Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

False Positives? [SOLVED]

wenapee

Recommended Posts

wenapee Newbie

wenapee

Posted
Posted

Reporting possible False positife, Trojan.SdBot, tested 3 files (C:\i386\EqnClass.Dll, C:\WINDOWS\system32\dpcdll.dll, C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\3082\cscompui.dll) on www.virustotal.com and all results where that 0 of the scanners detected anything.

 

Here is the scan report:

 

IObit Security 360

 

OS:Windows XP

Version:1.4.0.11

Define Version:1330

 

Time Elapsed:00:40:28

Objects Scanned:69023

Threats Found:8

 

|Name|Type|Description|ID|

Trojan.SdBot, File, C:\i386\EqnClass.Dll, 12-1695

Trojan.SdBot, File, C:\WINDOWS\system32\dpcdll.dll, 12-1695

Trojan.SdBot, File, C:\WINDOWS\system32\EqnClass.Dll, 12-1695

Trojan.SdBot, File, C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE_NLD.dll, 12-1695

Trojan.SdBot, File, C:\WINDOWS\ServicePackFiles\i386\dpcdll.dll, 12-1695

Trojan.SdBot, File, C:\WINDOWS\ServicePackFiles\i386\ipevldpc.dll, 12-1695

Trojan.SdBot, File, C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Previews-Common\MMACEPrev.exe, 12-1695

Trojan.SdBot, File, C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\3082\cscompui.dll, 12-1695

Link to comment
Share on other sites
hxin Newbie

hxin

Posted
Posted
Reporting possible False positife, Trojan.SdBot, tested 3 files (C:\i386\EqnClass.Dll, C:\WINDOWS\system32\dpcdll.dll, C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\3082\cscompui.dll) on www.virustotal.com and all results where that 0 of the scanners detected anything.

 

Here is the scan report:

 

IObit Security 360

 

OS:Windows XP

Version:1.4.0.11

Define Version:1330

 

Time Elapsed:00:40:28

Objects Scanned:69023

Threats Found:8

 

|Name|Type|Description|ID|

Trojan.SdBot, File, C:\i386\EqnClass.Dll, 12-1695

Trojan.SdBot, File, C:\WINDOWS\system32\dpcdll.dll, 12-1695

Trojan.SdBot, File, C:\WINDOWS\system32\EqnClass.Dll, 12-1695

Trojan.SdBot, File, C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE_NLD.dll, 12-1695

Trojan.SdBot, File, C:\WINDOWS\ServicePackFiles\i386\dpcdll.dll, 12-1695

Trojan.SdBot, File, C:\WINDOWS\ServicePackFiles\i386\ipevldpc.dll, 12-1695

Trojan.SdBot, File, C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Previews-Common\MMACEPrev.exe, 12-1695

Trojan.SdBot, File, C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\3082\cscompui.dll, 12-1695

 

Dear wenapee

Thanks for your feedback.

you can upload or send us your suspicious file, and then we can further investigate it. At the same time, you can upload your suspicious file to http://www.virustotal.com for analyzing, and post your analysis report.

 

We are looking forward to your reply.

Link to comment
Share on other sites
attila Newbie

attila

Posted
Posted

False pozitive ?

 

False pozitive ?:?:

 

IObit Security 360

 

Operációs RendszerWindows Vista

Verzió:1.4.1.11

Meghatározott verzió:1330

Idő:00:05:53

Vizsgált elemek:47294

Talált fenyegetések:1

 

|Név|Tipus|Leírás|Azonosító|

Trojan.Agent, File, C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe, 12-912

 

Virus total research.

