晕，小红伞把XP的EULA报毒了

闪电战

病毒库版本6.38.00.08
引擎版本7.03.01.38
高启发

最近接连遇到小红伞误报，前一次是报MSDN Liberary的一个文件，这次居然报一个XP的txt文件
似乎这个txt是昨天或今天升级才误报的，因为前天做过一次全盘扫描没有报

绅博周幸

Suspicious Files and Miscellaneous Uploads

Thank you for your submission. Below you can see the current status of the uploaded files.


--------------------------------------------------------------------------------


We received the following archive files:



File ID  Filename  Size (Byte) Result
217293  eula.rar 5.240 OK

A listing of files contained inside archives alongside their results can be found below:

File ID  Filename  Size (Byte) Result
217294  eula.txt  11.668  UNDER ANALYSIS


Please find a detailed report concerning each individual sample below:

Filename Result
eula.txt  UNDER ANALYSIS

The file 'eula.txt' has been determined to be 'UNDER ANALYSIS'.


--------------------------------------------------------------------------------
Please note that you will receive an email which will contain the results shown above. In case the final outcome of the analysis is not yet finished for all files the notification will be sent once ready.

周杰伦

已经上报了，明天就会回复了

闪电战

呃……
忘了说了，我已经提交了

allenhippo

txt也会报？夸张了吧

你们确定都报了么？

344640219

？？？
我怎么没遇到啊

闪电战

AntiVir 7.3.1.38/20070307 found [TR/Drop.NoteB.B]
Authentium 4.93.8/20070306 found nothing
Avast 4.7.936.0/20070307 found nothing
AVG 7.5.0.447/20070307 found nothing
BitDefender 7.2/20070307 found nothing
CAT-QuickHeal 9.00/20070306 found nothing
ClamAV devel-20060426/20070307 found nothing
DrWeb 4.33/20070307 found nothing
eSafe 7.0.14.0/20070306 found nothing
eTrust-Vet 30.6.3461/20070307 found nothing
Ewido 4.0/20070307 found nothing
F-Prot 4.3.1.45/20070306 found nothing
F-Secure 6.70.13030.0/20070307 found nothing
FileAdvisor 1/20070307 found [Not analyzed yet]
Fortinet 2.85.0.0/20070307 found nothing
Ikarus T3.1.1.3/20070307 found nothing
Kaspersky 4.0.2.24/20070307 found nothing
McAfee 4978/20070306 found nothing
Microsoft 1.2204/20070307 found nothing
NOD32v2 2100/20070307 found nothing
Norman 5.80.02/20070306 found nothing
Panda 9.0.0.4/20070307 found nothing
Prevx1 V2/20070307 found nothing
Sophos 4.15.0/20070307 found nothing
Sunbelt 2.2.907.0/20070305 found nothing
Symantec 10/20070307 found nothing
TheHacker 6.1.6.070/20070306 found nothing
UNA 1.83/20070306 found nothing
VBA32 3.11.2/20070307 found nothing
VirusBuster 4.3.19:9/20070306 found nothing

hnhkxywl

纯文本文件一般不会是病毒，但NTFS数据流木马可以用type命令将数据流木马程序加入到txt文件中，并且看不出有任何变化，eula.txt我记得是微软的用户许可协议文件，D版系统可能会改动这个文件

绅博周幸

Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00015561.




We received the following archive files:


File ID  Filename  Size (Byte) Result
217293  eula.rar 5.240 OK

A listing of files contained inside archives alongside their results can be found below:

File ID  Filename  Size (Byte) Result
217294  eula.txt  11.668  FALSE POSITIVE


Please find a detailed report concerning each individual sample below:

Filename Result
eula.txt  FALSE POSITIVE

The file 'eula.txt' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.


红伞回复确实是误报，下次升级就好了

闪电战

今天已经不报了