只有小红伞报

显示全部楼层 · 发表于 2008-8-18 18:41:10

http://virscan.org/report/1b0cd6427a1b7b86a602d84d35079519.html

文件名称 :	MSASN1.DLL
文件大小 :	33280 byte
文件类型 :	PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bi
MD5 :	206619eb163572bc537ce709a46ac1b4
SHA1 :	6e6c99600fbd61066e7dcda58352c57112a7187f

扫描结果

扫描结果 :	3%的杀软(1/36)报告发现病毒
时间 :	2008/08/18 18:33:33 (CST)

软件名称	引擎版本	病毒库版本	病毒库时间	扫描结果	时间
a-squared	3.5.0.22	2008.08.17	2008-08-17	-	14.483
AntiVir	7.8.1.19	7.0.6.26	2008-08-18	TR/Crypt.FKM.Gen	2.190
Arcavir	1.0.5	200808171633	2008-08-17	-	1.223
AVAST!	3.0.1	080817-0	2008-08-17	-	0.014
AVG	7.5.51.442	270.6.5/1618	2008-08-18	-	1.550
BitDefender	7.60825.1563568	7.20568	2008-08-18	-	2.848
CA (VET)	9.0.0.143	31.6.6035	2008-08-15	-	10.115
ClamAV	0.93.3	8052	2008-08-18	-	0.043
Comodo	2.11	2.0.0.620	2008-08-18	-	3.206
CP Secure	1.1.0.715	2008.08.18	2008-08-18	-	6.188
Dr.Web	4.44.0.9170	2008.08.18	2008-08-18	-	3.094
ewido	4.0.0.2	2008.08.18	2008-08-18	-	3.399
F-Prot	4.4.4.56	20080817	2008-08-17	-	1.014
F-Secure	5.51.6100	2008.08.17.03	2008-08-17	-	0.056
Ikarus	T3.1.01.34	2008.08.18.71295	2008-08-18	-	3.399
Microsoft	1.3807	2008.08.18	2008-08-18	-	4.674
mks_vir	2.01	2008.08.18	2008-08-18	-	2.663
Norman	5.93.01	5.93.00	2008-08-15	-	4.836
nProtect	2008-08-18.00	1894688	2008-08-18	-	3.710
Quick Heal	9.50	2008.08.16	2008-08-16	-	1.927
Sophos	2.77.0	4.32	2008-08-18	-	1.941
Sunbelt	3.1.1546.1	2193	2008-08-14	-	0.878
The Hacker	6.2.96	v00396	2008-08-11	-	0.429
VBA32	3.12.8.3	20080817.1524	2008-08-17	-	1.038
ViRobot	20080816	2008.08.16	2008-08-16	-	0.653
VirusBuster	4.5.11.10	10.84.3/598170	2008-08-17	-	0.832
卡巴斯基	5.5.10	2008.08.18	2008-08-18	-	0.051
安博士V3	2008.08.18.01	2008.08.18	2008-08-18	-	0.956
江民杀毒	11.0.706	2008.08.18	2008-08-18	-	1.992
熊猫卫士	9.05.01	2008.08.17	2008-08-17	-	4.592
瑞星	20.0	20.58.02.00	2008-08-18	-	0.892
赛门铁克	1.3.0.24	20080817.003	2008-08-17	-	0.064
趋势科技	8.700-1004	5.484.03	2008-08-18	-	0.044
迈克菲	5.2.00	5362	2008-08-15	-	2.596
金山毒霸	2008.1.14.15	2008.8.18.17	2008-08-18	-	2.072
飞塔	2.81-3.11	9.440	2008-08-18	-	1.744

注意: 就算报告发现病毒，也可能是杀软误报，请根据查毒结果自行判断

显示全部楼层 · 发表于 2008-8-18 18:41:35

小红伞呀，误报？？？

显示全部楼层 · 发表于 2008-8-18 18:42:45

http://www.virustotal.com/zh-cn/ ... 467706fccf3af5843b8
在www.virustotal.com也扫了一下
文件 MSASN1.DLL 接收于 2008.08.18 12:31:51 (CET)
当前状态: 正在读取 ... 队列中等待中扫描中完成未发现停止

结果: 3/36 (8.34%)
正在读取服务器信息中...
您的文件所排队列位置: 2.
预计开始时间为 49 和 70 秒之间.
扫描完成前请勿关闭窗口.
目前针对您的文件所进行的扫描进程已停止, 我们将会在稍后恢复.
如果您的等候时间超过 5 分钟, 请重新发送文件.
您的文件目前正在被 VirusTotal 扫描中,
结果将会稍后完成时生成.
格式化文本打印结果
您的文件已过期或不存在.
目前服务已停止, 您的文件将会稍后的未知时间内进行扫描 (位置: ).

