aj
    W32/Kelvir.worm.ai
    W32/Kelvir.worm.db
    W32/Kelvir.worm.gc
    W32/Kelvir.worm.dy