Complete scanning result of "fotos_grazy.exe", received in VirusTotal at 08.18.2006, 14:32:13 (CET). Antivirus Version Update Result AntiVir 6.35.1.3 08.18.2006 TR/Dldr.Delf.acc.79 Authentium 4.93.8 08.17.2006 no virus found Avast 4.7.844.0 08.17.2006 no virus found AVG 386 08.17.2006 Downloader.Generic2.LGD BitDefender 7.2 08.18.2006 no virus found CAT-QuickHeal 8.00 08.18.2006 (Suspicious) - DNAScan ClamAV devel-20060426 08.18.2006 no virus found DrWeb 4.33 08.18.2006 no virus found eTrust-InoculateIT 23.72.100 08.17.2006 no virus found eTrust-Vet 30.3.3026 08.18.2006 no virus found Ewido 4.0 08.18.2006 Downloader.Delf.acc Fortinet 2.77.0.0 08.18.2006 W32/Delf.ACC!tr.dldr F-Prot 3.16f 08.17.2006 no virus found F-Prot4 4.2.1.29 08.17.2006 no virus found Ikarus 0.2.65.0 08.17.2006 no virus found Kaspersky 4.0.2.24 08.18.2006 Trojan-Downloader.Win32.Delf.acc McAfee 4831 08.17.2006 no virus found Microsoft 1.1560 08.17.2006 no virus found NOD32v2 1.1713 08.17.2006 Win32/TrojanDownloader.Banload.NEJ Norman 5.90.23 08.18.2006 W32/Downloader Panda 9.0.0.4 08.18.2006 Suspicious file Sophos 4.08.0 08.18.2006 no virus found Symantec 8.0 08.18.2006 no virus found TheHacker 5.9.8.194 08.18.2006 no virus found UNA 1.83 08.17.2006 no virus found VBA32 3.11.0 08.18.2006 no virus found VirusBuster 4.3.7:9 08.17.2006 no virus found Aditional Information File size: 37376 bytes MD5: b11810701b60804cda58e957d509e05d SHA1: 114d79c8aaf5360a60d3a72209328040d8d3a4f3 Norman SandBox: [ General information ] * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**. * File length: 37376 bytes. [ Changes to filesystem ] * Creates file C:Windows erra.exe. [ Network services ] * Downloads file from http://hbh.gov.cn/sy/images/terra.exe as c:Windows erra.exe. [ Security issues ] * Starting downloaded file - potential security problem. [ Process/window information ] * Attemps to NULL http://paparazzo.globo.com/PPZ/0,,ZF34-4125,00.html . * Attemps to NULL c:Windows erra.exe . VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.