EvID報的很多(誤報?!)

黑衣~魂

大家幫忙看看吧
轉AVPCLUB
AntiVir+AVG+NOD32+HackTool/EvID+TrendMicro
http://www.virustotal.com/analisis/afc5d29fbba4fb4ec09e42cb30fcc0d8
都報了

不過kaspersky+dr.web未報~上報dr.web回覆乾淨
等等上報kaba確認

Original file name: EvID4226Patch.exe
Dear ~ 魂 ~,
Your submission has been processed by Automatic System. This file is in the trusted (clean) files database of Dr.Web (R).


If you are still confident that this file is malicious, reply to this message.
Thank you for the cooperation.
--
Yours sincerely,
Virus Monitoring Service Doctor Web Ltd.

[ 本帖最后由 黑衣~魂 于 2009-2-24 20:18 编辑 ]

qianwenxiang

报的大多都是风险工具或者补丁文件 应该不算误报吧   patch文件比较容易被报



Intelligent TCPIP.SYS patcher / EventID 4226 patch             Version 2.23d
(c) 2004-05 LvlLord (www.LvlLord.de)        use parameter /? for more options

This program is in development. Visit http://www.LvlLord.de for a new version
--------------------------------------------------------------------------------

- Windows mode
- Recognised Windows-directory: C:\WINDOWS

- 'Windows XP SP2 or newer' TCPIP.SYS detected ...

- Build of TCPIP.SYS  : 5.1.2600.3394 (I386)
- Build of safety copy: -
           (will be overwritten due to changed version)

Found limit position                            : 0x4F7A2
Current maximum concurrent half-open connections: 256

If you continue, please press 'Abort' and 'Yes' on the popup from Windows
File Protection. Because we change system files, Windows tries to restore the
original one. So it's normal.

Do you really want to change the limit to 10?
  (Y=Yes  /  N=No  /  C=Change limit)

ledled

名称: RiskWare.TCPIPPatcher.A
类型: Trojan

描述:


文件:
c:\users\administrator\desktop\evid4226patch.exe

黑衣~魂

有的報TROJAN
卡巴連NOT-VIRUS 工具也不報
Hello,
EvID4226Patch.exe
No malicious code was found in this file.
-----------
Regards, Ostroverkhov Vladimir
Virus Analyst, Kaspersky Lab.