原文:
AVERT Labs - Beaverton
Current Scan Engine Version:5300.2777
Current DAT Version:5453.0000
Thank you for your submission.
Analysis ID: 4989077
File Name Findings Detection Type Extra
--------------------|------------------------------|----------------------------|------------|-----
047f92f030a47eb28b08|no password | | |no
1d216a86ca6e7e68afa9|no password | | |no
1f44813d215b71eb3e2f|no password | | |no
32a55573996ae6805181|no password | | |no
550fd1be734603282edc|no malware | | |no
59011ea75efcd74a3184|no password | | |no
63d417c6b21dfffb71e2|no password | | |no
913ed32daf9a8c066789|no password | | |no
96e1458e9d22569b9e34|no password | | |no
97a8d4f46e7fca80b88f|no password | | |no
b5af80b070b99a8f55bd|inconclusive | | |no
bcc4635aa430babfccfb|no password | | |no
d187fa2a7ed2416f1ec7|new detection |generic downloader.x |Trojan |yes
e2c9b690bcbd16c52fe7|no password | | |no
Attached is a file for extra detection, which will be included in a future DAT set. We
have detected a virus or trojan that can only be detected and removed with the
attached EXTRA.DAT and current scan engine. The EXTRA.DAT must be used with the
current scan engine, and we highly recommend you update to the most current DAT
release. If you are not seeing this with the product you are using, please speak with
technical support so they can help you determine the cause of this discrepancy.
no password [047f92f030a47eb28b084e02e99ceb69.exe 1d216a86ca6e7e68afa9d23365a81d7b.sys
1f44813d215b71eb3e2f8cc4e624a242.sys 32a55573996ae680518179a33fba634a.sys
59011ea75efcd74a318416f7fa3e0b82.exe 63d417c6b21dfffb71e24a77164192bb.exe
913ed32daf9a8c06678927b1a60bf1ad.dll 96e1458e9d22569b9e34dce89b403e92.exe
97a8d4f46e7fca80b88fd6958d2c5ef0.sys bcc4635aa430babfccfbd14a922f4912.dll
e2c9b690bcbd16c52fe7c0a56d84f73e.exe]
A sample did not arrive in a password-protected ZIP file. To ensure the sample was not
cleaned in transit it is necessary to put all samples in password protected ZIP files
(password - infected). There may be an infection on your system but we are unable to
make a conclusive analysis without a sample being sent in this fashion.
Please make sure your engine and DAT files are up to date and then resend the files in
question if you feel that you do have an infection that is not present in this sample.
If you are unsure on how to password protect the files with your archiving software,
please review the help documentation included with the product or visit their
technical support sites.
no malware [550fd1be734603282edc1b85521d349c.exe]
Avert Labs has found no indications of malicious code. Upon examining the file we
observed no malicious behavior.
inconclusive [b5af80b070b99a8f55bdc2911e70dcc1.exe]
Upon analysis the file submitted does not appear to contain one of the 200,000 known
threats in the AutoImmune database. The file may contain a new threat, or no code
capable of being infected. Your submission is being forwarded to an Avert Labs
Researcher for further analysis. You will be contacted by AVERT through e-mail with
the results of that analysis.
new detection [d187fa2a7ed2416f1ec70ce5b8d9fb74.sys]
The file received contains a new virus or trojan. It is recommended that you update
your DAT and engine files and scan your computer again.
To find detailed information about viruses and other malware, please review AVERT抯
Virus Information Library:
http://vil.mcafeesecurity.com
You may wish to submit future malware samples to:
https://www.webimmune.net/default.asp
It may be the best option if you are having a problem with gateway scanners stripping
your sample submission.
If you believe your computer is infected, but are unsure which files should be
submitted to AVERT for review, please visit:
http://vil.mcafeesecurity.com/vil/submit-sample.aspx
For other virus-related information, please review the AVERT homepage at:
http://www.mcafee.com/us/threat_center/default.asp
Support
Virus Research accepts file-samples for analysis and possible inclusion into AV
signature DAT sets. We are also prepared to answer general virus questions. All
product-related questions and comments can be addressed through technical support and
customer service, including:
* Product installation and update questions
* Product usage questions
* Specific operating system/version questions
* Assistance with detection and cleaning or removal of viruses or trojans
Use the following link to update your DAT and scan engine to the most current version:
http://www.mcafee.com/apps/downloads/security_updates/dat.asp
Use the following links to reach online technical support for McAfee products -
Corporate Customers:
http://www.mcafeesecurity.com/us/support/
Single User/Retail Customers:
http://www.mcafeehelp.com
Note
Due to the prevalence of network gateway AV products, it is important that all
submissions be zipped and the zip file password-protected (password - infected). Some
products will reject an email that contains a virus that is not sent in this way. In
addition, often we receive a file that appears not to have been infected, to find
later that the file was infected when it left the sender, and was cleaned somewhere
along the line.
Regards,
McAfee AVERT tm
A division of McAfee, Inc
能看懂的给翻译下大概意思吧。这是今天下午4:00上报的,刚才回复的。快啊
这次上报的是卡饭的11月下半月的包。有15个没扫出来。
[ 本帖最后由 kn88 于 2008-12-4 20:26 编辑 ] |
发表于 2008-12-4 20:19:23
楼主
发表于 2008-12-5 11:38:19