卡巴斯基爛死了害我裝備被盜 - PCDVD數位科技討論區

chingmaio

*停權中*

加入日期: Aug 2006

文章: 820

引用:

作者B.Fox

恕刪...
以前我在幾個禮拜前遇過的來說
當時我剛試用NOD32
他就刪掉了EvID4226Patch.exe
這檔案有沒有木馬我不知道
我只知道用過的人應該不少
而且我也知道這檔案我要留著
不然以後無法破解SP2連線數限

EvID4226Patch.exe可以更改連線數.
所以.判定為惡意程式.
這也是XP更新時,將連線數改成10的原因之一....

不過..
有不少類似的程式,nod都是判定成惡意程式.
有用p2p的應該覺得很麻煩吧...

2006-08-28, 08:14 PM #171

野口隆史

Elite Member

加入日期: Mar 2001

您的住址: Rivia

文章: 7,054

引用:

作者chingmaio

是駭客工具...不是惡意程式..
NOD32的REPORT寫的很清楚明白...
惡意程式是有潛在的危險,兩者性質上差很多..

__________________
Folding@home with GPGPU集中討論串

Unix Review: ArchLinux●Sabayon●OpenSolaris 2008.5●Ubuntu 8.10
AVs Review: GDTC●AntiVir SS●ESS●KIS 09●NIS 09●Norton 360 V3

I Always Get What I Want.

2006-08-28, 08:20 PM #172

野口隆史

Elite Member

加入日期: Mar 2001

您的住址: Rivia

文章: 7,054

我這次直接在信裡說明了哪些軟體會報,哪些軟體不會報
Kaspersky這次讓我等了很久
依舊是簡潔有利的回答...

引用:

Hello
There are nothing milicious has been detected

Regards, Chugunov Evgeniy
Virus Analyst, Kaspersky Lab.
Ph.: +7(095) 797-8700

ANTIVIR也回應了
大意是說在我附加的檔案裡頭有發現新的病毒
不過病毒類型似乎變了?!
並會下次特徵碼更新的時候會加入

引用:

Dear Sir or Madam,

Thank you for your recent inquiry.

We found a new virus in the attachment you have sent us.
The signature will be integrated in one of our next updates.
The signature of the virus will be detected as TR/AXW.A.

__________________
Folding@home with GPGPU集中討論串

Unix Review: ArchLinux●Sabayon●OpenSolaris 2008.5●Ubuntu 8.10
AVs Review: GDTC●AntiVir SS●ESS●KIS 09●NIS 09●Norton 360 V3

I Always Get What I Want.

2006-08-29, 04:47 AM #175

野口隆史

Elite Member

加入日期: Mar 2001

您的住址: Rivia

文章: 7,054

MCAFEE也回信了,不過我看的似懂非懂,沒辦法翻譯...
請英文達人幫個忙...

引用:

AVERT Labs - Beaverton

Current Scan Engine Version:4.4.00

Current DAT Version:4838

Thank you for your submission.

Analysis ID: 2500510

File Name Findings
Detection
Type Extra
--------------------|------------------------------|------------------------
----|------------|-----
dtr.dll |inconclusive |
| |no
hook.dll |inconclusive |
| |no
n[|t+|forxp.exe |inconclusive |
| |no
n[|tnt.ini |inconclusive |
| |no

inconclusive [dtr.dll hook.dll n[|t+|forxp.exe
n[|tnt.ini]

Upon analysis the file submitted does not appear to
contain one of the
100,000 known
threats in the AutoImmune database. The file may
contain a new malware
threat, or no
code capable of being infected. Your submission is
being forwarded to an
AVERT
Researcher for further analysis. You will be contacted
by AVERT through
e-mail with
the results of that analysis.

To find detailed information about viruses and other
malware, please review
AVERT’s
Virus Information Library:

http://vil.mcafeesecurity.com

In order to get the fastest possible response, you may
wish to submit future

virus-samples to:

https://www.webimmune.net/default.asp

In most cases it can respond almost instantly with a
solution. This may also
be the
best option if you are having a problem with gateway
scanners stripping your
sample
submission.

If you believe your computer is infected, but are
unsure which files should
be
submitted to AVERT for review, please visit:

http://vil.mcafeesecurity.com/vil/submit-sample.aspx

For other virus-related information, please review the
AVERT homepage at:

http://www.mcafee.com/us/threat_center/default.asp

Support –

Virus Research accepts file-samples for analysis and
possible inclusion into
AV
signature DAT sets. We are also prepared to answer
general virus questions.
All
product-related questions and comments can be
addressed through technical
support and
customer service, including:

* Product installation and update questions

* Product usage questions

* Specific operating system/version questions

* Assistance with detection and cleaning or removal of
viruses or trojans

Use the following link to update your DAT and scan
engine to the most
current version:

http://www.mcafee.com/apps/download...updates/dat.asp

Use the following links to reach online technical
support for McAfee
products -

Corporate Customers:

http://www.mcafeesecurity.com/us/support/

Single User/Retail Customers:

http://www.mcafeehelp.com

Note –

Due to the prevalence of network gateway AV products,
it is important that
all
submissions be zipped and the zip file
password-protected (password -
infected). Some
products will reject an email that contains a virus
that is not sent in this
way. In
addition, often we receive a file that appears not to
have been infected, to
find
later that the file was infected when it left the
sender, and was cleaned
somewhere
along the line.

