收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 国外杀毒软件 Avira(小红伞) 红伞误报收集站
1 ...101112131415161718... 32下一页
返回列表 发新帖
楼主: will
 收起左侧

[讨论] 红伞误报收集站

 关闭 [复制链接]
yaoyunjia
发表于 2008-9-2 10:40:16 | 显示全部楼层
VirSCAN 检测结果软件名称
引擎版本
病毒库版本
病毒库时间
扫描结果
时间
a-squared3.5.0.222008.07.292008-07-29-
3.932
AntiVir7.8.1.127.0.5.1942008-07-30Worm/SdBot.128512.B
2.145
Arcavir1.0.52008073017012008-07-30-
1.188
AVAST!3.0.1080730-02008-07-30-
0.052
AVG7.5.51.442270.5.8/15822008-07-30IRC/BackDoor.SdBot3.RPX
1.504
BitDefender7.60825.14104837.202652008-07-31Win32.Worm.Sdbot.BJ
2.624
CA (VET)9.0.0.14331.6.59952008-07-30-
0.773
ClamAV0.93.378942008-07-31Trojan.SdBot-8489
0.025
Comodo2.112.0.0.6012008-07-30-
0.420
CP Secure1.1.0.7152008.07.312008-07-31Troj.Downloader.W32.Banload.cpg
5.627
Dr.Web4.44.0.91702008.07.302008-07-30-
3.123
ewido4.0.0.22008.07.302008-07-30-
2.318
F-Prot4.4.4.56200807302008-07-30Possible W32/Heuristic-210!Eldorado (not disinfectable)
1.428
F-Secure5.51.61002008.07.30.082008-07-30-
2.951
IkarusT3.1.01.342008.07.30.711902008-07-30Worm.Sdbot.128512.A
3.033
Microsoft1.38062008.07.302008-07-30-
4.237
mks_vir2.012008.07.312008-07-31-
2.545
Norman5.93.015.93.002008-07-30-
5.455
nProtect2008-07-30.0017364732008-07-30Backdoor/W32.SdBot.128512
3.175
Quick Heal9.502008.07.302008-07-30Backdoor.Sdbot.a
1.589
Sophos2.75.44.312008-07-31Mal/Generic-A                 
2.019
Sunbelt3.1.1537.121692008-07-28Backdoor.SDBot
0.414
The Hacker6.2.96v003892008-07-24-
0.402
VBA323.12.8.120080729.07462008-07-29-
1.457
ViRobot200807302008.07.302008-07-30-
0.419
VirusBuster4.5.11.104.5.11/0010-00-00-
1.087
卡巴斯基5.5.102008.07.302008-07-30-
0.142
安博士V32008.07.31.002008.07.312008-07-31Win32/IRCBot.worm.variant
1.073
江民杀毒11.0.7062008.07.302008-07-30-
1.188
熊猫卫士9.05.012008.07.302008-07-30Trj/Lineage.BZE     
2.010
瑞星20.020.55.22.002008-07-30-
0.801
赛门铁克1.3.0.2420080730.0032008-07-30Infostealer.Gampass
0.047
趋势科技8.700-10045.446.022008-07-30-
1.196
迈克菲5.2.0053492008-07-29W32/Sdbot.worm
2.212
金山毒霸2008.1.14.152008.7.30.182008-07-30-
0.634
飞塔2.81-3.119.3672008-07-30W32/SDBot.BJ!tr.bdr
1.626

文件名称 :  Keygen.exe
未上报
附件:

[ 本帖最后由 yaoyunjia 于 2008-9-2 10:41 编辑 ]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

14206937
发表于 2008-9-4 13:18:23 | 显示全部楼层
文件 __________________.EXE 接收于 2008.05.03 17:51:02 (CET)反病毒引擎 版本 最后更新 扫描结果
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - Trojan.Packed.7599
CAT-QuickHeal - - (Suspicious) - DNAScan
ClamAV - - -
DrWeb - - -
eSafe - - suspicious Trojan/Worm
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
FileAdvisor - - -
Fortinet - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - Suspicious_F.gen
Panda - - Generic Malware
Prevx1 - - -
Rising - - -
Sophos - - Mal/TibsPk-A
Sunbelt - - VIPRE.Suspicious
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - Packed/FSG
Webwasher-Gateway - - Win32.Malware.gen#FSG (suspicious)