 

A(z) cvtres.exe állomány feltöltve: 2010.02.26 05:44:35 (UTC)

Pillanatnyi állapot: befejeződött

Eredmény: 0/41 (0.00%)

Formázott

Eredmény nyomtatása Antivírus Verzió Utolsó frissítés Eredmény

a-squared 4.5.0.50 2010.02.26 -

AhnLab-V3 5.0.0.2 2010.02.25 -

AntiVir 8.2.1.172 2010.02.25 -

Antiy-AVL 2.0.3.7 2010.02.25 -

Authentium 5.2.0.5 2010.02.25 -

Avast 4.8.1351.0 2010.02.25 -

AVG 9.0.0.730 2010.02.25 -

BitDefender 7.2 2010.02.26 -

CAT-QuickHeal 10.00 2010.02.26 -

ClamAV 0.96.0.0-git 2010.02.25 -

Comodo 4065 2010.02.26 -

DrWeb 5.0.1.12222 2010.02.26 -

eSafe 7.0.17.0 2010.02.25 -

eTrust-Vet 35.2.7329 2010.02.25 -

F-Prot 4.5.1.85 2010.02.25 -

F-Secure 9.0.15370.0 2010.02.26 -

Fortinet 4.0.14.0 2010.02.25 -

GData 19 2010.02.26 -

Ikarus T3.1.1.80.0 2010.02.26 -

Jiangmin 13.0.900 2010.02.25 -

K7AntiVirus 7.10.983 2010.02.25 -

Kaspersky 7.0.0.125 2010.02.26 -

McAfee 5903 2010.02.25 -

McAfee+Artemis 5903 2010.02.25 -

McAfee-GW-Edition 6.8.5 2010.02.26 -

Microsoft 1.5502 2010.02.25 -

NOD32 4896 2010.02.25 -

Norman 6.04.08 2010.02.25 -

nProtect 2009.1.8.0 2010.02.26 -

Panda 10.0.2.2 2010.02.25 -

PCTools 7.0.3.5 2010.02.25 -

Prevx 3.0 2010.02.26 -

Rising 22.36.04.01 2010.02.26 -

Sophos 4.50.0 2010.02.26 -

Sunbelt 5700 2010.02.26 -

Symantec 20091.2.0.41 2010.02.26 -

TheHacker 6.5.1.6.211 2010.02.26 -

TrendMicro 9.120.0.1004 2010.02.26 -

VBA32 3.12.12.2 2010.02.25 -

ViRobot 2010.2.26.2203 2010.02.26 -

VirusBuster 5.0.27.0 2010.02.25 -

További információ

File size: 32064 bytes

MD5 : 304503dee4d3f7989b8660c62cafae28

SHA1 : 98be7508db1de44640aca947791275ae87051972

SHA256: 4f2b4189c83fe454951846d0a7e100a77071e423f42bc960c31ae1485efe9fcb

PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0x4D61

timedatestamp.....: 0x49CC5CB7 (Fri Mar 27 05:57:27 2009)

machinetype.......: 0x14C (Intel I386)

 

( 3 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x4D72 0x4E00 6.40 d9e232e87a9e922ec98b51d43cb6b93d

.data 0x6000 0x115C 0x200 2.41 1bd2958c16850d90ebc1acb5d37f2e28

.rsrc 0x8000 0x104C 0x1200 4.37 707c991cce4382dc19a7a6f999c7a3a4

 

( 3 imports )

 

> advapi32.dll: CryptGetHashParam, CryptHashData, CryptCreateHash, CryptAcquireContextA, CryptDestroyHash

> kernel32.dll: GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, SetUnhandledExceptionFilter, InterlockedCompareExchange, Sleep, InterlockedExchange, FindResourceA, LoadResource, GetFileType, GetConsoleMode, SetErrorMode, GetVersion, GetCPInfo, GetCurrentProcessId, GetModuleFileNameA, CreateFileMappingA, MapViewOfFileEx, CloseHandle, UnmapViewOfFile, GetFileAttributesA, GetModuleHandleA, GetProcAddress, GetSystemDefaultLangID, GetConsoleOutputCP, GetLocaleInfoA, FindFirstFileA, FindNextFileA, FindClose, LoadLibraryExA, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, WideCharToMultiByte, IsDebuggerPresent