Regards,

McAfee AVERT tm

A division of McAfee, Inc

__________________
Folding@home with GPGPU集中討論串

Unix Review: ArchLinux●Sabayon●OpenSolaris 2008.5●Ubuntu 8.10
AVs Review: GDTC●AntiVir SS●ESS●KIS 09●NIS 09●Norton 360 V3

I Always Get What I Want.

2006-08-29, 04:58 AM #176

chaotommy

Elite Member

加入日期: Mar 2003

您的住址: Vancouver, Canada

文章: 15,006

引用:

作者野口隆史

MCAFEE也回信了,不過我看的似懂非懂,沒辦法翻譯...
請英文達人幫個忙...

廢話部份就不用管了
這個才是重要部份

Upon analysis the file submitted does not appear to
contain one of the100,000 known threats in the AutoImmune database.

送過去的檔案在他們的 (100,000個病毒) 病毒資料庫(AutoImmune data 自動防禦資料庫

) 沒有符合的資料

The file may contain a new malware threat, or no code capable of being infected. Your submission is being forwarded to an AVERT Researcher for further analysis. You will be contacted by AVERT through e-mail with
the results of that analysis.

這個檔案可能是一個新的 malware 或者是沒有攻擊能力.
他們會把這個檔案轉給 AVERT Researcher 做更進一步的研究
如果有更新(或者是有結果)的消息會再EMAIL給你

(爛爛的翻譯... 將就一下吧

)

2006-08-29, 05:21 AM #177

野口隆史

Elite Member

加入日期: Mar 2001

您的住址: Rivia

文章: 7,054

先感謝chaotommy 兄的翻譯

MCAFEE又回信了..
MCAFEE好像也不是很肯定這個檔案到底有什麼問題...

引用:

A.V.E.R.T. Sample Analysis
Issue Number:2500510
Virus Research Analyst: Brant Yaeger

AVERT Labs, Beaverton

Thank you for submitting your suspicious file.

Synopsis -

These files are being considered for inclusion in future DAT sets.

In order to get the fastest possible response, you may wish to submit
virus-samples to http://www.webimmune.net. In most cases it can respond
almost instantly with a solution.

Please note our policies for submissions:

All submissions must be in password-protected ZIP files (password -
infected) containing 30 files or less or being less than 3MB total unpacked
size. Please send only one ZIP file per submission, and one submission per
day. This allows submissions to be initially analyzed by our automated
systems, so they can be processed by our researchers more quickly.

Please resubmit any relevant files according to the guidelines listed above.

We cannot accept samples of virus source-code. We cannot compile possible
virus source code to analyze, because to do so would be a serious breach of
AV ethics. Also, in order to create detection for any new malware, we need
a copy of the malware itself to ensure that we have a complete sample, for
proper detection and cleaning capability.

Support -

Virus Research accepts file-samples for analysis and possible inclusion into
AV signature DAT sets. We are also prepared to answer general virus
questions.

All product-related questions and comments can be addressed through
technical support and customer service, including:

* Product installation and update questions
* Product usage questions
* Specific operating system/version questions
* Assistance with detection and cleaning or removal of viruses or trojans

Use the following link to reach online technical support for McAfee
products.

Corporate Customers:
https://mysupport.mcafeesecurity.com/

Single User/Retail Customers:
http://www.mcafeehelp.com

Regards,

Brant Yaeger
Virus Research Analyst
McAfee AVERT
A division of McAfee, Inc.

ASA-05

__________________
Folding@home with GPGPU集中討論串

Unix Review: ArchLinux●Sabayon●OpenSolaris 2008.5●Ubuntu 8.10
AVs Review: GDTC●AntiVir SS●ESS●KIS 09●NIS 09●Norton 360 V3

I Always Get What I Want.

此文章於 2006-08-29 10:56 AM 被野口隆史編輯.

2006-08-29, 10:54 AM #179

ninjaboy

Major Member

加入日期: Feb 2003

文章: 101

引用:

作者leewayne

也許此一時彼一時吧！
敝人也是被站上一窩蜂大推卡巴而從 Norton 2006 轉到卡巴，
結果.........
結果.........
上個月中一堆病毒，其中有兩個根本看的到而解不了，
最後連開機都成了問題............
只好把硬碟拔下，到另一台有安裝 Norton2006 的系統上解毒，
但不太敢批卡巴，因為一定會有人跳出來說「卡巴是無誤的，是使用者自己不會用。」
有圖為證：底下這兩隻毒，卡巴根本就是直接放行，全無警告：
http://www.taiker.net/files/snap023.JPG
由於該發信人的 ID 是「學生家長」，所以不疑有他便點了附加檔，
卡巴連警告也沒，就直接放行，結果卡巴無解，只有拆硬碟到另一台電腦解。
不過，卡巴能拿第一，應該還是有它專精的一面，所以還要再多論據來評論卡巴才好。

下次看到.scr的盡量別去執行，因為基本上都是病毒

__________________
CPU:K8 3000
主機板：GA-K8N Ultra-SLI
記憶體：創見512MB X 2
顯示卡：ELSA 6600GT PCI-E X 1
硬碟：WD 120GB SATA + 250GB SATAII + 40GB X 2 + 80GB
螢幕：MOZO 17"
電視盒：U1500
光碟機：華碩 E616P2+A09 X 2

2006-08-29, 10:58 AM #180

joe7569 Basic Member 加入日期: Feb 2004 文章: 22	我記得這加速器很久以前就有當初作者也有說很多防毒軟體會誤判他說跟他寫的程式語法有關係不知道可信度如何
2006-08-29, 09:05 AM #178