Content

DAT Readme

Download the latest anti virus definitions for McAfee® VirusScan®. Ensure your McAfee® product contains the most up-to-date detection and prevention.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp

Latest Update
DAT Version 4992
DAT Release Date 03/26/2007
Threats Detected 238856
New Detections 7
Enhanced Detections 385

Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an Avert risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

Name Corporate Risk Assessment Home Risk Assessment
There are no noteworthy threats in this release

New Detections:

Trojan (6)
   (1)
    Generic.abh
  Generic (1)
    Spy-Agent.ba.gen
  Heuristic (3)
    New Malware.bo
    New Malware.bp
    New Malware.bn
  Win32 (1)
    W32/Generic.aaw!worm
Virus (1)
  Worm (1)
    W32/Sachy.worm

Enhanced Detections:

Internet Worm (3)
  Internet Relay Chat (3)
    W32/Sdbot.worm!7AF3267C
    W32/Sdbot.worm!811a7027
    W32/Nirbot.worm
Malware (1)
  Exploit (1)
    Exploit-MSWord.b
Program (6)
  Adware (2)
    Adware-Shorty
    Adware-Newweb
  Application extension (1)
    Adware-Softomate.dll
  Dropper (1)
    Adware-Softomate.dr
  Win32 (2)
    SpyDawn
    Portscan-EggDrop
Trojan (100)
   (6)
    Generic.dw
    Generic.dv
    Generic BackDoor.bb
    Generic.dy
    Generic.dx
    Generic.dz
  Application extension (2)
    Spy-Agent.ba.dll
    PWS-Goldun.dll
  Damaged Generic (1)
    PWS-Banker.gen.ae.dam
  Demonstration (3)
    JS/Exploit-SWFSpoof.demo
    Exploit-QtRTSP.demo
    Exploit-MSJet.demo
  Downloader (4)
    Downloader-AAP
    Downloader-AFW
    Downloader-AAP!zip
    PWS-Banker.dldr
  Downloader Generic (1)
    W32/Stration.gen.dldr
  Dropper (5)
    MultiDropper-FD
    BackDoor-CKB.dr
    PWS-Banker.dr.e
    PWS-Lineage.dr
    Allsum.dr
  Exploit (22)
    Exploit-ByteVerify
    Exploit-MSJet
    Exploit-MS01-034
    Exploit-TaroDrop
    Exploit-MSJet!BCB
    Exploit-CVE2006-4777
    Exploit-ObscuredHtml
    Exploit-MSExcel.gen
    Exploit-MS06-021.c
    Exploit-CHMChunk
    Exploit-MSWord.a
    Exploit-OleModule
    Exploit-MS06-027
    Exploit-MSExcel.c
    Exploit-MSExcel.h
    Exploit-MSJet.a
    Exploit-MSJet!Gen
    Exploit-MSJet!CKB
    Exploit-CVE2007-0515
    Exploit-CVE2007-0030
    Exploit-MSJet!BAE
    W97M/Exploit-JPEG
  Generic (8)
    Exploit-OleData.gen
    Exploit-MSExcel.d.gen
    PWS-Banker.gen.ae
    PWS-Banker.gen.ad
    Exploit-MSExcel.f.gen
    PWS-Banker.gen.bb
    PWS-Banker.gen.l