您可以继续等待回应 (自动读取) 或者在下面的表单内输入您的电子邮件地址, 并按下 "获取", 当扫描完成时, 系统会自动给您发送电子邮件通知.
Email:


反病毒引擎版本最后更新扫描结果
AhnLab-V3 2008.8.15.0 2008.08.18 -
AntiVir 7.8.1.19 2008.08.18 TR/Crypt.FKM.Gen
Authentium 5.1.0.4 2008.08.18 -
Avast 4.8.1195.0 2008.08.17 -
AVG 8.0.0.161 2008.08.18 -
BitDefender 7.2 2008.08.18 -
CAT-QuickHeal 9.50 2008.08.16 -
ClamAV 0.93.1 2008.08.18 -
DrWeb 4.44.0.09170 2008.08.18 -
eSafe 7.0.17.0 2008.08.17 Suspicious File
eTrust-Vet 31.6.6035 2008.08.15 -
Ewido 4.0 2008.08.18 -
F-Prot 4.4.4.56 2008.08.18 -
F-Secure 7.60.13501.0 2008.08.18 -
Fortinet 3.14.0.0 2008.08.18 -
GData 2.0.7306.1023 2008.08.18 -
Ikarus T3.1.1.34.0 2008.08.18 -
K7AntiVirus 7.10.417 2008.08.18 -
Kaspersky 7.0.0.125 2008.08.18 -
McAfee 5362 2008.08.15 -
Microsoft 1.3807 2008.08.18 -
NOD32v2 3364 2008.08.18 -
Norman 5.80.02 2008.08.15 -
Panda 9.0.0.4 2008.08.17 -
PCTools 4.4.2.0 2008.08.17 -
Prevx1 V2 2008.08.18 -
Rising 20.58.02.00 2008.08.18 -
Sophos 4.32.0 2008.08.18 -
Sunbelt 3.1.1546.1 2008.08.15 -
Symantec 10 2008.08.18 -
TheHacker 6.3.0.5.053 2008.08.18 -
TrendMicro 8.700.0.1004 2008.08.18 -
VBA32 3.12.8.3 2008.08.18 -
ViRobot 2008.8.18.1339 2008.08.18 -
VirusBuster 4.5.11.0 2008.08.17 -
Webwasher-Gateway 6.6.2 2008.08.18 Trojan.Crypt.FKM.Gen
附加信息
File size: 33280 bytes
MD5...: 206619eb163572bc537ce709a46ac1b4
SHA1..: 6e6c99600fbd61066e7dcda58352c57112a7187f
SHA256: 70ee928d88364bc454dd6966d764ff656bc973c5edb7f544695045b016e2b4ee
SHA512: f9c7f310de3ed690f77d1e8386541fb3a55f561961def650d7681ed7217b9161
b5d5925482a31deeb02b27362eab0c461de1ec10dd28daf5b19c0bfb8b16481b
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x76dc3440
timedatestamp.....: 0x4121458f (Mon Aug 16 23:38:55 2004)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0xd000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0xe000 0x6000 0x5600 7.88 cc84a053d08d4ded585e18e6f589f451
.rsrc 0x14000 0x3000 0x2800 5.37 4df7919f9079acfd1bbcac3de03ce4e2

( 3 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress
> msvcrt.dll: free
> USER32.dll: wsprintfA

( 266 exports )
ASN1BERDecBitString, ASN1BERDecBitString2, ASN1BERDecBool, ASN1BERDecChar16String, ASN1BERDecChar32String, ASN1BERDecCharString, ASN1BERDecCheck, ASN1BERDecDouble, ASN1BERDecEndOfContents, ASN1BERDecEoid, ASN1BERDecExplicitTag, ASN1BERDecFlush, ASN1BERDecGeneralizedTime, ASN1BERDecLength, ASN1BERDecMultibyteString, ASN1BERDecNotEndOfContents, ASN1BERDecNull, ASN1BERDecObjectIdentifier, ASN1BERDecObjectIdentifier2, ASN1BERDecOctetString, ASN1BERDecOctetString2, ASN1BERDecOpenType, ASN1BERDecOpenType2, ASN1BERDecPeekTag, ASN1BERDecS16Val, ASN1BERDecS32Val, ASN1BERDecS8Val, ASN1BERDecSXVal, ASN1BERDecSkip, ASN1BERDecTag, ASN1BERDecU16Val, ASN1BERDecU32Val, ASN1BERDecU8Val, ASN1BERDecUTCTime, ASN1BERDecUTF8String, ASN1BERDecZeroChar16String, ASN1BERDecZeroChar32String, ASN1BERDecZeroCharString, ASN1BERDecZeroMultibyteString, ASN1BERDotVal2Eoid, ASN1BEREncBitString, ASN1BEREncBool, ASN1BEREncChar16String, ASN1BEREncChar32String, ASN1BEREncCharString, ASN1BEREncCheck, ASN1BEREncDouble, ASN1BEREncEndOfContents, ASN1BEREncEoid, ASN1BEREncExplicitTag, ASN1BEREncFlush, ASN1BEREncGeneralizedTime, ASN1BEREncLength, ASN1BEREncMultibyteString, ASN1BEREncNull, ASN1BEREncObjectIdentifier, ASN1BEREncObjectIdentifier2, ASN1BEREncOctetString, ASN1BEREncOpenType, ASN1BEREncRemoveZeroBits, ASN1BEREncS32, ASN1BEREncSX, ASN1BEREncTag, ASN1BEREncU32, ASN1BEREncUTCTime, ASN1BEREncUTF8String, ASN1BEREncZeroMultibyteString, ASN1BEREoid2DotVal, ASN1BEREoid_free, ASN1CEREncBeginBlk, ASN1CEREncBitString, ASN1CEREncChar16String, ASN1CEREncChar32String, ASN1CEREncCharString, ASN1CEREncEndBlk, ASN1CEREncFlushBlkElement, ASN1CEREncGeneralizedTime, ASN1CEREncMultibyteString, ASN1CEREncNewBlkElement, ASN1CEREncOctetString, ASN1CEREncUTCTime, ASN1CEREncZeroMultibyteString, ASN1DecAbort, ASN1DecAlloc, ASN1DecDone, ASN1DecRealloc, ASN1DecSetError, ASN1EncAbort, ASN1EncDone, ASN1EncSetError, ASN1Free, ASN1PERDecAlignment, ASN1PERDecBit, ASN1PERDecBits, ASN1PERDecBoolean, ASN1PERDecChar16String, ASN1PERDecChar32String, ASN1PERDecCharString, ASN1PERDecCharStringNoAlloc, ASN1PERDecComplexChoice, ASN1PERDecDouble, ASN1PERDecExtension, ASN1PERDecFlush, ASN1PERDecFragmented, ASN1PERDecFragmentedChar16String, ASN1PERDecFragmentedChar32String, ASN1PERDecFragmentedCharString, ASN1PERDecFragmentedExtension, ASN1PERDecFragmentedIntx, ASN1PERDecFragmentedLength, ASN1PERDecFragmentedTableChar16String, ASN1PERDecFragmentedTableChar32String, ASN1PERDecFragmentedTableCharString, ASN1PERDecFragmentedUIntx, ASN1PERDecFragmentedZeroChar16String, ASN1PERDecFragmentedZeroChar32String, ASN1PERDecFragmentedZeroCharString, ASN1PERDecFragmentedZeroTableChar16String, ASN1PERDecFragmentedZeroTableChar32String, ASN1PERDecFragmentedZeroTableCharString, ASN1PERDecGeneralizedTime, ASN1PERDecInteger, ASN1PERDecMultibyteString, ASN1PERDecN16Val, ASN1PERDecN32Val, ASN1PERDecN8Val, ASN1PERDecNormallySmallExtension, ASN1PERDecObjectIdentifier, ASN1PERDecObjectIdentifier2, ASN1PERDecOctetString_FixedSize, ASN1PERDecOctetString_FixedSizeEx, ASN1PERDecOctetString_NoSize, ASN1PERDecOctetString_VarSize, ASN1PERDecOctetString_VarSizeEx, ASN1PERDecS16Val