红伞误报mswinsck.ocx

sac

RT  扫描结果 :                  3%的杀软(1/36)报告发现病毒

[ 本帖最后由 sac 于 2008-2-23 17:10 编辑 ]

spaceplane

居然不是误报

[ 本帖最后由 spaceplane 于 2008-2-23 17:38 编辑 ]

ykz1991

已经上报

悠柚

我上报了
Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00125075.




We received the following archive files:



File ID  Filename  Size (Byte) Result
3732345  MSWINSCK.rar 49.79 KB OK

A listing of files contained inside archives alongside their results can be found below:

File ID  Filename  Size (Byte) Result
3732346  MSWINSCK.OCX  73.5 KB  MALWARE


Please find a detailed report concerning each individual sample below:

Filename Result
MSWINSCK.OCX  MALWARE

The file 'MSWINSCK.OCX' has been determined to be 'MALWARE'. Our analysts named the threat HEUR/Crypted. This malware is detected by a special detection routine from the engine module.


Alternatively you can see the analysis result here:
http://analysis.avira.com/sample ... p;incidentid=125075

An overview of all your submissions can be found here:
http://analysis.avira.com/sample ... 4d2PtLMSKLcGvgrkLDX


Please note: The detection of Spy/Adware is not available in the product "AntiVir PersonalEdition Classic". Please address specific questions to support@avira.com

Kind regards
Avira Virus Lab

---------------------------------------------
Avira GmbH
Lindauer Str. 21, D-88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-525 10
Internet: http://www.avira.com

CEO: Tjark Auerbach
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992
---------------------------------------------
ps：红伞执迷不悟

stonejr

我下载了个同名的文件,你比对下.
不知道是不是有多个MSWINSCK.OCX

悠柚

就是这个，md5我比对过

stonejr

MD5一样?文件大小不一样啊,还有我传的这个不报,楼主传的那个报启发..奇怪了,这样MD5也一样啊..

悠柚

汗，看错了， 对不起lz，不过第一个帖子里的结果是红伞启发

sean666

ocx 是控制项，行为和某些恶意程式一模一样，红伞没有误报！
你在General 那边的选项勾选了一大堆啥后门啊、自动拨号啊、间谍程式之类的等等……
你叫红伞抓出这些程序，红伞抓出来给你了,你说它误报？？
很多使用者不明究理就以为红伞误报，才会有谣言说红伞很会误报，其实都是误会！

曲中求

说得不错！

只是，这个报的是HEUR/Crypted..........