活动热身：让我们一起改进诺顿引擎！

sun2009

dfliaoyue 发表于 2013-7-13 11:32
破解文件靠人工判断？

可能一些破解文件本身就被定义为不良文件吧，这个不清楚。。。

dfliaoyue

sun2009 发表于 2013-7-13 11:35
可能一些破解文件本身就被定义为不良文件吧，这个不清楚。。。

我是觉得误报还是比较恼火。如果你很了解还好说，不然来个误报，是不是还得手动上传Totalscan或者火眼看一下？

尘梦幽然

zdhsjs2011 发表于 2013-7-13 10:29
报我CF更新包，，，100多M呢

求下载地址
历史记录
历史记录复制到剪切板

尘梦幽然

dragon2009120 发表于 2013-7-13 09:51
呵呵，要改进误报的话首先就要先对下载分析下手啊！那玩意简直就是万物杀！没人用，杀！太新了，也杀！[:21 ...

嗯，要改进分析引擎质量

dragon2009120

zdhsjs2011 发表于 2013-7-13 10:29
报我CF更新包，，，100多M呢

确定是去官网下的吗？有时候下载链接有问题它也会杀的

消停

sun2009 发表于 2013-7-13 10:55
下载报安全，这么少的人在用下载都安全，也不知是不是之前有人已经上报过了。。。

2014报有一些不可信，但没直接删除！

Filename: modeltest.exe
Full Path: C:\Users\Administrator\Desktop\modeltest.exe
____________________________

Details
Stability Unknown,  Very Few Users,  Very New,  Poor

Origin
Downloaded from 
https://att.kafan.cn/forum.php?mo ... Dc5OTA2N3wxNTk3NDY2

Activity
Actions performed: Suspicious actions performed: None
____________________________

Developers 
Not Available

Version 
Not Available

Identified 
2013-7-13 at 13:13:22

Last Used 
Not Available

Startup Item 
No
____________________________

Unknown
This program crash history is not known.

Very Few Users
Fewer than 5 users in the Norton Community have used this file.

Very New
This file was released less than 1 week  ago.

Poor
There are some indications that this file is untrustworthy.
____________________________

https://att.kafan.cn/forum.php?mo ... Dc5OTA2N3wxNTk3NDY2

Downloaded File modeltest.exe from att.kafan.cn

winrar.exe

File Created:
modeltest.exe
____________________________

File Thumbprint - SHA:
0c29eba6e177cba9a8c06d41b06aa30f3c502bac3932e85e35a4789a6d3a5175
File Thumbprint - MD5:
db213d1d9ad4cdcbfb2416e49bb9fb32




但是双击后下载智能分析还是杀了：

Filename: modeltest.exe
Threat name: WS.Reputation.1
Full Path: c:\users\administrator\desktop\modeltest.exe

____________________________

Details
Unknown Community Usage,  Unknown Age,  Risk Medium

Origin
Downloaded from
 https://att.kafan.cn/forum.php?mo ... Dc5OTA2N3wxNTk3NDY2

Activity
Actions performed: Actions performed: 1
____________________________

On computers as of 
Not Available


Last Used 
2013-7-13 at 13:14:57


Startup Item 
No


Launched 
No
____________________________

Unknown
It is unknown how many users in the Norton Community have used this file.

Unknown
This file release is currently not known.

Medium
This file risk is medium.

Threat type: Insight Network Threat. There are many indications that this file is untrustworthy and therefore not safe

____________________________

https://att.kafan.cn/forum.php?mo ... Dc5OTA2N3wxNTk3NDY2

Downloaded File modeltest.exe Threat name: WS.Reputation.1
from att.kafan.cn

Source: External Media

____________________________

File Actions

File: c:\users\administrator\desktop\ modeltest.exe Removed
____________________________


File Thumbprint - SHA:
0c29eba6e177cba9a8c06d41b06aa30f3c502bac3932e85e35a4789a6d3a5175
File Thumbprint - MD5:
Not available

sun2009

消停 发表于 2013-7-13 13:17
2014报有一些不可信，但没直接删除！

Filename: modeltest.exe

那这个是误报，应该上报了。。。

zdhsjs2011

dragon2009120 发表于 2013-7-13 12:54
确定是去官网下的吗？有时候下载链接有问题它也会杀的

真的啊，我一般都是用的QQ旋风去官网下载

zdhsjs2011

尘梦幽然 发表于 2013-7-13 12:33
求下载地址
历史记录
历史记录复制到剪切板

我都忘了啊，，给我报了之后给我删除了，，我就还原回来了

欧阳宣

几乎每个迅雷刚出时的zlib1.dll或者libexpat.dll都会被报ws.reputation.1,这种是想上报都报不过来啊