20070106 New Malware.j
8.5 已经开了启发扫描
可是有个病毒就是不认识
上传上去
人家说

Current Scan Engine Version:5100.0194

Current DAT Version:4911.0000

Thank you for your submission.

Analysis ID: 2859265

File Name         Findings               Detection
Type       Extra
——————–&line;——————————&line;————————
—-&line;————&line;—–
l_hy50.pif       &line;heuristic detection       &line;new malware.w
&line;Virus     &line;no  

heuristic detection [l_hy50.pif]  

heuristic detection       应该就是 启发式 啊
New Malware.jType Trojan SubType Heuristic Discovery Date 06/02/2005 Length Varies Minimum DAT 4505 (06/02/2005) Updated DAT 4912 (12/06/2006) Minimum Engine 4.3.20 Description Added 06/02/2005 Description Modified 06/23/2005 11:20 PM (PT)
This is a trojan detection. Unlike viruses, trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include email, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.

Characteristics
This is a heuristic detection which may detect either viruses or trojans.  If a sample is detected as New Malware.j then it is likely that the system is currently infected and has virus or trojan processes running.

The New Malware.j detection intentionally does not contain repair, as files detected under this name could do any number of this.  Samples detected as "New Malware.j" should be submitted to AVERT so that they can be properly classified and have proper repair added to the DAT files.

Symptoms
Symptoms of malware vary greatly.  Some common symptoms which may be observed in the case of New Malware.j detections are as follows.

Unknown processes are running. Unknown ports are open. Reduced system performanceThis is a heuristic detection.  The specific symptoms may not be known as it is likely that the sample detected is a new virus or trojan.  Please submit the sample to AVERT for analysis.

Method of Infection
This is a heuristic detection.  The specific methods of infection may not be known as it is likely that the sample detected is a new virus or trojan.  Please submit the sample to AVERT for analysis.
Removal
This detection is an indication that the file is identified heuristically and it is requested that a sample of the file is sent to McAfee AVERT for analysis.
Refer to the online instructions for sending samples.

Variants
Variants
N/A
Analysis ID File Findings Detection Type Date Extra
2859246 l_hy50.pif heuristic detection  new malware.w  Virus  12/06/06  No 
2859224 l_hy50.exe heuristic detection  new malware.w  Virus  12/06/06  No 
2859208 l_hy50..exe heuristic detection  new malware.w  Virus  12/06/06  No 
2859058 l_hy50..pif heuristic detection  new malware.j  Trojan  12/06/06  No 

AVERT Labs – Beaverton

Current Scan Engine Version:5100.0194

Current DAT Version:4911.0000

Thank you for your submission.

Analysis ID: 2859265

File Name            Findings                       Detection
Type         Extra
——————–&line;——————————&line;————————
—-&line;————&line;—–
l_hy50.pif          &line;heuristic detection           &line;new malware.w
&line;Virus       &line;no  

heuristic detection [l_hy50.pif]

   The file received may contain a potential virus or trojan threat
identified           
heuristically. This potential threat was identified with our most powerful
set of     
heuristic DAT drivers. Heuristic drivers can cause false-positive
identifications, as 
such, this issue is being escalated to Avert Labs for a thorough review.

In the meantime, it is recommended that you update your DAT and engine files
and scan 
your computer again. You will be contacted through e-mail with the results
of our     
analysis.

To find detailed information about viruses and other malware, please review
AVERT\’s   
Virus Information Library:

You need to register as a new user.  We are currently not experiencing any
issues with accessing WebImmune.  If you continue to have problem accessing
WebImmune, you may need to contact your ISP.

Virus Research accepts file-samples for analysis and possible inclusion into
AV signature DAT sets. We are also prepared to answer general virus
questions.

All product-related questions and comments can be addressed through
technical support and customer service, including:

* Product installation and update questions
* Product usage questions
* Specific operating system/version questions
* Assistance with detection and cleaning or removal of viruses or trojans

Use the following link to reach online technical support for McAfee
products.

历史博文

标签:
六月 9, 2007 at 10:28 下午 by yippee 1,028 次
Category: English
Tags: