红伞误报收集站

23Jia

文件名/软件名:中国象棋大战『天空下载』/ is-CJ9TJ.tmp
误报名：Contains recognition pattern of the ADSPY/BaiduBar.A adware or spyware
下载地址/链接地址（如有的话） : http://yxtele1.skycn.com/down/cheexe.zip
附件（方便上传的话）：已上传
是否上报：未上报『我不会上报』
上报分析结果：
卡巴文件扫描『virustotal打不开，virscan正在扫描中，他卡在sophos扫描哪里，补图』


If you would like to scan your entire computer for viruses, please use our free virus scan.
You're clean!Kaspersky Anti-Virus has not detected any viruses at this time in the file you submitted.
However, only a fully-functional antivirus solution with regularlyupdated virus definitions can ensure comprehensive protection againstmalware. If you do not have an antivirus solution installed, you maywish to consider purchasing one today.

• Download a trial version of Kaspersky Anti-Virus
• Purchase Kaspersky Anti-Virus in our E-Store
• Purchase Kaspersky Anti-Virus from a certified partner

Scanned file:   is-CJ9TJ.tmp

is-CJ9TJ.tmp/data0001 - OK is-CJ9TJ.tmp/data0002 - OK Statistics: Known viruses: 1527252 Updated: 29-12-2008 File size (Kb): 230 Virus bodies: 0 Files: 2 Warnings: 0 Archives: 1 Suspicious: 0

[ 本帖最后由 23Jia 于 2008-12-29 16:09 编辑 ]

weelun94

Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00241303.


A listing of files alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25220559	setupche.exe	1012.96 KB	CLEAN
25220567	c.exe	229.93 KB	MALWARE
1332591	BaiduBar.dll	584.09 KB	MALWARE

Please find a detailed report concerning each individual sample below:

Filename	Result
setupche.exe	CLEAN

The file 'setupche.exe' has been determined to be 'CLEAN'.Our analysts did not discover any malicious content.

Filename	Result
c.exe	MALWARE

The file 'c.exe' has been determined to be 'MALWARE'.
Our analysts named the threat ADSPY/BaiduBar.A.The term "ADSPY/" denotes adware or spyware. This type of malware isable to change browser settings for example by manipulating registrysettings or byusing of NTFS-streams. Very often IEexploits are used to manipulate thebrowserhelp.dll.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename	Result
BaiduBar.dll	MALWARE

The file 'BaiduBar.dll' has been determined to be 'MALWARE'.
Our analysts named the threat ADSPY/BaiduBar.The term "ADSPY/" denotes adware or spyware. This type of malware isable to change browser settings for example by manipulating registrysettings or byusing of NTFS-streams. Very often IEexploits are used to manipulate thebrowserhelp.dll.Detection is added to our virus definition file (VDF) starting with version 6.34.01.99.
Alternatively you can see the analysis result here:
http://analysis.avira.com/samples/details.php?uniqueid=dqYsJvkydAbgKVLkYg7Sg7cXjRWU2byy&incidentid=241303

An overview of all your submissions can be found here:
http://analysis.avira.com/samples/details.php?uniqueid=dqYsJvkydAbgKVLkYg7Sg7cXjRWU2byy

Please note: The detection of Spy/Adware is not available in theproduct "AntiVir PersonalEdition Classic". Please address specificquestions to support@avira.com
Kind regards
Avira Virus Lab

---------------------------------------------
Avira GmbH
Lindauer Str. 21, D-88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-525 10
Internet: http://www.avira.com

CEO: Tjark Auerbach
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992
---------------------------------------------

[ 本帖最后由 weelun94 于 2008-12-29 19:25 编辑 ]

elite_zyj

文件名/软件名 :http://www.mysilu.com/index.php
误报名:HTML/Infected.WebPage.Gen HTML script virus
是否上报：未上报

lookljl

文件名/软件名:  vmware注册机
是否上报：        已上报


Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00241020.



