Just nu i M3-nätverket
Jump to content

Virus


Bossedatadoktor

Recommended Posts

Bossedatadoktor

Hej på er. Jag glömde slå av datorn när jag körde hemifrån och när jag kom hem hade den låst sig. Den reagerade inte på någonting , fick trycka in strömbrytaren. Jag scanna med avast antivirus (gratisversionen) och hade fått 7 virus. Hur kommer dom in i min burk ? Jag är en "ärlig" användare och susar inte omkring på skumma sidor eller så...

 

Windows Xp

Zonealarm firewall (gratisversionen)

D-Link 604

Avast Antivirus

 

Fick detta i loggboken:

Sign of "Win95:Matyas" has been found in "C:\WINDOWS\system32\pav.sig" file.

 

[inlägget ändrat 2004-07-17 21:42:40 av Bossedatadoktor]

Link to comment
Share on other sites

I De allra flesta fall så kommer Viruset via e-post. Det har blivit i särklass det mest använda sättet att sprida ohyra.

*******************************************

Virus som attackerar(Sasser MSBlast) Windows 2000 och XP. Det sprids via ett säkerhetshål i LSASS. Det är ett virus som sprids helt automatiskt via nätverk, och den som drabbas märker ingenting. Det handlar inte om någon installation. Du kan drabbas genom att bara ha din dator påslagen och uppkopplad på internet.

******************************************

 

Link to comment
Share on other sites

Guest idgadmin

Detta kan vara falsklarm, titta här från denna sida:

 

http://www.avast.com/eng/support/faq/avast_4_home_profe/virus_detection_and/false_alarm_viruses.html

 

 

Q: False alarm - viruses detected in Panda Antivirus files (Win95:Matyas and Win32:Kuang2 in PAV.SIG mainly)?!

 

A: This is a known problem. Let´s try to explain what´s going on:

 

Every virus can be identified, because it contains some unique signatures. Antiviral programs have their own database of that signatures. We call this database the "virus definition file".

When an antiviral program scans a file for viruses, it compares all the signatures (of all viruses) in the database with the signatures in that file. If the signatures match (they are the same), the file is marked as infected. For an antivirus program, it is important to hide this database of signatures somehow - e.g. by encrypting it. Panda Antivirus does not encrypt its virus database - the signatures inside are clearly "visible" to other antiviral programs, so they detect this file as infected (but there is actually no virus inside - only the signatures are the same).

 

We can´t do anything about that, only recommend not to use two or more antiviral programs at the same time, or put that files to the list of exclusions, so they will not be scanned anymore.

 

 

--------------------------------------------------------------------------------

Additional info:

 

Here is the list of Panda Antivirus files that avast! detects as infected:

IMSCAN.DLL

PAVDLL.DLL

PAV.SIG

APVXD.VX2

APVXD.VXD

Here is the list of viruses that are detected in the mentioned Panda Antivirus files. Keep on mind that the list is not complete and may change in the future:

Gift-724

VBS:Redlof

Win32:Aliser

Win32:Bolzano-3011

Win32:Bolzano-3223

Win32:Bolzano-3384

Win32:Crypto

Win32:CTX

Win32:Kenston

Win32:Kuang2

Win32:Nimda [Drp]

Win32:Qozah-C

Win32:Small-1700

Win32:Vypne [Trj]

Win95:Boza

Win95:Bumblebee

Win95:CIH 1.x

Win95:CIH-1106

Win95:CIH-1142

Win95:Fabi-B

Win95:Filezz-B

Win95:Hazlo

Win95:Heathen

Win95:Kenston

Win95:Leviathan-3236

Win95:Leviathan-3240

Win95:Leviathan-B

Win95:Matyas

Win95:One-SGWW

Win95:Orochi

Win95:PowerFul

Win95:Sledge-689

Win95:Werther

 

peer

 

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...