【閒聊】Yahoo奇摩提供的賽門鐵克防毒技術是不是很濫啊?



贊助商連結


頁 : [1] 2 3

nothing
2005-07-07, 09:13 PM
感覺上
Yahoo奇摩提供的賽門鐵克防毒技術是不是很濫啊?
我今天收到一封女朋友轉寄給我的信件
標題寫的很誘人
"昨天搞的援交妹,偶扒光她拍辣照,"
信裡附帶兩個壓縮檔案
mm.exe , mm1.exe
兩個要下載前在線掃描都沒事
下載後用F-Secure按滑鼠右鍵的方式掃描壓縮檔也沒事
結果一解壓縮
馬上掃到Trojan-PSW.Win32.Lineage.hx
http://www.pczone.com.tw/upload/002/Trojan-PSW.jpg
這個應該就是專門盜帳號的木馬吧@@
跟天堂有關的好像都是盜帳號程式= =a
我原本以為是女朋友寄來的
應該沒問題
線上掃描也沒事
用右鍵的方式掃描壓縮檔也沒事
好奇怪
非得要解壓縮出來F-Secure才抓到
哪知道這麼嚴重
我什麼毒什麼木馬都不怕
怕就怕盜帳號的= ="
因為我跟我女朋友都有在玩SealOnline
SealOnline盜帳號事件也不算是小事了
所以我實在很擔心
因為我女朋友轉寄了一大堆信給他的朋友~"~
真慘啊
如果下載前在線上就能知道有毒
我想今天盜帳號的事件也不會這麼嚴重
該怎麼去收我女朋友的爛攤子勒@@
寄給那麼多人了~"~
埃......

檔案我直接上傳給卡巴司基的免費線上掃描就能掃到
http://www.pczone.com.tw/upload/002/kavol.jpg
怎麼賽門鐵克線上沒掃到
http://www.pczone.com.tw/upload/002/navol.jpg
我下載後F-Secure也沒掃到
http://www.pczone.com.tw/upload/002/fsnof.jpg
解壓縮才找到
看來卡巴司基真的是蠻強的

結論是
如果雅虎奇摩病毒防護做的好
我想盜帳號的事件應該也會消除不少
怎麼賽門鐵克提供這麼"兩光"的病毒掃描啊~"~

P.S.附件檔案原始副檔名為*.exe,由於exe無法上傳故更改為rar,下載後請自行更改回來

贊助商連結


天氣預報
2005-07-07, 09:22 PM
那個yahoo採用的Norton
能力比我自己裝的Norton AntiVirus 2005爛多了
只能掃基本病毒
木馬和間諜軟體幾乎掃不到

像我自家用的Norton AntiVirus 2005
有些很久以前就掃得到的木馬
上傳到yahoo它照樣掃不到

會不會是跟yahoo簽的只有防病毒而已?
因為這兩個檔案我家的Norton AntiVirus 2005都掃得到(解壓縮時發現)
名稱都是PWSteal.Lineage
http://tinypic.com/6t23v9.gif

F-Secure掃不到?
它不是用卡巴舊引擎嗎?

lokae
2005-07-07, 09:47 PM
免錢的防毒服務能說啥呢.....

BitDefender
2005-07-07, 11:14 PM
This is a report processed by VirusTotal on 07/07/2005 at 17:05:03 (CET) after scanning the file "Server.rar" file.

Antivirus Version Update Result
AntiVir 6.31.0.7 07.06.2005 no virus found
AVG 718 07.07.2005 no virus found
Avira 6.31.0.7 07.07.2005 no virus found
BitDefender 7.0 07.07.2005 BehavesLike:Win32.AV-Killer
ClamAV devel-20050501 07.07.2005 no virus found
DrWeb 4.32b 07.07.2005 no virus found
eTrust-Iris 7.1.194.0 07.07.2005 no virus found
eTrust-Vet 11.9.1.0 07.07.2005 no virus found
Fortinet 2.36.0.0 07.06.2005 suspicious
Ikarus 2.32 07.07.2005 no virus found
Kaspersky 4.0.2.24 07.07.2005 Trojan-PSW.Win32.Lineage.hx
McAfee 4529 07.06.2005 no virus found
NOD32v2 1.1162 07.06.2005 no virus found
Norman 5.70.10 07.07.2005 no virus found
Panda 8.02.00 07.07.2005 no virus found
Sybari 7.5.1314 07.07.2005 Trojan-PSW.Win32.Lineage.hx
Symantec 8.0 07.06.2005 no virus found
TheHacker 5.8.2.067 07.07.2005 no virus found
VBA32 3.10.4 07.06.2005 suspected of Backdoor.Win32.FTPCentre.1
--------------------------------------------------------------------------
BitDefender 8.....掃瞄結果
C:\mm.rar=>(RAR Sfx o) OK
C:\mm.rar=>(RAR Sfx o)=>love.jpg OK
C:\mm.rar=>(RAR Sfx o)=>Server.exe Suspect BehavesLike:Win32.AV-Killer

其中love.jpg OK.......... Server.exe 才是木馬
VirusTotal中只有BitDefender..Kaspersky 掃到
Symantec 8.0掃不到....好強的木馬

BitDefender
2005-07-07, 11:23 PM
另一 掃瞄引擎....
Jotti's malware scan 2.99-TRANSITION_TO_3.00
File: Server.zip
Status:
INFECTED/MALWARE
MD5 85026a2aef681630067de864c39ba793
Packers detected: -
-----------------------------------------------
AntiVir
Found Heuristic/Trojan.Downloader (probable variant)
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found BehavesLike:Win32.AV-Killer (probable variant)
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found Trojan-PSW.Win32.Lineage.hx
NOD32
Found a variant of Win32/PSW.Lineage.DN
Norman Virus Control
Sandbox: W32/FileInfector; [ General information ]
UNA
Found nothing
VBA32
Found Backdoor.Win32.FTPCentre.1 (probable variant)
----------------------------------
賽門鐵克...怕誤判....所以判毒很保守...
所以雅虎奇摩病毒防護只是對一般病毒....誤殺客戶的檔案會被罵的

天氣預報
2005-07-07, 11:27 PM
VirusTotal中只有BitDefender..Kaspersky 掃到
Symantec 8.0掃不到....好強的木馬

前面不是已經有人貼了Symantec 8.0不支援掃rar檔嗎?
http://www.pczone.com.tw/showthread.php?p=964574#post964452

而且我前面也貼了
我家的Norton AntiVirus 2005的確是兩隻都掃得到
我已經貼隔離區的圖為證了

BitDefender
2005-07-08, 12:03 AM
his is a report processed by VirusTotal on 07/07/2005 at 17:58:29 (CET) after scanning the file "Server.zip" file.

Antivirus Version Update Result
AntiVir 6.31.0.7 07.06.2005 Heuristic/Trojan.Downloader
AVG 718 07.07.2005 no virus found
Avira 6.31.0.7 07.07.2005 Heuristic/Trojan.Downloader
BitDefender 7.0 07.07.2005 BehavesLike:Win32.AV-Killer
ClamAV devel-20050501 07.07.2005 no virus found
DrWeb 4.32b 07.07.2005 no virus found
eTrust-Iris 7.1.194.0 07.07.2005 no virus found
eTrust-Vet 11.9.1.0 07.07.2005 no virus found
Fortinet 2.36.0.0 07.06.2005 suspicious
Ikarus 2.32 07.07.2005 no virus found
Kaspersky 4.0.2.24 07.07.2005 Trojan-PSW.Win32.Lineage.hx
McAfee 4530 07.07.2005 PWS-Lineage.dll
NOD32v2 1.1162 07.06.2005 a variant of Win32/PSW.Lineage.DN
Norman 5.70.10 07.07.2005 W32/FileInfector
Panda 8.02.00 07.07.2005 Trj/Lineage.IQ
Sybari 7.5.1314 07.07.2005 Trojan-PSW.Win32.Lineage.hx
Symantec 8.0 07.06.2005 PWSteal.Lineage
TheHacker 5.8.2.067 07.07.2005 no virus found
VBA32 3.10.4 07.06.2005 suspected of Backdoor.Win32.FTPCentre.1
----------------------------------------
改用zip檔就有一堆掃到....謝謝告知....以後改進

zame123
2005-07-08, 12:12 AM
McAfee 今天也抓到了。
http://www.pczone.com.tw/upload/002/pws-lineage.png

天氣預報
2005-07-08, 12:36 AM
his is a report processed by VirusTotal on 07/07/2005 at 17:58:29 (CET) after scanning the file "Server.zip" file.