    PWS-Banker.gen.t
  Heuristic (12)
    New Malware.bi
    New Malware.bg
    New Malware.be
    New Malware.n
    New Malware.bm
    New Malware.bl
    New Downloader.b
    New Malware.bk
    New Malware.bj
    New Malware.bh
    New Malware.bf
    New Malware.z
  HTML document (1)
    BackDoor-AXJ.htm
  Password (3)
    PWS-LegMir
    PWS-QQPass
    Generic PWS
  Password Stealer (10)
    PWS-LegMir.dll
    PWS-Gamania
    PWS-Mesgra
    PWS-MediaNav
    PWS-Banker
    PWS-Banker!1d2e
    PWS-Poker
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-Lineage
  Remote Access (5)
    Generic BackDoor
    BackDoor-AWQ
    BackDoor-DIR
    BackDoor-DKA
    BackDoor-CVM
  Rootkit (1)
    VAnti.sys
  Script (1)
    Generic component
  Trojan (1)
    Spy-Agent.ba
  Win32 (14)
    Generic Downloader
    QLowZones-42
    Puper
    AdClicker-EV
    ShipUp
    Spy-Agent.bw
    Generic Downloader.y
    Generic Dropper.p
    Swizzor
    Generic PWS.o
    Generic MSVC.b
    Generic Downloader.ab
    Vundo
    Generic Dropper.w
Virus (275)
  Application extension Generi (1)
    W32/Bagle.dll.gen
  Configuration settings (1)
    W32/HLLP.Philis.ini
  Dropper (2)
    W32/Lovelorn.dr
    W32/HLLP.Philis.dr
  Dropper Email (1)
    W32/Mytob.dr@MM
  E-mail (9)
    W32/Mytob.be@MM
    W32/Mytob.bi@MM
    W32/Mytob.bj@MM
    W32/Mytob.bo@MM
    W32/Mytob.bl@MM
    W32/Mytob.br@MM
    W32/Mytob.bf@MM
    W32/Mytob.cg@MM
    W32/Mytob.ch@MM
  Email (69)
    W32/Mytob.hr@MM
    W32/Stration@MM
    W32/Mytob.b@MM
    W32/Mytob.a@MM
    W32/Mytob.ev@MM
    W32/Mytob.at@MM
    W32/Mytob.ib@MM
    W32/Mytob.io@MM
    W32/Mytob.av@MM
    W32/Mytob.au@MM
    W32/Mytob.hy@MM
    W32/Mytob.fy@MM
    W32/Mytob.fw@MM
    W32/Mytob.fx@MM
    W32/Mytob.gg@MM
    W32/Mytob.gl@MM
    W32/Mytob.gj@MM
    W32/Mytob.gi@MM
    W32/Mytob.hs@MM
    W32/Mytob.bg@MM
    W32/Mytob.bx@MM
    W32/Mytob.cd@MM
    W32/Nuwar@MM
    W32/Mytob.gd@MM
    W32/Mytob.gc@MM
    W32/Mytob.gb@MM
    W32/Mytob.ga@MM
    W32/Mytob.gf@MM
    W32/Mytob.gp@MM
    W32/Mytob.gq@MM
    W32/Lovecan@MM
    W32/Mytob.bn@MM
    W32/Mytob.dh@MM
    W32/Mytob.r@MM
    W32/Mytob.e@MM
    W32/Mytob.c@MM
    W32/Mytob.gt@MM
    W32/Mytob.g@MM
    W32/Mytob.bt@MM
    W32/Mytob.bp@MM
    W32/Mytob.ct@MM
    W32/Mytob.cf@MM
    W32/Mytob.dd@MM
    W32/Mytob.ca@MM
    W32/Mytob.n@MM
    W32/Mytob.f@MM
    W32/Mytob.d@MM
    W32/Mytob.cs@MM
    W32/Mytob.dk@MM
    W32/Mytob.dz@MM
