红伞误报收集站

emutony

Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00168046.



A listing of files alongside their results can be found below:

File ID  Filename Size (Byte) Result
25060108  Mario4x_cn.exe  137.76 KB  FALSE POSITIVE


Please find a detailed report concerning each individual sample below:

Filename Result  Mario4x_cn.exe  FALSE POSITIVE

The file 'Mario4x_cn.exe' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.

Alternatively you can see the analysis result here:
http://analysis.avira.com/sample ... p;incidentid=168046

An overview of all your submissions can be found here:
http://analysis.avira.com/sample ... AhC951ZZDXdGwBz9fLL

qiujuan

文件名/软件名: 金山词霸2007下的SNProber.dll文件
误报名      :MALWARE
是否上报:未上报
今天突然报金山词霸2007下的SNProber.dll文件

无尽藏海

忘了哪来的了……好像是样本区……
最近分析有的比较慢

File ID         Filename        Size (Byte)        Result
25062063         破解辅助计算工具.rar...工具.rar        514.43 KB        OK


A listing of files contained inside archives alongside their results can be found below:File ID         Filename        Size (Byte)        Result
25062064         ################.exe         518.27 KB         FALSE POSITIVE
25064973         krnln.fnr         996 KB         MALWARE



Please find a detailed report concerning each individual sample below: Filename        Result
################.exe         FALSE POSITIVE


The file '################.exe' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.
Filename        Result
krnln.fnr         MALWARE


The file 'krnln.fnr' has been determined to be 'MALWARE'. Our analysts named the threat DR/Flood.AlaUDP.A.2. The term "DR/" denotes a program that is able to place a virus or a malware discretely on a system.Detection is added to our virus definition file (VDF) starting with version 6.31.00.124. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: DR/Flood.AlaUDP.A.2.

leizhangcn

文件名/软件名:  PPInstallLog.dll（拍拍乐安装文件）
误报名:  MALWARE
下载地址/链接地址: www.886.cn
是否上报：已上报
上报分析结果：已解决（误报）

Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00169697.



A listing of files alongside their results can be found below:

File ID  Filename Size (Byte) Result
25064961  PPInstallLog.dll  28.5 KB  FALSE POSITIVE


Please find a detailed report concerning each individual sample below:

Filename Result  PPInstallLog.dll  FALSE POSITIVE

The file 'PPInstallLog.dll' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.

Alternatively you can see the analysis result here:
http://analysis.avira.com/sample ... 5&incidentid=169697

An overview of all your submissions can be found here:
http://analysis.avira.com/sample ... 0U76X1QsT4BWmbA9fU5


Please note: The detection of Spy/Adware is not available in the product "AntiVir PersonalEdition Classic". Please address specific questions to support@avira.com

Kind regards
Avira Virus Lab

---------------------------------------------
Avira GmbH
Lindauer Str. 21, D-88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-525 10
Internet: http://www.avira.com

CEO: Tjark Auerbach
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992
---------------------------------------------

[ 本帖最后由 leizhangcn 于 2008-7-4 17:55 编辑 ]

leizhangcn

文件名/软件名:  Analysis.dll（51地图文件）
误报名:  Agent.28672
下载地址/链接地址: http://www.51ditu.com
是否上报：已上报
上报分析结果：

leizhangcn

文件名/软件名:  regsp.exe（单机游戏斗地主7.8文件）
误报名:   MALWARE
下载地址/链接地址: ht[url]http://www.oyksoft.com/downinfo/871.html[/url]
是否上报：已上报
上报分析结果：
Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00169698.


A listing of files alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25064963	regsp.exe	10.5 KB	MALWARE

Please find a detailed report concerning each individual sample below:

Filename

Result

regsp.exe

MALWARE

The file 'regsp.exe' has been determined to be 'MALWARE'.
Our analysts discovered that the file is a Security Privacy Risk (SPR). In particular it means that it is a program that might possibly be able to affect the security of your system, might trigger activities you might not want or might violate your privacy. Detection will be added to our virus definition file (VDF) with one of the next updates. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Crypted.

Alternatively you can see the analysis result here:
http://analysis.avira.com/samples/details.php?uniqueid=mBpkzMEp4q8zs0U76X1QsT4BWmbA9fU5&incidentid=169698

An overview of all your submissions can be found here:
http://analysis.avira.com/samples/details.php?uniqueid=mBpkzMEp4q8zs0U76X1QsT4BWmbA9fU5

Please note: The detection of Spy/Adware is not available in the product "AntiVir PersonalEdition Classic". Please address specific questions to support@avira.com
Kind regards
Avira Virus Lab

---------------------------------------------
Avira GmbH
Lindauer Str. 21, D-88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-525 10
Internet: http://www.avira.com

CEO: Tjark Auerbach
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992
---------------------------------------------

leizhangcn

文件名/软件名:  uninst.exe（FLV转换工具）红伞误报
误报名:   MALWARE
下载地址/链接地址:
是否上报：已上报
上报分析结果：

leizhangcn

文件名/软件名:  清除所有多余的桌面右键菜单.cmd
误报名:   MALWARE
下载地址/链接地址:
是否上报：已上报
上报分析结果：

无尽藏海

The file 'SNProber.dll' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection is removed from our virus definition file (VDF) with the version: 7.0.5.65.

emutony

Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00170428.



A listing of files alongside their results can be found below:

File ID  Filename Size (Byte) Result
25067218  AntiIPErr.dll  16.69 KB  FALSE POSITIVE


Please find a detailed report concerning each individual sample below:

Filename Result  AntiIPErr.dll  FALSE POSITIVE

The file 'AntiIPErr.dll' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.

Alternatively you can see the analysis result here:
http://analysis.avira.com/sample ... p;incidentid=170428

An overview of all your submissions can be found here:
http://analysis.avira.com/sample ... AhC951ZZDXdGwBz9fLL


Please note: The detection of Spy/Adware is not available in the product "AntiVir PersonalEdition Classic". Please address specific questions to support@avira.com

Kind regards
Avira Virus Lab

---------------------------------------------
Avira GmbH
Lindauer Str. 21, D-88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-525 10
Internet: http://www.avira.com

CEO: Tjark Auerbach
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992
---------------------------------------------