Antivirus Version Update Result
AntiVir 6.31.0.7 07.06.2005 Heuristic/Trojan.Downloader
AVG 718 07.07.2005 no virus found
Avira 6.31.0.7 07.07.2005 Heuristic/Trojan.Downloader
BitDefender 7.0 07.07.2005 BehavesLike:Win32.AV-Killer
ClamAV devel-20050501 07.07.2005 no virus found
DrWeb 4.32b 07.07.2005 no virus found
eTrust-Iris 7.1.194.0 07.07.2005 no virus found
eTrust-Vet 11.9.1.0 07.07.2005 no virus found
Fortinet 2.36.0.0 07.06.2005 suspicious
Ikarus 2.32 07.07.2005 no virus found
Kaspersky 4.0.2.24 07.07.2005 Trojan-PSW.Win32.Lineage.hx
McAfee 4530 07.07.2005 PWS-Lineage.dll
NOD32v2 1.1162 07.06.2005 a variant of Win32/PSW.Lineage.DN
Norman 5.70.10 07.07.2005 W32/FileInfector
Panda 8.02.00 07.07.2005 Trj/Lineage.IQ
Sybari 7.5.1314 07.07.2005 Trojan-PSW.Win32.Lineage.hx
Symantec 8.0 07.06.2005 PWSteal.Lineage
TheHacker 5.8.2.067 07.07.2005 no virus found
VBA32 3.10.4 07.06.2005 suspected of Backdoor.Win32.FTPCentre.1
----------------------------------------
改用zip檔就有一堆掃到....謝謝告知....以後改進

不過如果真的是因為這樣
難道其它家舊版也都不支援rar檔嗎...?

天氣預報
2005-07-08, 02:01 AM
his is a report processed by VirusTotal on 07/07/2005 at 17:58:29 (CET) after scanning the file "Server.zip" file.

Antivirus Version Update Result
AntiVir 6.31.0.7 07.06.2005 Heuristic/Trojan.Downloader
AVG 718 07.07.2005 no virus found
Avira 6.31.0.7 07.07.2005 Heuristic/Trojan.Downloader
BitDefender 7.0 07.07.2005 BehavesLike:Win32.AV-Killer
ClamAV devel-20050501 07.07.2005 no virus found
DrWeb 4.32b 07.07.2005 no virus found
eTrust-Iris 7.1.194.0 07.07.2005 no virus found
eTrust-Vet 11.9.1.0 07.07.2005 no virus found
Fortinet 2.36.0.0 07.06.2005 suspicious
Ikarus 2.32 07.07.2005 no virus found
Kaspersky 4.0.2.24 07.07.2005 Trojan-PSW.Win32.Lineage.hx
McAfee 4530 07.07.2005 PWS-Lineage.dll
NOD32v2 1.1162 07.06.2005 a variant of Win32/PSW.Lineage.DN
Norman 5.70.10 07.07.2005 W32/FileInfector
Panda 8.02.00 07.07.2005 Trj/Lineage.IQ
Sybari 7.5.1314 07.07.2005 Trojan-PSW.Win32.Lineage.hx
Symantec 8.0 07.06.2005 PWSteal.Lineage
TheHacker 5.8.2.067 07.07.2005 no virus found
VBA32 3.10.4 07.06.2005 suspected of Backdoor.Win32.FTPCentre.1
----------------------------------------
改用zip檔就有一堆掃到....謝謝告知....以後改進

除了Norton還有這麼多家舊版本都不能掃rar檔?
要改用zip才行
這是怎麼回事....