§Ú³q¹L¹q¤l¶l¥ó³Ìªñ±µ¨ü¤F¥H¤U¡C §Ú¤ÏÀ³¡A¦ý¥¼´¿Å¥¨£¤F¡C ¦³§Æ±æ¦a«H®§±N¦³¥Î¹ï¨ä¥L¡K

Áý¡A¦bºôµo²{¤F±zªº¦W¦r¡A·í§Ú¦bslashdot¬Ý¤@¨Ç§÷®Æ¡A¦}¥B§Ú»{¬°±z¤]³\¥i¯à¦³¤ù¨è«ü¦V§Ú¦b¥¿½Tªº¤è¦V¡C
§Ú¦³§Ú±o¥H¶i¤J¹ï®Ú¾Ú¶}µo°Óªº¹sªº­·«Uapp¡C ·íapp¦b·sªºµw¥ó¶]¤F¡A´X¦W¥Î¤á¶g´Á©Ê¦a·|±o¨ì¤@­Ó²§±`ªº¿ù»~¡A¦ý±q¥¼¦b¥L­Ìªº¦Ñµw¥ó¡C ¥D­n°Ï§O¦b·sªº½¥¤W­pºâ¾÷¦ü¥G¬O®Ö¤ß2¤G­««µ¡C
µL½×¦p¦ó¡A³o­Ó¿ù»~¾É­Papp¨Ï¥Îªº¤º³¡µ¡¤f¼Æ¾Ú®w¨t²ÎªºÁ`­«·s³]¸mµM«á¦³¤@­Ó¿ù»~¦bmsvcr80.dll¡C ¦³¨S¦³§Ú¥i¥H±q¼Æ¾Ú§i¶D¦bªº¤è¦¡¤°»òºD¨Ò¤§¤U¦b¨º­Ó¼Ò¶ôÅܽè¡H §Ú¥i¯àµM«á¦Ü¤Ö§i¶D¦u½Ãªùµy·L§i¶D¶}µo°Ó§óªº¤H¡C ³o®É¡u½Ã§L¡v³Q»¡ªA¥¦¥¿¦]¬°dll¤£¬O³Ì·sªºª©¥»¡C §Ú»{¬°¥¦¤j·§¤£¬O²³æªº¨º¡C

[app] .exe¸p¦W
Appname [app] .exe App¡C Ver¡C 0.0.0.0

¡K

¹³¸É±Ï¤@¼Ë±±¨î»O¯u¥¿¦a¬Oµ¡¤f¥¦®Ú¥»¾d©Tªºaint¡C ±zª¾¹D «ü¥O´£¥Ü ¤u¨ã¦b´º¦âªºµo²{¤F ¨t²Î«ì´_¿ï¾Ü ¤£­n¨D¤@­Ó¥Î¤á¦W©Î±K½X¡H ¦}¥B«ü¥O´£¥Ü´£¨Ñ ºÞ²z­û ¹ïµw½Lªº¥­¹ê³q¤J¡H ¬°µ¡¤fªº¦h­Óª©¥»¡H ±z»Ý­nªº©Ò¦³¬O´º¦â¦w¸ËDVD¡A¦}¥B±z¬O¥þ³¡³]¸m¥h¡C

¥¿¸q°_°Ê±qDVD©M¿ï¾Ü­×²z¿ï¾Ü¡G

µM«á¿ï¾Ü«ü¥O´£¥Ü¡G

±z¦³¥þ³¡¦s¨ú¨ì³o»O­pºâ¾÷¡A¤£¶È§@¬°ºÞ²z­û¡A¦Ó¥B§@¬°¨t²Î±b¤á¥Î¤á¡C ¦b¦¹¥H«á±z¯à´¡¤Jusb°O¾Ð©M½Æ»s©Ò¦³¤£¥i¥[±Kªº¤å¥ó±q³o»O­pºâ¾÷¨ìusb°O¾Ð©MÅѨú«H®§¨S¦³¯d¤U¥ô¦ó¼Ð°O¹ï¨t²Î©Î¨Æ¥óÆ[¹îªÌ¤é»x¡C
Also, you could for example copy SAM-file (contains names and passwords of local users) from c:\windows\system32\config to usb-memory and start cracking computer’s user password at  remote computer.

A cracker can:
1. … copy files from hard disk to USB, floppy or network server
2. …

¡K

Symantec is treading a new path - using virus detection technology that does not need signature files. Recently many security researchers have spoken out against the use of signature files. Ironically almost every popular anti-virus solution uses some type of signature file system.

Before a signature file can be created the antivirus company needs to know that a particular virus exists. Even thinking about this for a moment you can easily see that this is a major weakness. They create signature files by looking at honeypots, emails from users, and calls from customers. What does that mean? It means that some unlucky sucker needs to get infected with a virus before you can be protected.

In addition, another significant weakness is when a virus changes itself while propagating. If this happens, the signature becomes useless.

So you can see where the problem is. There needs to be a way to detect new viruses without needing constant updating from a central repository.

That¡¦s what AntiBot aims to do. It looks at the behavior of programs on your system to determine if they¡K