endurer 原创
2006-04-04 第2版 补充完善
2006-04-03 第1版
QQ传来的文件是:元旦快乐.ZIP,其中的文件是
元旦快乐.jpg .exe
文件图标为MM的头像,文件名中的.jpg和文件的扩展名.exe前面加上了许多空格,很容易让人以为是一个JPG图片文件。
瑞星报为Worm.QQ.TopFox.aq
Kaspersky 5在QQ中接收文件时不报,手动扫描或解压时才报为:Trojan.Win32.VB.aha。
File: | 元旦快乐.zip |
Status: |
INFECTED/MALWARE
|
MD5 | d7958247cf08ab13a22c0b137e8c9cca |
Packers detected: |
Analyzing...
|
Scanner results
|
|
AntiVir |
Found Trojan/TopFox.A
|
ArcaVir |
Found Trojan.Vb.Aha
|
Avast |
Found Win32:Trojan-gen. {Other}
|
AVG Antivirus |
Found Generic.MHL
|
BitDefender |
Found Trojan.Vb.AHA
|
ClamAV |
Found nothing
|
Dr.Web |
Found Trojan.Topfox
|
F-Prot Antivirus |
Found nothing
|
Fortinet |
Found W32/QQLove.A-pws
|
Kaspersky Anti-Virus |
Found Trojan.Win32.VB.aha
|
NOD32 |
Found probably unknown NewHeur_PE (probable variant)
|
Norman Virus Control |
Found W32/VBTroj.TT
|
UNA |
Found nothing
|
VirusBuster |
Found Trojan.VB.EDK
|
VBA32 |
Found Trojan.Win32.VB.aha
|
This is a report processed by VirusTotal on 04/03/2006 at 11:59:44 (CET) after scanning the file "__25968" file.
Antivirus | Version | Update | Result |
AntiVir | 6.34.0.14 | 04.03.2006 | TR/TopFox.A |
Avast | 4.6.695.0 | 04.03.2006 | Win32:Trojan-gen. {Other} |
AVG | 386 | 03.31.2006 | Generic.MHL |
Avira | 6.34.0.54 | 04.03.2006 | TR/TopFox.A |
BitDefender | 7.2 | 04.03.2006 | Trojan.Vb.AHA |
CAT-QuickHeal | 8.00 | 03.31.2006 | Trojan.VB.aha |
ClamAV | devel-20060202 | 04.03.2006 | no virus found |
DrWeb | 4.33 | 04.03.2006 | Trojan.Topfox |
eTrust-InoculateIT | 23.71.118 | 04.02.2006 | Win32/SillyDL.21652!Trojan |
eTrust-Vet | 12.4.2146 | 04.03.2006 | no virus found |
Ewido | 3.5 | 04.03.2006 | Trojan.VB.aha |
Fortinet | 2.71.0.0 | 04.03.2006 | W32/QQLove.A-pws |
F-Prot | 3.16c | 03.30.2006 | no virus found |
Ikarus | 0.2.59.0 | 04.01.2006 | Win32.HLLW.Imkill |
Kaspersky | 4.0.2.24 | 04.03.2006 | Trojan.Win32.VB.aha |
McAfee | 4731 | 03.31.2006 | Generic Malware.a!zip |
NOD32v2 | 1.1467 | 04.02.2006 | probably unknown NewHeur_PE virus |
Norman | 5.70.10 | 03.31.2006 | W32/VBTroj.TT |
Panda | 9.0.0.4 | 04.02.2006 | Trj/Qeds.F |
Sophos | 4.04.0 | 04.03.2006 | no virus found |
Symantec | 8.0 | 04.03.2006 | Trojan Horse |
TheHacker | 5.9.7.124 | 04.03.2006 | W32/Generic!zip-dobleextension |
UNA | 1.83 | 03.30.2006 | Trojan.Win32.VB |
VBA32 | 3.10.5 | 04.03.2006 | Trojan.Win32.VB.aha |