> msvcr80.dll: _putwch, fputws, _cputws, vfwprintf, _vcwprintf, _amsg_exit, __wgetmainargs, _cexit, _exit, _XcptFilter, __winitenv, _initterm, _initterm_e, _configthreadlocale, __setusermatherr, fputwc, __p__commode, __p__fmode, _encode_pointer, __set_app_type, _terminate@@YAXXZ, _unlock, __dllonexit, _lock, _onexit, _decode_pointer, _except_handler4_common, _invoke_watson, _controlfp_s, _crt_debugger_hook, __iob_func, fseek, ftell, fread, _fsopen, _wfsopen, setlocale, _wcsicmp, _wcsnicmp, _wmakepath, _wsplitpath, _tzset, _fcloseall, _time64, remove, _wremove, calloc, exit, memmove, _wfullpath, __CxxFrameHandler3, _wcsdup, sprintf, strncpy, _chsize, fclose, fwrite, _splitpath, _makepath, strncat, _ultow, memcpy, _fileno, _get_osfhandle, free, memset, strncat_s, atoi, strncpy_s, _itoa, _adjust_fdiv, atol

 

( 0 exports )

TrID : File type identification

Win64 Executable Generic (80.9%)

Win32 Executable Generic (8.0%)

Win32 Dynamic Link Library (generic) (7.1%)

Generic Win/DOS Executable (1.8%)

DOS Executable Generic (1.8%)

ssdeep: 768:AaFpbp49YK+2Cza0pS6icHmMl9CvwOElkn3yKdnMkz4Z1j8gd5:rd4+KTMVJHmMsEBKdnMbZ175

sigcheck: publisher....: Microsoft Corporation

copyright....: © Microsoft Corporation. All rights reserved.

product......: Microsoft_ Visual Studio_ 2005

description..: Microsoft_ Resource File To COFF Object Conversion Utility

original name: CVTRES.EXE

internal name: CVTRES.EXE

file version.: 8.00.50727.4016 (NetFxQFE.050727-4000)

comments.....: n/a

signers......: Microsoft Corporation

Microsoft Code Signing PCA

Microsoft Root Authority

signing date.: 11:17 AM 3/27/2009

verified.....: -

PEiD : -

RDS : NSRL Reference Data Set

-

 

 

 

FIGYELEM: VirusTotal a Hispasec Sistemas ingyenesen biztosított szolgáltatása. Semminemű garanciát nem vállalunk ennek a szolgáltatásnak az elérhetőségére és folyamatosságára. Bár a több, különféle víruskereső motornak köszönhetően a felismerési arány kiemelkedő, ezek az eredmények együttesen SEM GARANTÁLJÁK, hogy egy adott állomány valóban ártalmatlan. Pillanatnyilag nem létezik olyan technikai megoldás, amely 100 százalékos biztonsággal képes lenne kimutatni a vírusokat és más kártevőket..

Link to comment
Share on other sites
wozofoz Newbie

wozofoz

Posted
Posted

Update please

 

Welcome to the forum attila :smile:

 

IObit Security 360

 

Operációs RendszerWindows Vista

Verzió:1.4.1.11

Meghatározott verzió:1330

Idő:00:05:53

Vizsgált elemek:47294

Talált fenyegetések:1

 

Meghatározott verzió:1330 is old

 

Please update Security 360 to the latest Meghatározott verzió:1332 then rescan :smile:

 

All the best, woz of oz

Link to comment
Share on other sites
wozofoz Newbie

wozofoz

Posted
Posted

jó hír

 

Thanks for your help!

Updated version specific: 1332, okay, good!:-D

 

Good news, and thanks for the reply (Jó hír, és köszönöm a választ) :smile:

 

Küldjön be egy jobb fordítást

 

Attila

 

That translation was good (Hogy a fordítás jó volt) :-D

 

(Google Translate)

 

All the best, woz of oz

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...