    W32/Mytob.eb@MM
    W32/Mytob.ds@MM
    W32/Mytob.ea@MM
    W32/Mytob.gu@MM
    W32/Mytob.gx@MM
    W32/Mytob.hq@MM
    W32/Mytob.ej@MM
    W32/Mytob.hp@MM
    W32/Mytob.gy@MM
    W32/Mytob.hf@MM
    W32/Mytob.gw@MM
    W32/Mytob.gz@MM
    W32/Mytob.hg@MM
    W32/Mytob.hh@MM
    W32/Mytob.hi@MM
    W32/Mytob.gv@MM
    W32/Mytob.he@MM
    W32/Mytob.es@MM
    W32/Mytob.eq@MM
  Email Generic (1)
    W32/Mytob.gen@MM
  Floppy Worm (1)
    W32/Lovero.worm
  Generic (1)
    W32/HLLP.Philis.gr
  Generic Worm (8)
    W32/Sdbot.worm.gen.as
    W32/Sdbot.worm.gen.n
    W32/Sdbot.worm.gen.x
    W32/Sdbot.worm.gen.ce
    W32/Sdbot.worm.gen.ca
    W32/Sdbot.worm.gen.ag
    W32/Sdbot.worm.gen.ax
    W32/Sdbot.worm.gen.ac
  Internet Worm (3)
    W32/Sdbot.worm
    W32/Lovelorn@MM
    W32/Mytob.bk@MM
  Parasitic (170)
    W32/HLLP.Philis.cj
    W32/HLLP.Philis.bs
    W32/HLLP.Philis.fq
    W32/HLLP.Philis.ga
    W32/HLLP.Philis.gd
    W32/HLLP.Philis.gz
    W32/HLLP.Philis.hk
    W32/HLLP.Philis.hr
    W32/HLLP.Philis.hx
    W32/HLLP.Philis.hv
    W32/HLLP.Philis.ea
    W32/HLLP.Philis.if
    W32/HLLP.Philis.cs
    W32/HLLP.Philis.cq
    W32/HLLP.Philis.em
    W32/HLLP.Philis.dg
    W32/HLLP.Philis.ih
    W32/HLLP.Philis.bw
    W32/HLLP.Philis.bu
    W32/HLLP.Philis.fz
    W32/HLLP.Philis.ef
    W32/HLLP.Philis.hh
    W32/HLLP.Philis.hf
    W32/HLLP.Philis.dy
    W32/HLLP.Philis.hz
    W32/HLLP.Philis.fa
    W32/HLLP.Philis.hc
    W32/HLLP.Philis.gh
    W32/HLLP.Philis.hd
    W32/HLLP.Philis.hq
    W32/HLLP.Philis.bv
    W32/HLLP.Philis.gx
    W32/HLLP.Philis.ex
    W32/HLLP.Philis.ez
    W32/HLLP.Philis.cl
    W32/HLLP.Philis.ha
    W32/HLLP.Philis.dx
    W32/HLLP.Philis.bq
    W32/HLLP.Philis.cm
    W32/HLLP.Philis.db
    W32/HLLP.Philis.dw
    W32/HLLP.Philis.da
    W32/HLLP.Philis.dv
    W32/HLLP.Philis.gq
    W32/HLLP.Philis.ho
    W32/HLLP.Philis.fj
    W32/HLLP.Philis.bm
    W32/HLLP.Philis.ca
    W32/HLLP.Philis.ic
    W32/HLLP.Philis.ib
    W32/HLLP.Philis.ia
    W32/HLLP.Philis.cz
    W32/HLLP.Philis.gi
    W32/HLLP.Philis.gf
    W32/HLLP.Philis.cr
    W32/HLLP.Philis.cp
    W32/HLLP.Philis.do
    W32/HLLP.Philis.dn
    W32/HLLP.Philis.ce
    W32/HLLP.Philis.cd
    W32/HLLP.Philis.by
    W32/HLLP.Philis.gv
    W32/HLLP.Philis.hj
    W32/HLLP.Philis.he
    W32/HLLP.Philis.fd
    W32/HLLP.Philis.fc
    W32/HLLP.Philis.gu
    W32/HLLP.Philis.hp
    W32/HLLP.Philis.ee
    W32/HLLP.Philis.ec
    W32/HLLP.Philis.eb
    W32/HLLP.Philis.dm