, ASN1PERDecS32Val, ASN1PERDecS8Val, ASN1PERDecSXVal, ASN1PERDecSeqOf_NoSize, ASN1PERDecSeqOf_VarSize, ASN1PERDecSimpleChoice, ASN1PERDecSimpleChoiceEx, ASN1PERDecSkipBits, ASN1PERDecSkipFragmented, ASN1PERDecSkipNormallySmall, ASN1PERDecSkipNormallySmallExtension, ASN1PERDecSkipNormallySmallExtensionFragmented, ASN1PERDecTableChar16String, ASN1PERDecTableChar32String, ASN1PERDecTableCharString, ASN1PERDecTableCharStringNoAlloc, ASN1PERDecU16Val, ASN1PERDecU32Val, ASN1PERDecU8Val, ASN1PERDecUTCTime, ASN1PERDecUXVal, ASN1PERDecUnsignedInteger, ASN1PERDecUnsignedShort, ASN1PERDecZeroChar16String, ASN1PERDecZeroChar32String, ASN1PERDecZeroCharString, ASN1PERDecZeroCharStringNoAlloc, ASN1PERDecZeroTableChar16String, ASN1PERDecZeroTableChar32String, ASN1PERDecZeroTableCharString, ASN1PERDecZeroTableCharStringNoAlloc, ASN1PEREncAlignment, ASN1PEREncBit, ASN1PEREncBitIntx, ASN1PEREncBitVal, ASN1PEREncBits, ASN1PEREncBoolean, ASN1PEREncChar16String, ASN1PEREncChar32String, ASN1PEREncCharString, ASN1PEREncCheckExtensions, ASN1PEREncComplexChoice, ASN1PEREncDouble, ASN1PEREncExtensionBitClear, ASN1PEREncExtensionBitSet, ASN1PEREncFlush, ASN1PEREncFlushFragmentedToParent, ASN1PEREncFragmented, ASN1PEREncFragmentedChar16String, ASN1PEREncFragmentedChar32String, ASN1PEREncFragmentedCharString, ASN1PEREncFragmentedIntx, ASN1PEREncFragmentedLength, ASN1PEREncFragmentedTableChar16String, ASN1PEREncFragmentedTableChar32String, ASN1PEREncFragmentedTableCharString, ASN1PEREncFragmentedUIntx, ASN1PEREncGeneralizedTime, ASN1PEREncInteger, ASN1PEREncMultibyteString, ASN1PEREncNormallySmall, ASN1PEREncNormallySmallBits, ASN1PEREncObjectIdentifier, ASN1PEREncObjectIdentifier2, ASN1PEREncOctetString_FixedSize, ASN1PEREncOctetString_FixedSizeEx, ASN1PEREncOctetString_NoSize, ASN1PEREncOctetString_VarSize, ASN1PEREncOctetString_VarSizeEx, ASN1PEREncOctets, ASN1PEREncRemoveZeroBits, ASN1PEREncSeqOf_NoSize, ASN1PEREncSeqOf_VarSize, ASN1PEREncSimpleChoice, ASN1PEREncSimpleChoiceEx, ASN1PEREncTableChar16String, ASN1PEREncTableChar32String, ASN1PEREncTableCharString, ASN1PEREncUTCTime, ASN1PEREncUnsignedInteger, ASN1PEREncUnsignedShort, ASN1PEREncZero, ASN1PERFreeSeqOf, ASN1_CloseDecoder, ASN1_CloseEncoder, ASN1_CloseEncoder2, ASN1_CloseModule, ASN1_CreateDecoder, ASN1_CreateDecoderEx, ASN1_CreateEncoder, ASN1_CreateModule, ASN1_Decode, ASN1_Encode, ASN1_FreeDecoded, ASN1_FreeEncoded, ASN1_GetDecoderOption, ASN1_GetEncoderOption, ASN1_SetDecoderOption, ASN1_SetEncoderOption, ASN1bitstring_cmp, ASN1bitstring_free, ASN1char16string_cmp, ASN1char16string_free, ASN1char32string_cmp, ASN1char32string_free, ASN1charstring_cmp, ASN1charstring_free, ASN1generalizedtime_cmp, ASN1intx2int32, ASN1intx2uint32, ASN1intx_add, ASN1intx_free, ASN1intx_setuint32, ASN1intx_sub, ASN1intx_uoctets, ASN1intxisuint32, ASN1objectidentifier2_cmp, ASN1objectidentifier_cmp, ASN1objectidentifier_free, ASN1octetstring_cmp, ASN1octetstring_free, ASN1open_cmp, ASN1open_free, ASN1uint32_uoctets, ASN1utctime_cmp, ASN1utf8string_free, ASN1ztchar16string_cmp, ASN1ztchar16string_free, ASN1ztchar32string_free, ASN1ztcharstring_cmp, ASN1ztcharstring_free

