Complete scanning result of "formulario.cmd", received in VirusTotal at 08.15.2006, 14:41:53 (CET). Antivirus Version Update Result AntiVir 6.35.1.0 08.15.2006 TR/Delphi.Downloader.Gen Authentium 4.93.8 08.14.2006 Possibly a new variant of W32/Downloader-Web-based!Maximus Avast 4.7.844.0 08.15.2006 no virus found AVG 386 08.15.2006 no virus found BitDefender 7.2 08.15.2006 BehavesLike:Trojan.Downloader CAT-QuickHeal 8.00 08.14.2006 no virus found ClamAV devel-20060426 08.15.2006 no virus found DrWeb 4.33 08.15.2006 no virus found eTrust-InoculateIT 23.72.97 08.15.2006 no virus found eTrust-Vet 30.3.3021 08.15.2006 no virus found Ewido 4.0 08.15.2006 no virus found Fortinet 2.77.0.0 08.15.2006 no virus found F-Prot 3.16f 08.14.2006 Possibly a new variant of W32/Downloader-Web-based!Maximus F-Prot4 4.2.1.29 08.14.2006 W32/Downloader-Web-based!Maximus Ikarus 0.2.65.0 08.15.2006 no virus found Kaspersky 4.0.2.24 08.15.2006 no virus found McAfee 4829 08.14.2006 no virus found Microsoft 1.1560 08.14.2006 no virus found NOD32v2 1.1707 08.15.2006 a variant of Win32/TrojanDownloader.Dadobra.IA Norman 5.90.23 08.15.2006 W32/Downloader Panda 9.0.0.4 08.15.2006 Suspicious file Sophos 4.08.0 08.15.2006 no virus found Symantec 8.0 08.15.2006 no virus found TheHacker 5.9.8.192 08.14.2006 no virus found UNA 1.83 08.14.2006 no virus found VBA32 3.11.0 08.14.2006 no virus found VirusBuster 4.3.7:9 08.14.2006 no virus found Aditional Information File size: 39936 bytes MD5: 893e77bfdec9b66ea41339b6b71d3363 SHA1: ac6bd6fcadf4672d1941f28d0ad272804d9e1cda Norman SandBox: [ General information ] * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**. * File length: 39936 bytes. [ Changes to filesystem ] * Creates file C:windowssystemw0r21zo10k.exe. [ Network services ] * Downloads file from http://paginas.terra.com.br/servicos/upload_dir/update.jpg as c:/windows/system/w0r21zo10k.exe. [ Security issues ] * Starting downloaded file - potential security problem. VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.