版主，我从辅助区常用小工具合集下载的一些软件小红伞报有毒？？

显示全部楼层 · 发表于 2009-2-10 11:23:40

我从辅助区常用小工具合集下载的Newspy和password44.exe小红伞说有毒··········
我也不知道怎么回事········难道是误报······
我是菜鸟，如果因为我自己操作不当造成误报，请谅解，嘿嘿(*^__^*) ……

下面是红伞的扫描报告，希望看一下，谢谢
   第一个password44.exe
Avira AntiVir Personal
Report file date: 2009年2月10日星期二  11:10

Scanning for 1327408 virus strains and unwanted programs.

Licensed to:    Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform:       Windows XP
Windows version:  (Service Pack 3)  [5.1.2600]
Boot mode:       Normally booted
Username:       Administrator
Computer name: 3DF788A1BCBD443

Version information:
BUILD.DAT    : 8.2.0.337    16934 Bytes  2008-11-18 13:05:00
AVSCAN.EXE : 8.1.4.10    315649 Bytes  2008-11-18 01:21:28
AVSCAN.DLL : 8.1.4.0       40705 Bytes 2008-5-26 00:56:42
LUKE.DLL    : 8.1.4.5    164097 Bytes 2008-6-12 05:44:20
LUKERES.DLL : 8.1.4.0       12033 Bytes 2008-5-26 00:58:54
ANTIVIR0.VDF  : 7.1.0.0    15603712 Bytes  2008-10-27 04:30:38
ANTIVIR1.VDF  : 7.1.1.113 2817536 Bytes 2009-1-14 00:24:46
ANTIVIR2.VDF  : 7.1.1.240 1659904 Bytes 2009-2-7 01:49:16
ANTIVIR3.VDF  : 7.1.1.249    54272 Bytes 2009-2-9 01:49:06
Engineversion : 8.2.0.76
AEVDF.DLL    : 8.1.1.0    106868 Bytes 2009-2-2 00:25:22
AESCRIPT.DLL  : 8.1.1.43    344442 Bytes 2009-2-7 01:49:08
AESCN.DLL    : 8.1.1.6    127348 Bytes 2009-2-2 00:25:18
AERDL.DLL    : 8.1.1.3    438645 Bytes 2008-11-4 06:58:40
AEPACK.DLL : 8.1.3.8    397684 Bytes 2009-2-5 01:17:26
AEOFFICE.DLL  : 8.1.0.33    196987 Bytes 2009-2-2 00:25:14
AEHEUR.DLL : 8.1.0.90    1573237 Bytes 2009-2-5 01:17:22
AEHELP.DLL : 8.1.2.0    119159 Bytes 2009-2-2 00:25:04
AEGEN.DLL    : 8.1.1.14    332148 Bytes 2009-2-7 01:49:08
AEEMU.DLL    : 8.1.0.9    393588 Bytes  2008-10-14 03:05:58
AECORE.DLL : 8.1.6.4    176501 Bytes 2009-2-3 01:17:14
AEBB.DLL    : 8.1.0.3       53618 Bytes  2008-10-14 03:05:58
AVWINLL.DLL : 1.0.0.12    15105 Bytes 2008-7-9 01:40:06
AVPREF.DLL : 8.0.2.0       38657 Bytes 2008-5-16 02:28:02
AVREP.DLL    : 8.0.0.2       98344 Bytes 2008-7-31 05:02:16
AVREG.DLL    : 8.0.0.1       33537 Bytes 2008-5-9 04:26:42
AVARKT.DLL : 1.0.0.23    307457 Bytes 2008-2-12 01:29:24
AVEVTLOG.DLL  : 8.0.0.16    119041 Bytes 2008-6-12 05:27:50
SQLITE3.DLL : 3.3.17.1    339968 Bytes 2008-1-22 10:28:04
SMTPLIB.DLL : 1.2.0.23    28929 Bytes 2008-6-12 05:49:42
NETNT.DLL    : 8.0.0.1       7937 Bytes 2008-1-25 05:05:12
RCIMAGE.DLL : 8.0.0.51    2371841 Bytes 2008-6-12 06:48:08
RCTEXT.DLL : 8.0.52.0    86273 Bytes 2008-6-27 06:34:38

Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\dcc1a993.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: delete
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: E:,
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high

Start of the scan: 2009年2月10日星期二  11:10

Starting the file scan:

Begin scan in 'E:\系统工具\密码查看器\Password44.rar'
E:\系统工具\密码查看器\Password44.rar
[0] Archive type: RAR
发表帖子[完成后可按 C --> ￏ￀﾿ￍￃￜￂ￫ﾲ￩﾿ﾴￆ?\aRingNT.exe
   [DETECTION] Is the TR/Horse.BWQ Trojan

End of the scan: 2009年2月10日星期二  11:10
Used time: 00:03 Minute(s)

The scan has been canceled!

   0 Scanning directories
   4 Files were scanned
   1 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   3 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2009-2-10 11:25:04

第二个是Newspy.exe

Avira AntiVir Personal
Report file date: 2009年2月10日星期二  11:24

Scanning for 1327408 virus strains and unwanted programs.

Licensed to:    Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform:       Windows XP
Windows version:  (Service Pack 3)  [5.1.2600]
Boot mode:       Normally booted
Username:       Administrator
Computer name: 3DF788A1BCBD443

Version information:
BUILD.DAT    : 8.2.0.337    16934 Bytes  2008-11-18 13:05:00
AVSCAN.EXE : 8.1.4.10    315649 Bytes  2008-11-18 01:21:28
AVSCAN.DLL : 8.1.4.0       40705 Bytes 2008-5-26 00:56:42
LUKE.DLL    : 8.1.4.5    164097 Bytes 2008-6-12 05:44:20
LUKERES.DLL : 8.1.4.0       12033 Bytes 2008-5-26 00:58:54
ANTIVIR0.VDF  : 7.1.0.0    15603712 Bytes  2008-10-27 04:30:38
ANTIVIR1.VDF  : 7.1.1.113 2817536 Bytes 2009-1-14 00:24:46
ANTIVIR2.VDF  : 7.1.1.240 1659904 Bytes 2009-2-7 01:49:16
ANTIVIR3.VDF  : 7.1.1.249    54272 Bytes 2009-2-9 01:49:06
Engineversion : 8.2.0.76
AEVDF.DLL    : 8.1.1.0    106868 Bytes 2009-2-2 00:25:22
AESCRIPT.DLL  : 8.1.1.43    344442 Bytes 2009-2-7 01:49:08
AESCN.DLL    : 8.1.1.6    127348 Bytes 2009-2-2 00:25:18
AERDL.DLL    : 8.1.1.3    438645 Bytes 2008-11-4 06:58:40
AEPACK.DLL : 8.1.3.8    397684 Bytes 2009-2-5 01:17:26
AEOFFICE.DLL  : 8.1.0.33    196987 Bytes 2009-2-2 00:25:14
AEHEUR.DLL : 8.1.0.90    1573237 Bytes 2009-2-5 01:17:22
AEHELP.DLL : 8.1.2.0    119159 Bytes 2009-2-2 00:25:04
AEGEN.DLL    : 8.1.1.14    332148 Bytes 2009-2-7 01:49:08
AEEMU.DLL    : 8.1.0.9    393588 Bytes  2008-10-14 03:05:58
AECORE.DLL : 8.1.6.4    176501 Bytes 2009-2-3 01:17:14
AEBB.DLL    : 8.1.0.3       53618 Bytes  2008-10-14 03:05:58
AVWINLL.DLL : 1.0.0.12    15105 Bytes 2008-7-9 01:40:06
AVPREF.DLL : 8.0.2.0       38657 Bytes 2008-5-16 02:28:02
AVREP.DLL    : 8.0.0.2       98344 Bytes 2008-7-31 05:02:16
AVREG.DLL    : 8.0.0.1       33537 Bytes 2008-5-9 04:26:42
AVARKT.DLL : 1.0.0.23    307457 Bytes 2008-2-12 01:29:24
AVEVTLOG.DLL  : 8.0.0.16    119041 Bytes 2008-6-12 05:27:50
SQLITE3.DLL : 3.3.17.1    339968 Bytes 2008-1-22 10:28:04
SMTPLIB.DLL : 1.2.0.23    28929 Bytes 2008-6-12 05:49:42
NETNT.DLL    : 8.0.0.1       7937 Bytes 2008-1-25 05:05:12
RCIMAGE.DLL : 8.0.0.51    2371841 Bytes 2008-6-12 06:48:08
RCTEXT.DLL : 8.0.52.0    86273 Bytes 2008-6-27 06:34:38

Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ee637ebe.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: delete
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: E:,
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high

Start of the scan: 2009年2月10日星期二  11:24

Starting the file scan:

Begin scan in 'E:\系统工具\个人电脑监视器\NewSpy.rar'
E:\系统工具\个人电脑监视器\NewSpy.rar
[0] Archive type: RAR
--> NewSpy.exe
   [DETECTION] Contains recognition pattern of the DR/RealSpy.B.41 dropper
[NOTE]    A backup was created as '4a07f3de.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!

End of the scan: 2009年2月10日星期二  11:24
Used time: 00:03 Minute(s)

The scan has been done completely.

   0 Scanning directories
   2 Files were scanned
   1 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   1 Archives were scanned
   0 Warnings
   1 Notes

希望看一下，谢谢斑竹！

显示全部楼层 · 发表于 2009-2-10 11:35:43

密码查看、监视之类的工具杀软很多都会误报的。上传到http://www.virscan.org/检查下就知道个大概了。
路过~
楼下高手继续~

[ 本帖最后由 backway 于 2009-2-10 11:36 编辑 ]