packers (Kaspersky): UPX
packers (F-Prot): UPX

注意: VirusTotal 是 Hispasec Sistemas 提供的免费服务. 我们不保证任何该服务的可用性和持续性. 尽管使用多种反病毒引擎所提供的检测率优于使用单一产品, 但这些结果并不保证文件无害. 目前来说, 没有任何一种解决方案可以提供 100% 的病毒和恶意软件检测率. 如果您购买了一款声称具有此能力的产品, 那么您可能已经成为受害者.

显示全部楼层 · 发表于 2008-8-18 20:26:31

反病毒引擎版本最后更新扫描结果
AhnLab-V3 2008.8.15.0 2008.08.18 -
AntiVir 7.8.1.19 2008.08.18 TR/Crypt.FKM.Gen
Authentium 5.1.0.4 2008.08.18 -
Avast 4.8.1195.0 2008.08.17 -
AVG 8.0.0.161 2008.08.18 -
BitDefender 7.2 2008.08.18 -
CAT-QuickHeal 9.50 2008.08.16 -
ClamAV 0.93.1 2008.08.18 -
DrWeb 4.44.0.09170 2008.08.18 -
eSafe 7.0.17.0 2008.08.17 Suspicious File
eTrust-Vet 31.6.6035 2008.08.15 -
Ewido 4.0 2008.08.18 -
F-Prot 4.4.4.56 2008.08.18 -
F-Secure 7.60.13501.0 2008.08.18 -
Fortinet 3.14.0.0 2008.08.18 -
GData 2.0.7306.1023 2008.08.18 -
Ikarus T3.1.1.34.0 2008.08.18 -
K7AntiVirus 7.10.417 2008.08.18 -
Kaspersky 7.0.0.125 2008.08.18 -
McAfee 5362 2008.08.15 -
Microsoft 1.3807 2008.08.18 -
NOD32v2 3364 2008.08.18 -
Norman 5.80.02 2008.08.15 -
Panda 9.0.0.4 2008.08.17 -
PCTools 4.4.2.0 2008.08.18 -
Prevx1 V2 2008.08.18 -
Rising 20.58.02.00 2008.08.18 -
Sophos 4.32.0 2008.08.18 -
Sunbelt 3.1.1546.1 2008.08.15 -
Symantec 10 2008.08.18 -
TheHacker 6.3.0.5.053 2008.08.18 -
TrendMicro 8.700.0.1004 2008.08.18 -
VBA32 3.12.8.3 2008.08.18 -
ViRobot 2008.8.18.1339 2008.08.18 -
VirusBuster 4.5.11.0 2008.08.18 -
Webwasher-Gateway 6.6.2 2008.08.18 Trojan.Crypt.FKM.Gen

显示全部楼层 · 发表于 2008-8-18 20:28:42

注意: 就算报告发现病毒，也可能是杀软误报，请根据查毒结果自行判断

显示全部楼层 · 发表于 2008-8-18 21:22:58

上报费尔

显示全部楼层 · 发表于 2008-8-18 21:33:39

to kl

显示全部楼层 · 发表于 2008-8-18 21:39:04

包含在软件
名字: Windows XP Home Edition, Deutsch
执照: 商业
信息链接: http://www.microsoft.com/windowsxp/
文件细节
文件道路: C:\WINDOWS\$NtUninstallKB835732$ \ msasn1.dll
文件日期: 2002-08-29 14:00:00
版本: 5.1.2600.0
文件大小: 51.200 字节
检查和和文件hashes
CRC32: 801072F5
MD5: E472 1802 7EB1 110C D422 A1D6 85C9 3125
SHA1: D255 F3A8 04EC 7A56 A5BE 3672 CFE3 92B3 CCC2 49A6
版本资源信息
公司名称: Microsoft Corporation
文件描述: ASN.1 Runtime APIs
文件操作系统: Windows NT, Windows 2000, Windows XP, Windows 2003
文件类型: Dynamic Link Library (DLL)
文件版本: 5.1.2600.0
内部名: msasn1.dll
法律版权: Microsoft Corporation. All rights reserved.
原始的文件名: msasn1.dll
产品名称: Microsoft Windows Operating System
产品版本: 5.1.2600.0

显示全部楼层 · 发表于 2008-8-18 21:39:50

貌似是误报，上报红伞

显示全部楼层 · 发表于 2008-8-18 22:22:32

很可能误报

[病毒样本] 只有小红伞报

杀掉找死啊！