endurer 原创
2006-04-04 第2版 补充完善
2006-04-03 第1版
QQ传来的文件是:元旦快乐.ZIP,其中的文件是
元旦快乐.jpg .exe
文件图标为MM的头像,文件名中的.jpg和文件的扩展名.exe前面加上了许多空格,很容易让人以为是一个JPG图片文件。
瑞星报为Worm.QQ.TopFox.aq
Kaspersky 5在QQ中接收文件时不报,手动扫描或解压时才报为:Trojan.Win32.VB.aha。
File: | 元旦快乐.zip |
Status: |
INFECTED/MALWARE
|
MD5 | d7958247cf08ab13a22c0b137e8c9cca |
Packers detected: |
Analyzing...
|
Scanner results
| |
AntiVir |
Found
Trojan/TopFox.A
|
ArcaVir |
Found
Trojan.Vb.Aha
|
Avast |
Found
Win32:Trojan-gen. {Other}
|
AVG Antivirus |
Found
Generic.MHL
|
BitDefender |
Found
Trojan.Vb.AHA
|
ClamAV |
Found nothing
|
Dr.Web |
Found
Trojan.Topfox
|
F-Prot Antivirus |
Found nothing
|
Fortinet |
Found
W32/QQLove.A-pws
|
Kaspersky Anti-Virus |
Found
Trojan.Win32.VB.aha
|
NOD32 |
Found
probably unknown NewHeur_PE (probable variant)
|
Norman Virus Control |
Found
W32/VBTroj.TT
|
UNA |
Found nothing
|
VirusBuster |
Found
Trojan.VB.EDK
|
VBA32 |
Found
Trojan.Win32.VB.aha
|
<style type="text/css"></style>
This is a report processed by VirusTotal on
04/03/2006 at
11:59:44 (CET) after scanning the file "
__25968" file.
Antivirus Version Update Result AntiVir 6.34.0.14 04.03.2006 TR/TopFox.A Avast 4.6.695.0 04.03.2006 Win32:Trojan-gen. {Other} AVG 386 03.31.2006 Generic.MHL Avira 6.34.0.54 04.03.2006 TR/TopFox.A BitDefender 7.2 04.03.2006 Trojan.Vb.AHA CAT-QuickHeal 8.00 03.31.2006 Trojan.VB.aha ClamAV devel-20060202 04.03.2006 no virus found DrWeb 4.33 04.03.2006 Trojan.Topfox eTrust-InoculateIT 23.71.118 04.02.2006 Win32/SillyDL.21652!Trojan eTrust-Vet 12.4.2146 04.03.2006 no virus found Ewido 3.5 04.03.2006 Trojan.VB.aha Fortinet 2.71.0.0 04.03.2006 W32/QQLove.A-pws F-Prot 3.16c 03.30.2006 no virus found Ikarus 0.2.59.0 04.01.2006 Win32.HLLW.Imkill Kaspersky 4.0.2.24 04.03.2006 Trojan.Win32.VB.aha McAfee 4731 03.31.2006 Generic Malware.a!zip NOD32v2 1.1467 04.02.2006 probably unknown NewHeur_PE virus Norman 5.70.10 03.31.2006 W32/VBTroj.TT Panda 9.0.0.4 04.02.2006 Trj/Qeds.F Sophos 4.04.0 04.03.2006 no virus found Symantec 8.0 04.03.2006 Trojan Horse TheHacker 5.9.7.124 04.03.2006 W32/Generic!zip-dobleextension UNA 1.83 03.30.2006 Trojan.Win32.VB VBA32 3.10.5 04.03.2006 Trojan.Win32.VB.aha