显示全部楼层 · 发表于 2009-2-10 11:52:25

这是刚从http://www.virscan.org检查的·········大多数还是没报毒的只有三分之一报了········

还是将就着用吧
附件如下········

文件名称 : Password44.rar
文件大小 : 521946 byte
文件类型 : RAR archive data, v1d, os
MD5 : 4995b2568ce1534d3744f162ffdb68a9
SHA1 : 206d8f12c9f8d03f9facba758d176103f1e8fbc0
扫描结果
扫描结果 : 35%的杀软(13/37)报告发现病毒
时间 : 2009/02/10 11:38:22 (CST)
软件名称引擎版本病毒库版本病毒库时间扫描结果时间
a-squared 4.0.0.29 20090209183317 2009-02-09 Win32.HLLW.Gavir.66!IK 2.457
AntiVir 7.9.0.76 7.1.1.249 2009-02-09 TR/Horse.BWQ 2.036
Authentium 5.1.1 200902092224 2009-02-09 - 1.145
AVAST! 3.0.1 090209-0 2009-02-09 - 0.097
AVG 7.5.52.442 270.10.19/1942 2009-02-09 Agent.AWLL 1.986
BitDefender 7.81008.2640194 7.23586 2009-02-10 - 2.552
CA (VET) 9.0.0.143 31.6.6347 2009-02-09 Win32/VMalum.ELUO unknown type. 4.138
ClamAV 0.94.2 8970 2009-02-10 - 0.179
Comodo 3.0 972 2009-02-09 TrojWare.Win32.Trojan.Agent.~JP 1.039
CP Secure 1.1.0.715 2009.02.10 2009-02-10 PSWTool.W32.PassView.cb 7.151
Dr.Web 4.44.0.9170 2009.02.10 2009-02-10 - 4.342
F-Prot 4.4.4.56 20090209 2009-02-09 - 1.136
F-Secure 5.51.6100 2009.02.09.12 2009-02-09 - 0.272
GData 19.2960/19.219 20090209 2009-02-09 - 3.868
Ikarus T3.1.01.45 2009.02.10.72279 2009-02-10 Win32.HLLW.Gavir.66 3.913
Microsoft 1.4306 2009.02.10 2009-02-10 - 5.135
mks_vir 2.01 2009.02.09 2009-02-09 - 2.861
Norman 6.00.02 6.00.00 2009-02-09 - 8.009
nProtect 20090209.02 3116375 2009-02-09 - 4.217
Quick Heal 10.00 2009.02.09 2009-02-09 - 1.163
Sophos 2.83.3 4.38 2009-02-10 Troj/PasSteal-B 2.415
Sunbelt 4804 4804 2009-02-06 AdWare.Win32.BHO.av 3.556
The Hacker 6.3.1.5 v00250 2009-02-09 - 2.149
VBA32 3.12.8.12 20090208.0932 2009-02-08 Win32.HLLW.Gavir.66 1.937
ViRobot 20090209 2009.02.09 2009-02-09 - 0.413
VirusBuster 4.5.11.10 10.101.7/894637 2009-02-09 - 1.239
卡巴斯基 5.5.10 2009.02.10 2009-02-10 not-a-virus:PSWTool.Win32.PassView.cb 0.194
安博士V3 2009.02.10.01 2009.02.10 2009-02-10 - 1.184
安天 2.0.18 20090209.2168553 2009-02-09 PSWTool/Win32.PassView.cb[:not_virus] 0.323
江民杀毒 11.0.706 2009.02.09 2009-02-09 - 1.473
熊猫卫士 9.05.01 2009.02.09 2009-02-09 - 3.068
瑞星 20.0 21.15.50.00 2009-02-07 - 0.999
赛门铁克 1.3.0.24 20090209.036 2009-02-09 - 0.231
趋势科技 8.700-1004 5.828.02 2009-02-09 - 0.080
迈克菲 5.3.00 5521 2009-02-09 - 3.274
金山毒霸 2008.9.8.18 2009.2.10.9 2009-02-10 Win32.Troj.Agent.61440

[ 本帖最后由 kukuhunter 于 2009-2-10 11:53 编辑 ]

显示全部楼层 · 发表于 2009-2-10 14:48:21

没关系了，杀毒软件一般都会误报，用HIPS就不会，除了微点

显示全部楼层 · 发表于 2009-2-10 15:38:35

为啥。。。。hips是什么的都报把。。。。

显示全部楼层 · 发表于 2009-2-10 17:28:29

红伞容易误报不是一天两天了～也不排除软件的确有问题

显示全部楼层 · 发表于 2009-2-10 20:55:41

那些是连网扫描抓包那些，不危害电脑，所以不报

显示全部楼层 · 发表于 2009-2-10 21:17:16

对于置顶帖中的辅助工具，我都曾经试用过才发上来的，应该没有什么问题！等我再找毒组的检测一下，感谢楼主的热心

显示全部楼层 · 发表于 2009-2-10 21:19:08

嘿嘿~~~~~~~~没啥，你说的我都不好意思了~~~~~~~~~·

[求助] 版主，我从辅助区常用小工具合集下载的一些软件小红伞报有毒？？

回复 5楼 tawny2008 的帖子

回复 6楼 easybeing 的帖子

回复 9楼水木的帖子

评分

[求助] 版主，我从辅助区常用小工具合集下载的一些软件小红伞报有毒？？

回复 5楼 tawny2008 的帖子

回复 6楼 easybeing 的帖子

回复 9楼 水木 的帖子

评分

回复 9楼水木的帖子