做magania的人一定很郁闷

mofunzone

4个小时前kav7还found nothing呢
kav的升级果然有够“淫荡”
File:           123.rar
Status:         
INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5         0239f6f03c26a2f8d25c991848c5b4e5
Packers detected:         
-
Scanner results
Scan taken on 24 May 2007 22:25:30 (GMT)
A-Squared         
Found nothing
AntiVir         
Found HEUR/Malware
ArcaVir         
Found nothing
Avast         
Found nothing
AVG Antivirus         
Found nothing
BitDefender         
Found nothing
ClamAV         
Found nothing
Dr.Web         
Found Trojan.PWS.Gamania
F-Prot Antivirus         
Found nothing
F-Secure Anti-Virus         
Found nothing
Fortinet         
Found nothing
Kaspersky Anti-Virus         
Found Trojan-PSW.Win32.Magania.md
NOD32         
Found nothing
Norman Virus Control         
Found nothing
Panda Antivirus         
Found nothing
Rising Antivirus         
Found nothing
VirusBuster         
Found nothing
VBA32         
Found nothing

kfcnknight

HEHE,GOING DOWN

风雪

上传费尔执行后有警报不知道什么样的病毒。

playx

运行后铁克竟然飘过..真不知那些有名测毒机构是如何测..别跟我说一一运行


增加值:4

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Nls\SystemMgr: 35 9C 00 00 00 02 5E 00 00 00 35 EB 00 00 00 35 23 00 00 00 AC 40 AA CB EB AC 72 AA C5 EB AC C4 AA 0C EB AC 00 00 00 00 02 0C 00 00 00 02 11 00 00 00 AC 00 00 00 00 AC 00 00 00 00 35 00 00 00 00 AC 5D 00 DB 35 02 DA 02 35 00 AC 0F 02 97 00 D5 E4 AC 9E 00 35 00 AC F8 00 00 00 AC 88 00 00 00 98 24 2B 2B 88 02 00 00 C8 56 2B 2B 90 77 00 00 5E F7 02 00 FC F7 02 00 5C F7 02 00 02 E8 00 02 70 00 78 02 70 00 58 31 70 00
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SystemMgr: "C:\windows\system32\Ir32_a.exe"
HKLM\SYSTEM\ControlSet001\Services\kmixer\Enum\0: "SW\{b7eafdc0-a680-11d0-96d8-00aa0051e51d}\{9B365890-165F-11D0-A195-0020AFD156E4}"
HKLM\SYSTEM\CurrentControlSet\Services\kmixer\Enum\0: "SW\{b7eafdc0-a680-11d0-96d8-00aa0051e51d}\{9B365890-165F-11D0-A195-0020AFD156E4}"



文件增加:1

C:\WINDOWS\system32\Ir32_a.exe--超明显病毒

tracydk

Starting the file scan:

Begin scan in 'F:\样本\123.rar'
F:\样本\123.rar
  [0] Archive type: RAR
  --> 123.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was deleted!

solcroft

[:27:]

zzh161

趋势的启发还是相当精准的，虽然能找到的病毒不多，但是基本启发报的都是病毒

龙井茶

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\123.EXE
木马程序生成以下文件:
1) C:\WINDOWS\SYSTEM32\REG.DLL
2) C:\WINDOWS\SYSTEM32\IR32_A.EXE
是否删除木马程序及其衍生物?

andylau

detected: Trojan program Trojan-PSW.Win32.Magania.md        File: C:\Documents and Settings\Desktop\123.rar/123.exe

kav7 现在报了

Anti@9.cn

卡巴的更新速度