We received the following archive files:

File ID	Filename	Size (Byte)	Result
25220146	VMware ??????????...??.rar	219.4 KB	OK

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25055088	VMware ##############.exe	222.45 KB	FALSE POSITIVE

Please find a detailed report concerning each individual sample below:

Filename

Result

VMware ##############.exe

FALSE POSITIVE

The file 'VMware ##############.exe' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will not be removed due to the fact that the file does not belong to a regular piece of software. This software can be used for an evasion of security protections in several computer programs. If we will find some malicious code inside the suspicious file anyway, we will integrate the pattern recognition in one of our next updates. In case AntiVir can detect this file we will not change or remove our detection
翻译

该文件'的VMware ##############.程序，被确定为'误报。特别是这意味着，这个档案是不是恶意，但一场虚惊。检测将不会被移除，原因是该文件并不属于正常的软件。该软件可用于回避的安全保护在几个计算机程序。如果我们将找到一些恶意代码内的可疑文件无论如何，我们将结合模式识别在我们下次更新。AntiVir的情况下可以检测到这个文件，我们不会更改或删除我们的检测

lookljl

文件名/软件名:  Crack.exe
是否上报：        已上报

Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00241017.


A listing of files alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25086918	Crack.exe	66 KB	FALSE POSITIVE

Please find a detailed report concerning each individual sample below:

Filename

Result

Crack.exe

FALSE POSITIVE

The file 'Crack.exe' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will not be removed due to the fact that the file does not belong to a regular piece of software. This software can be used for an evasion of security protections in several computer programs. If we will find some malicious code inside the suspicious file anyway, we will integrate the pattern recognition in one of our next updates. In case AntiVir can detect this file we will not change or remove our detection.

该文件'的crack.exe被确定为'误报。特别是这意味着，这个档案是不是恶意，但一场虚惊。检测将不会被移除，原因是该文件并不属于正常的软件。该软件可用于回避的安全保护在几个计算机程序。如果我们将找到一些恶意代码内的可疑文件无论如何，我们将结合模式识别在我们下次更新。AntiVir的情况下可以检测到这个文件，我们不会更改或删除我们的检测

lookljl

File ID	Filename	Size (Byte)	Result
25220147	科慧尔计算机等级考试系列七彩联盟 ...册机.rar	527.39 KB	OK

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25220148	#################...##.exe	584.31 KB	MALWARE

Please find a detailed report concerning each individual sample below:

Filename	Result
#################...##.exe	MALWARE

The file '################################ ##########.exe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dropper.Gen. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.This malware is detected by a special detection routine from the engine module.
被报为恶意软件

lookljl

Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00242608.


A listing of files alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
1329639	Nero 8 Keygen.exe	205.04 KB	FALSE POSITIVE

Please find a detailed report concerning each individual sample below:

Filename

Result

Nero 8 Keygen.exe

FALSE POSITIVE

The file 'Nero 8 Keygen.exe' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will not be removed due to the fact that the file does not belong to a regular piece of software. This software can be used for an evasion of security protections in several computer programs. If we will find some malicious code inside the suspicious file anyway, we will integrate the pattern recognition in one of our next updates. In case AntiVir can detect this file we will not change or remove our detection.
是误报

dfyd007

说明：诺亚舟学习网下载的学习机上用的学习文件。我怀疑是吴报。
文件名/软件名:魔法系列化学初三全册01-01_180440.nwo
误报名DR/Hupigon.CI
下载地址/链接地址:无
附件：有
是否上报：已上报
上报分析结果：找不到看那里？

[ 本帖最后由 dfyd007 于 2009-1-6 13:50 编辑 ]

lookljl

Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00242594.



A listing of files alongside their results can be found below:

File ID  Filename Size (Byte) Result
3602700  psNotify.dll  100 KB  FALSE POSITIVE


Please find a detailed report concerning each individual sample below:

Filename Result  psNotify.dll  FALSE POSITIVE

The file 'psNotify.dll' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.
是误报

nbnbsbsb

NetSense.exe 聚生网管

下载地址：
http://www.brsbox.com/filebox/down/fc/1873bc7b784211645905293312f34978