Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

johnalan

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

 Content Type 

Posts posted by johnalan

    How to report False Positive to us?

    in False Positive Reports by IObit Products

    Posted

    wikisend doesn't

     

    I tried uploading ss32.dll several times to wikisend and always got 0% progress and then it would error out. I even registered there - no difference.

     

    I did scan that file with FIVE other security programs and it passed each one. Those programs were AVG, Glary, ASC, Malwarebytes and Spybot - all the latest versions. I have no reason to believe ss32.dll is a threat. Seems 360 is wrong on this one.

     

    If you have another place I can upload it too, I will try. Wikisend didn't work for me...

     

     

    OK, I uploaded to virus tool and there is the report:

     

    File SS32.dll received on 2010.07.20 04:42:39 (UTC)

    Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

    Result: 0/42 (0%)

     

    Additional information

    File size: 114688 bytes

    MD5...: 44c0e0838c0b2bfb9c4fdd588c569b94

    SHA1..: 7eaffa07248682cd4263adceb1f1ebcb0850739f

    SHA256: ac452ca1569995e056b3774fa61ff62d265b8ebe409951c55ca57e75977aafca

    ssdeep: 1536:NAbi9gE5URSRTy4HsOo95rGybk2nhTERTyo9CV7JGe7LqE2n3bo:diRSZb+

    K9+HmEG3bo

    PEiD..: -

    PEInfo: PE Structure information

     

    ( base data )

    entrypointaddress.: 0x945a

    timedatestamp.....: 0x38baa0af (Mon Feb 28 16:22:07 2000)

    machinetype.......: 0x14c (I386)

     

    ( 4 sections )

    name viradd virsiz rawdsiz ntrpy md5

    .text 0x1000 0x10492 0x11000 6.61 c4fe15eda30aa6c152d6b896f66ae560

    .rdata 0x12000 0x5193 0x6000 5.02 901228882a1f3731745e830f142ace31

    .data 0x18000 0x344c 0x2000 2.48 c6c45949b6853f888abb419ac99b5ef9

    .reloc 0x1c000 0x1980 0x2000 4.60 7d3bdb929346fdad2a13be0510757841

     

    ( 1 imports )

    > KERNEL32.dll: HeapDestroy, GetCommandLineA, GetVersion, GetProcAddress, GetModuleHandleA, RaiseException, EnterCriticalSection, LeaveCriticalSection, HeapFree, GetLastError, CloseHandle, ReadFile, InitializeCriticalSection, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, SetFilePointer, WriteFile, ExitProcess, TerminateProcess, GetCurrentProcess, GetCurrentThreadId, TlsSetValue, TlsAlloc, TlsFree, SetLastError, TlsGetValue, GetModuleFileNameA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStrings, GetEnvironmentStringsW, lstrcpyA, HeapCreate, VirtualFree, InterlockedDecrement, InterlockedIncrement, HeapAlloc, VirtualAlloc, HeapReAlloc, SetStdHandle, FlushFileBuffers, CreateFileA, MultiByteToWideChar, GetStringTypeA, GetStringTypeW, GetCPInfo, GetACP, GetOEMCP, LoadLibraryA, LCMapStringA, LCMapStringW, SetEndOfFile, RtlUnwind

     

    ( 31 exports )

    _Aberr2@@YGXPAVCSolarSystem@@PAN1@Z, _AtmRefraction@@YGNN@Z, _CalendarToJD@@YGNPAUtagTDATE@@@Z, _ComputeAsteroid@@YGXPAVCSolarSystem@@PAUtagASTEROID_INPUT@@PAUPeriodicInfo@@@Z, _ComputeComet@@YGXPAVCSolarSystem@@PAUtagCOMET_INPUT@@PAUPeriodicInfo@@@Z, _ComputeLSTandJD@@YGXPAUWhenWhere@@PAN1@Z, _ComputeSolarSystem@@YGHPAVCSolarSystem@@PBD@Z, _CreateMinorPlFile@@YGHPAVCSolarSystem@@HPADN1@Z, _DateOfEaster@@YGXHPAUtagTDATE@@@Z, _DayOfWeek@@YGHN@Z, _DayOfYear@@YGHPAUtagTDATE@@@Z, _EqToHorizDegs@@YGXPAVCSolarSystem@@NNPAN1@Z, _EquinoxSolstice@@YGNHH@Z, _GeneralEclipseData@@YGHNPAN000@Z, _HorizToEqDegs@@YGXPAVCSolarSystem@@NNPAN1@Z, _IsDST@@YGHPAUtagTDATE@@D@Z, _JDToCalendar@@YGXNPAUtagTDATE@@D@Z, _MinorPlInputToPerInfo@@YGXPAVCSolarSystem@@PAUtagASTEROID_INPUT@@PAUPeriodicInfo@@@Z, _MoonPhase@@YGNJH@Z, _NextLunarEclipse@@YGNNHPAN00PAH@Z, _NextSolarEclipse@@YGNNPANPAH@Z, _Nutation2@@YGXNNNPAN0@Z, _Nutation@@YGXNNNPAN0@Z, _Precess@@YGXHNNPAN0@Z, _PrecessFK4@@YGXNNPAN0@Z, _PrecessFK5@@YGXNNPAN0@Z, _RiseSet@@YGXNNNNNNNNNNNPAN00PAH@Z, _SiderealTime0@@YGNN@Z, _SiderealTime@@YGNN@Z, _StaticRiseSet@@YGXPAVCSolarSystem@@NNPAN11PAH@Z, _ssGetDllVersion@@YGHXZ

    RDS...: NSRL Reference Data Set

    -

    sigcheck:

    publisher....: n/a

    copyright....: n/a

    product......: n/a

    description..: n/a

    original name: n/a

    internal name: n/a

    file version.: n/a

    comments.....: n/a

    signers......: -

    signing date.: -

    verified.....: Unsigned

    trid..: Win32 Executable MS Visual C++ (generic) (65.2%)

    Win32 Executable Generic (14.7%)

    Win32 Dynamic Link Library (generic) (13.1%)

    Generic Win/DOS Executable (3.4%)

    DOS Executable Generic (3.4%)

    pdfid.: -

    How to report False Positive to us?

    in False Positive Reports by IObit Products

    Posted

    Trojan False positive SS32.dll [sOLVED by db 1700]

     

    IObit Security 360

     

    OS:Windows XP

    Version:1.4.5.67

    Define Version:1642

    Time Elapsed:01:14:24

    Objects Scanned:120822

    Threats Found:1

     

    |Name|Type|Description|ID|

    Trojan.Win32/BHO, File, C:\Program Files\Common Files\System\SS32.dll, 4-752

     

     

    I am going to scan with 2 or 3 other programs I used to see if any of them show this as a trojan. It was installed by a commercial astronomy program that I got on CD, Cellestron's "The Sky". Everytime I let 360 remove it the program ceases to function and I have to reinstall it. I will update this post later tonight with results of other testing.

     

    Thanks!!!

×
×
  • Create New...