一个可疑程序

loveyuwei

这个是解压后手动扫描的截图。

跳过，删除那个病毒文件就OK了。

hjw

刚红伞更新了，情况还是刚才那样，卡巴也不报，看来还是有启发的作用了

hzyw

ESS nis2009扫描都miss了。。。运行都拦截

[ 本帖最后由 hzyw 于 2008-10-16 15:21 编辑 ]

08红伞威点

原帖由 残泪天堂 于 2008-10-16 14:32 发表
拿过来给高手们分析分析
377895

Suspicious Files and Miscellaneous Uploads
Thank you for your submission. Below you can see the current status of the uploaded files.


We received the following archive files:

File ID	Filename	Size (Byte)	Result
25162765	081016a.rar	176.79 KB	OK

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25162732	scan.exe	182 KB	MALWARE

Please find a detailed report concerning each individual sample below:

Filename	Result
scan.exe	MALWARE

The file 'scan.exe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.FakeAler.AY. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.


Please note that you will receive an email which will contain the results shown above. In case the final outcome of the analysis is not yet finished for all files the notification will be sent once ready.
--------------------------------------------------------------------------------------------------------------------------------------------------
文件 'scan.exe' 已经决定是 '恶意软体'. 我们的分析师命名了威胁 TR/Dldr.FakeAler.AY 。 ～～下次更新将会被加到我们的病毒定义文件 (VDF)之一 。

尤金卡巴斯基

过特征码，To Kl

Palkia

金山 0

c5132902

原帖由 hjw 于 2008-10-16 14:56 发表
                       
VirSCAN.org Scanned Report :
Scanned time   : 2008/10/16 14:53:39 (CST)
Scanner results: 5%的杀软(2/38)报告发现病毒
File Name      : scan1.rar
File Size       ...

AVG KILL

agggg5566

http://bbs.vc52.cn/thread-45451-1-1.html

已分析

lingbo110120

scan.exe - Win32/TrojanDownloader.FakeAlert.DR 特洛伊木马
NOD砍掉

sam.to

已刪除: 特洛伊木馬程式 Backdoor.Win32.Frauder.ms        檔案: C:\Documents and Settings\kato9096\桌面\scan1.rar/scan.exe