附加信息
MD5: a6fab4a9ed5f7ea72a99649e784c6865
SHA1: a85c95612463fbb51bb4de35075d7ef213a615f6
SHA256: cc553d5a4c64864baf51ec6baf04020d7e713058f499194c6b8cc6015dd4f398
SHA512: 5823a9b088f6e8d53bcd5671e44d0a794a9def1f2caadea01ec84994430615f2037556410f77be43b5ecf35b5532625001b4168d6e14f6a3938e911241783a86
<table border="1"><tr><td colspan="4">文件 __________________.EXE 接收于 2008.05.03 17:51:02 (CET)</td></tr><tr><td>反病毒引擎</td><td>版本</td><td>最后更新</td><td>扫描结果</td</tr><tr><td>AhnLab-V3</td><td>-</td><td>-</td><td>-</td</tr><tr><td>AntiVir</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Authentium</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Avast</td><td>-</td><td>-</td><td>-</td</tr><tr><td>AVG</td><td>-</td><td>-</td><td>-</td</tr><tr><td>BitDefender</td><td>-</td><td>-</td><td style="color: red;">Trojan.Packed.7599</td</tr><tr><td>CAT-QuickHeal</td><td>-</td><td>-</td><td style="color: red;">(Suspicious) - DNAScan</td</tr><tr><td>ClamAV</td><td>-</td><td>-</td><td>-</td</tr><tr><td>DrWeb</td><td>-</td><td>-</td><td>-</td</tr><tr><td>eSafe</td><td>-</td><td>-</td><td style="color: red;">suspicious Trojan/Worm</td</tr><tr><td>eTrust-Vet</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Ewido</td><td>-</td><td>-</td><td>-</td</tr><tr><td>F-Prot</td><td>-</td><td>-</td><td>-</td</tr><tr><td>F-Secure</td><td>-</td><td>-</td><td>-</td</tr><tr><td>FileAdvisor</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Fortinet</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Ikarus</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Kaspersky</td><td>-</td><td>-</td><td>-</td</tr><tr><td>McAfee</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Microsoft</td><td>-</td><td>-</td><td>-</td</tr><tr><td>NOD32v2</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Norman</td><td>-</td><td>-</td><td style="color: red;">Suspicious_F.gen</td</tr><tr><td>Panda</td><td>-</td><td>-</td><td style="color: red;">Generic Malware</td</tr><tr><td>Prevx1</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Rising</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Sophos</td><td>-</td><td>-</td><td style="color: red;">Mal/TibsPk-A</td</tr><tr><td>Sunbelt</td><td>-</td><td>-</td><td style="color: red;">VIPRE.Suspicious</td</tr><tr><td>Symantec</td><td>-</td><td>-</td><td>-</td</tr><tr><td>TheHacker</td><td>-</td><td>-</td><td>-</td</tr><tr><td>VBA32</td><td>-</td><td>-</td><td>-</td</tr><tr><td>VirusBuster</td><td>-</td><td>-</td><td style="color: red;">Packed/FSG</td</tr><tr><td>Webwasher-Gateway</td><td>-</td><td>-</td><td style="color: red;">Win32.Malware.gen#FSG (suspicious)</td</tr><tr><td colspan="4"> </td></tr><tr><td colspan="4">附加信息</td></tr><tr><td colspan="4">MD5: a6fab4a9ed5f7ea72a99649e784c6865</td></tr><tr><td colspan="4">SHA1: a85c95612463fbb51bb4de35075d7ef213a615f6</td></tr><tr><td colspan="4">SHA256: cc553d5a4c64864baf51ec6baf04020d7e713058f499194c6b8cc6015dd4f398</td></tr><tr><td colspan="4">SHA512: 5823a9b088f6e8d53bcd5671e44d0a794a9def1f2caadea01ec84994430615f2037556410f77be43b5ecf35b5532625001b4168d6e14f6a3938e911241783a86</td></tr></table>
反病毒引擎        版本        最后更新        扫描结果
AhnLab-V3        -        -        -
AntiVir        -        -        -
Authentium        -        -        -
Avast        -        -        -
AVG        -        -        -
BitDefender        -        -        Trojan.Packed.7599
CAT-QuickHeal        -        -        (Suspicious) - DNAScan
ClamAV        -        -        -
DrWeb        -        -        -
eSafe        -        -        suspicious Trojan/Worm
eTrust-Vet        -        -        -
Ewido        -        -        -
F-Prot        -        -        -
F-Secure        -        -        -
FileAdvisor        -        -        -
Fortinet        -        -        -
Ikarus        -        -        -
Kaspersky        -        -        -
McAfee        -        -        -
Microsoft        -        -        -
NOD32v2        -        -        -
Norman        -        -        Suspicious_F.gen
Panda        -        -        Generic Malware
Prevx1        -        -        -
Rising        -        -        -
Sophos        -        -        Mal/TibsPk-A
Sunbelt        -        -        VIPRE.Suspicious
Symantec        -        -        -
TheHacker        -        -        -
VBA32        -        -        -
VirusBuster        -        -        Packed/FSG
Webwasher-Gateway        -        -        Win32.Malware.gen#FSG (suspicious)

