Suspious Sample

http://www.virscan.org/report/1f9a787e806f4cdcffcc4e2db34b08eb.html IK,A2,McAfee,Avira,Comodo think it’s a virus.
This was submitted on June 1, hence can anyone analyse it to see whether it’s a malware?
Download link: http://bbs.kafan.cn/forum.php?mod=attachment&aid=ODM1MjM4fDEwNzgxZmI2fDEyNzY1MDY2MjZ8NDcwNzI1

A new scan gives this result

VirScan - Default.SFX - 2/36
http://virscan.org/report/01a6a51de4da881e0b63f05a55def55c.html

Eh,that’s…bizarre, why IK detected it as a virus while a2 treats it as a clean file? And I actually want to know WHETHER it’s infected…Anyway avira and IK always give hosts of false positives

Eh,that's....bizarre, why IK detected it as a virus while a2 treats it as a clean file?
you mean since a2 have ikarus virus engine........look at the update....a2 - 2010-06-12 and Ikarus - 2010-06-14 it may be why.....in your scan both had update 2010-06-03....and a2 have remove detection, but not Ikarus with newest update....?...jepp strange

Try www.virustotal.com and see what result you get…

The first scan was done on June 3rd, and both a2 and IK detected it as positive alarm,

VirusTotal - Default.SFX - 7/41
http://www.virustotal.com/analisis/0dcc42143326157d43579b8e6b813780715c2f4c3d20017d27001c99f95d84ec-1276524213

confirmed Malware by Norman - Default.SFX : Processed - Agent.UUJB

Thank you…
But I do wonder what Avast! is doing during the ten days…

Hi ziucqea,

Read about this here: http://bbs.kafan.cn/forum.php?mod=viewthread&action=printable&tid=715135
Self extracted file can not be opened because damaged: 自解压文件损坏,无法运行
Says: I have this sample coming from…
此样本我已经上报了

htxp://samples.nod32.com.hk/index.php%3Fa%3Dquery%26md5%3Dbb6775d42bfe3b21c185430ee78cc55f&r

恶意网站分布图
polonus

Yeah, that was June 3rd
And 12 days later, avast! is still taking it as a clean file…]