    W32/HLLP.Philis.hi
    W32/HLLP.Philis.ed
    W32/HLLP.Philis.ck
    W32/HLLP.Philis.bx
    W32/HLLP.Philis.gk
    W32/HLLP.Philis.gl
    W32/HLLP.Philis.ge
    W32/HLLP.Philis.en
    W32/HLLP.Philis.el
    W32/HLLP.Philis.fn
    W32/HLLP.Philis.hn
    W32/HLLP.Philis.eu
    W32/HLLP.Philis.et
    W32/HLLP.Philis.eq
    W32/HLLP.Philis.es
    W32/HLLP.Philis.er
    W32/HLLP.Philis.ep
    W32/HLLP.Philis.fl
    W32/HLLP.Philis.du
    W32/HLLP.Philis.dk
    W32/HLLP.Philis.di
    W32/HLLP.Philis.bp
    W32/HLLP.Philis.eh
    W32/HLLP.Philis.dt
    W32/HLLP.Philis.cy
    W32/HLLP.Philis.ej
    W32/HLLP.Philis.ei
    W32/HLLP.Philis.bt
    W32/HLLP.Philis.ch
    W32/HLLP.Philis.ci
    W32/HLLP.Philis.id
    W32/HLLP.Philis.il
    W32/HLLP.Philis.ie
    W32/HLLP.Philis.ij
    W32/HLLP.Philis.gn
    W32/HLLP.philis.hb
    W32/HLLP.Philis.hy
    W32/HLLP.Philis.ik
    W32/HLLP.Philis.ig
    W32/HLLP.Philis.gm
    W32/HLLP.Philis.dq
    W32/HLLP.Philis.ev
    W32/HLLP.Philis.fb
    W32/HLLP.Philis.fh
    W32/HLLP.Philis.ff
    W32/HLLP.Philis.dl
    W32/HLLP.Philis.dj
    W32/HLLP.Philis.dh
    W32/HLLP.Philis.dp
    W32/HLLP.Philis.fi
    W32/HLLP.Philis.fr
    W32/HLLP.Philis.gw
    W32/HLLP.Philis.fg
    W32/HLLP.Philis.fe
    W32/HLLP.Philis.fk
    W32/HLLP.Philis.ht
    W32/HLLP.Philis.hm
    W32/HLLP.Philis.ds
    W32/HLLP.Philis.cc
    W32/HLLP.Philis.bz
    W32/HLLP.Philis.eg
    W32/HLLP.Philis.eo
    W32/HLLP.Philis.cx
    W32/HLLP.Philis.df
    W32/HLLP.Philis.fp
    W32/HLLP.Philis.fx
    W32/HLLP.Philis.gc
    W32/HLLP.Philis.gt
    W32/HLLP.Philis.hg
    W32/HLLP.Philis.cn
    W32/HLLP.Philis.gs
    W32/HLLP.Philis.gy
    W32/HLLP.Philis.hl
    W32/HLLP.Philis.ii
    W32/HLLP.Philis.ft
    W32/HLLP.Philis.gp
    W32/HLLP.Philis.fm
    W32/HLLP.Philis.fu
    W32/HLLP.Philis.gj
    W32/HLLP.Philis.fw
    W32/HLLP.Philis.fv
    W32/HLLP.Philis.fs
    W32/HLLP.Philis.hw
    W32/HLLP.Philis.hu
    W32/HLLP.Philis.hs
    W32/HLLP.Philis.ew
    W32/HLLP.Philis.go
    W32/HLLP.Philis.cv
    W32/HLLP.Philis.ct
    W32/HLLP.Philis.de
    W32/HLLP.Philis.dc
    W32/HLLP.Philis.gb
    W32/HLLP.Philis.cw
    W32/HLLP.Philis.cu
    W32/HLLP.Philis.dd
    W32/HLLP.Philis.co
    W32/HLLP.Philis.cg
    W32/HLLP.Philis.cf
  Script (1)
    VBS/IE-Title
  Win32 (3)
    W32/Sality.z
    W32/Sality.aa
    W32/Sality.ab
  Worm (4)
    W32/HLLP.Philis.gg
    W32/MoonLight.worm
    W32/Mytob.worm!im
    W32/Generic.worm.i