附加信息
MD5: a6fab4a9ed5f7ea72a99649e784c6865
SHA1: a85c95612463fbb51bb4de35075d7ef213a615f6
SHA256: cc553d5a4c64864baf51ec6baf04020d7e713058f499194c6b8cc6015dd4f398
SHA512: 5823a9b088f6e8d53bcd5671e44d0a794a9def1f2caadea01ec84994430615f2037556410f77be43b5ecf35b5532625001b4168d6e14f6a3938e911241783a86

未上报

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Shieh
发表于 2008-9-11 21:04:20 | 显示全部楼层
文件名/软件名:Qiao2008.dll (9.11日更新的FinePlus中)
误报名:TR/Crypt.XPACK.Gen
附件(方便上传的话):
是否上报:已上报
---
We received the following archive files:

File ID FilenameSize (Byte)Result
25132372 Qiao2008.rar395.11 KBOK
A listing of files contained inside archives alongside their results can be found below:
File ID FilenameSize (Byte)Result
25132373 Qiao2008.dll 406.5 KB MALWARE

Please find a detailed report concerning each individual sample below:
FilenameResult
Qiao2008.dll MALWARE

The file 'Qiao2008.dll' has been determined to be 'MALWARE'.
Detection is added to our virus definition file (VDF) starting with version 7.00.05.171. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: TR/Crypt.XPACK.Gen.

Please note that you will receive an email which will contain the results shown above. In case the final outcome of the analysis is not yet finished for all files the notification will be sent once ready.

[ 本帖最后由 Shieh 于 2008-9-11 21:08 编辑 ]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

wrq
发表于 2008-9-20 16:00:27 | 显示全部楼层

Wywz.exe

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

ntntp
发表于 2008-9-20 20:13:56 | 显示全部楼层
电子文档处理器   报为可疑文件

未上报
Begin scan in 'E:\setup\电子文档软件\电子文档处理器.rar'
E:\setup\电子文档软件\电子文档处理器.rar
    [0] Archive type: RAR
      --> etextwizard2.exe
        [1] Archive type: ZIP SFX (self extracting)
        --> SETUP.EXE
            [DETECTION] Contains HEUR/Crypted suspicious code
        --> setup1.ex_
          [2] Archive type: MSCOMPRESS
          --> AV000000b3.AV$
              [DETECTION] Contains HEUR/Crypted suspicious code
        --> ST5UNST.EX_
          [2] Archive type: MSCOMPRESS
          --> AV000000b6.AV$
              [DETECTION] Contains HEUR/Crypted suspicious code
    [WARNING]   The file was ignored!

