這圖檔又被掛馬了...

蔚藍領域

http://www.gamanir.com/12/heka.asp?=20070365d224GyBfHe63tEs3tEsEtjs4Bfgf21.jpg

aerbeisi

[Found possible security risk]  <W32/Heuristic-162!Eldorado (not disinfectable)> C:\test\heka.exe->(RAR)->maikmr.exe->(Klone.AF)->(Klone.AF)

挪威的冬天

金山MISS

The EQs

2008-3-27 14:08:27        Real-time file system protection        file        C:\Documents and Settings\Don johnson\桌面\heka.exe.part        a variant of Win32/PSW.OnLineGames.PLR trojan        deleted - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a file modified by the application: D:\Program Files\Mozilla Firefox\firefox.exe.

秋叶濛濛

红伞miss 已上报
File ID  Filename  Size (Byte) Result
3801554  heka.zip 285.48 KB OK

A listing of files contained inside archives alongside their results can be found below:

File ID  Filename  Size (Byte) Result
3801555  heka.exe  335.91 KB  UNDER ANALYSIS


Please find a detailed report concerning each individual sample below:

Filename Result
heka.exe  UNDER ANALYSIS

The file 'heka.exe' has been determined to be 'UNDER ANALYSIS'.

solcroft

出乎意料...
反而是一直以来死命不肯报的nod32更新了

14206937

基本可以确定是病毒,不过我的红伞没反应!!

14206937

多引挚扫描结果:

扫描结果 :   50%的杀软(18/36)报告发现病毒
时间 :   2008/03/27 14:10:52 (CST)
软件名称 引擎版本 病毒库版本 病毒库时间 扫描结果 时间
a-squared 3.0.0.126 2008.03.26 2008-03-26 - 4.966
AntiVir 7.6.0.75 7.0.3.79 2008-03-26 - 13.217
Arcavir 1.0.4 200803261556 2008-03-26 - 8.948
AVAST 1.0.8 080326-3 2008-03-26 Win32:Virtualizer [Cryp] 12.513
AVG 7.5.51.442 269.21.8/1344 2008-03-26 - 10.097
BitDefender 7.60825.1030530 7.18205 2008-03-27 MemScan:Trojan.PWS.OnLineGames.NQQ 20.917
CA (VET) 9.0.0.143 31.3.5646 2008-03-27 - 12.035
ClamAV  0.92 6415 2008-03-27 Trojan.Crypted-3 0.087
Comodo 2.11 2.0.0.476 2008-03-26 - 1.864
CP Secure 1.1.0.715 2008.03.27 2008-03-27 BackDoor.W32.Prorat.19.N 32.504
Dr.WEB 4.44.0.9170 2008.03.26 2008-03-26 Trojan.PWS.Wow 25.022
ewido 4.0.0.2 2008.03.26 2008-03-26 - 4.110
F-PROT 4.4.1.52 20080326 2008-03-26 Possible W32/Heuristic-162!Eldorado (not disinfectable) 9.205
F-SECURE 5.51.6100 2008.03.26.09 2008-03-26 Trojan-PSW.Win32.Magania.idb [AVP] 23.895
IKARUS T3.1.01.20 2008.03.24.70498 2008-03-24 Backdoor.Win32.Delf.aka 4.418
Microsoft 1.3301 2008.03.27 2008-03-27 PWS:Win32/Gamania.gen!D 10.096
MKS_VIR 2.01 2008.03.26 2008-03-26 - 10.657
NORMAN 5.91.10 5.90 2008-03-25 Sandbox: W32/Malware 63.384
nProtect 2008-03-27.00 1255914 2008-03-27 - 7.688
Prevx V2 20080327 2008-03-27 BACKDOOR.G_DOOR.R 3.770
QuickHeal 9.00 2008.03.25 2008-03-25 - 3.684
SOPHOS 2.71.3 4.27 2008-03-25 Mal/LineDLL-B 15.049
The Hacker 6.2.92 v00256 2008-03-26 - 1.814
VBA32 3.12.6.3 20080326.1650 2008-03-26 MalwareScope.Trojan-PSW.Game.14 18.787
ViRobot 20080326 2008.03.26 2008-03-26 - 3.509
VirusBuster 4.3.19:9 9.123.22/11.0 2008-03-26 - 4.719
卡巴斯基 5.5.10 2008.03.27 2008-03-27 Trojan-PSW.Win32.Magania.idb 35.061
安博士V3 2008.03.26.01 2008.03.26 2008-03-26 - 2.678
江民杀毒 10.00.650 2008.03.26 2008-03-26 - 2.686
熊猫卫士 9.04.03.0001 2008.03.26 2008-03-26 Suspicious file 4.300
瑞星 20.0 20.37.22.00 2008-03-26 Trojan.PSW.Win32.Lineage.n 2.166
赛门铁克 1.3.0.24 20080326.004 2008-03-26 - 0.215
趋势 8.500-1001 5.190.02 2008-03-26 - 0.087
迈克菲 5.2.00 5258 2008-03-24 PWS-OnlineGames.l.dll 10.158
金山毒霸 2007.6.20.249 2008.3.27 2008-03-27 - 1.883
飞塔 2.81-3.11 8.891 2008-03-27 Suspicious 17.355
注意: 就算报告发现病毒，也可能是杀软误报，请根据查毒结果自行判断

mofunzone

maikmr.exe          MALWARE

The file 'maikmr.exe' has been determined to be 'MALWARE'. Our analysts named the threat TR/PSW.Magania.idb. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

残缺的唯美

2008-3-27        14:41:45        未采取操作         EKINCHENG        D:\Documents and Settings\EKINCHENG\桌面\heka.zip\HEKA.EXE\MAIKMR.EXE\MAIKMR.EXE\0000d15c.EXE\0000d15c.EXE        PWS-OnlineGames.l.dll(特洛伊)