文件3m多,我用的7-zip,做的分卷的格式放不上来,放到纳米盘了
http://www.namipan.com/downfile/%E7%94%B5%E5%AD%90%E6%96%87%E6%A1%A3%E5%A4%84%E7%90%86%E5%99%A8.rar/4c37b9939bd959a2ed8b86a0fcb07b43e1f78b5a54de3800

[ 本帖最后由 ntntp 于 2008-10-17 13:27 编辑 ]
回复

举报

infohy
发表于 2008-9-23 00:27:25 | 显示全部楼层
文件名/软件名:winntbbu.dll
误报名:灰鸽子后门 Contains a recognition pattern of the (harmful) BDS/Hupigon.bpzp back-door program
下载地址/链接地址(如有的话):C:\WINDOWS\system32\
附件(方便上传的话)
是否上报:已上报
上报分析结果:暂时还没收到结果
btw:红伞的监控实在是强,尽管我Scanner和Guard里排出了该文件,但是复制粘贴或者压缩上传的时候,还是会报警!值得信赖的家伙,哇咔咔!

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

浙江一哥
发表于 2008-10-1 21:45:05 | 显示全部楼层
误报我KMP的一个文件麻烦楼主上报一下

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

wrq
发表于 2008-10-2 14:52:25 | 显示全部楼层

NITAVE

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

chris100466
发表于 2008-10-5 13:21:44 | 显示全部楼层
第一個誤報(顯示為無誤報,但是還是報毒)
文件名/软件名: BROWSER.RAR(學校WORD檢定)
误报名:TR/FlashKiller.C
是否上报:已上报
上報分析結果
Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00205134.


A listing of files alongside their results can be found below:
File ID FilenameSize (Byte)Result
25139763 BROWSER.EXE 23.5 KB FALSE POSITIVE


Please find a detailed report concerning each individual sample below:
FilenameResult
BROWSER.EXE FALSE POSITIVE

The file 'BROWSER.EXE' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will not be removed due to the fact that the file contains malicious but non working fragments. This is an indicator that it was not disinfected properly from a previous infection. We recommend to restore the original copy from a backup media.

Alternatively you can see the analysis result here:
http://analysis.avira.com/samples/details.php?uniqueid=zYTfM45X4ntFPUTbY71FmC7hSDwDk10E&incidentid=205134

An overview of all your submissions can be found here:
http://analysis.avira.com/samples/details.php?uniqueid=zYTfM45X4ntFPUTbY71FmC7hSDwDk10E

Please note: The detection of Spy/Adware is not available in the product "AntiVir PersonalEdition Classic". Please address specific questions to support@avira.com
Kind regards
Avira Virus Lab

---------------------------------------------
Avira GmbH
Lindauer Str. 21, D-88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-525 10
Internet: http://www.avira.com

CEO: Tjark Auerbach
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992

第二個誤報(認定有病毒)
文件名/软件名:CSF99_S1(學校WORD檢定)
误报名:W95/CIH
是否上报:已上报
Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00205132.


A listing of files alongside their results can be found below:
File ID FilenameSize (Byte)Result
25139761 CSF99_S1.EXE 396.5 KB MALWARE

Please find a detailed report concerning each individual sample below:
FilenameResult
CSF99_S1.EXE MALWARE

The file 'CSF99_S1.EXE' has been determined to be 'MALWARE'.
Our analysts named the threat W95/CIH. The term "W95/" denotes a file virus or malware that runs on Windows 95/98/Me systems.Detection is added to our virus definition file (VDF) starting with version 6.36.00.09.
Alternatively you can see the analysis result here:
http://analysis.avira.com/samples/details.php?uniqueid=zYTfM45X4ntFPUTbY71FmC7hSDwDk10E&incidentid=205132

An overview of all your submissions can be found here:
http://analysis.avira.com/samples/details.php?uniqueid=zYTfM45X4ntFPUTbY71FmC7hSDwDk10E

Please note: The detection of Spy/Adware is not available in the product "AntiVir PersonalEdition Classic". Please address specific questions to support@avira.com
Kind regards
Avira Virus Lab

---------------------------------------------
Avira GmbH
Lindauer Str. 21, D-88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-525 10
Internet: http://www.avira.com

CEO: Tjark Auerbach
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992
---------------------------------------------

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

bluecrazy
发表于 2008-10-6 12:25:54 | 显示全部楼层

搞怪碰碰球1.2

回复

举报

下一页 »
1 ...101112131415161718... 32下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-1-14 04:18 , Processed in 0.106262 second(s), 14 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表