File "z.exe" received on 01.03.2007 at 21:57:37 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated.
Antivirus Version Update Result
AntiVir 7.3.0.21 01.03.2007 HEUR/Crypted
Authentium 4.93.8 12.30.2006 Possibly a new variant of W32/new-malware!Maximus
Avast 4.7.892.0 12.30.2006 no virus found
AVG 386 01.03.2007 no virus found
BitDefender 7.2 01.03.2007 no virus found
CAT-QuickHeal 8.00 01.03.2007 no virus found
ClamAV devel-20060426 01.03.2007 no virus found
DrWeb 4.33 01.03.2007 DLOADER.Trojan
eSafe 7.0.14.0 01.02.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.103 01.03.2007 no virus found
eTrust-Vet 30.3.3299 01.03.2007 no virus found
Ewido 4.0 01.03.2007 no virus found
Fortinet 2.82.0.0 01.03.2007 suspicious
F-Prot 3.16f 01.02.2007 Possibly a new variant of W32/new-malware!Maximus
F-Prot4 4.2.1.29 01.03.2007 W32/new-malware!Maximus
Ikarus T3.1.0.27 01.03.2007 no virus found
Kaspersky 4.0.2.24 01.03.2007 no virus found
McAfee 4931 01.03.2007 no virus found
Microsoft 1.1904 01.03.2007 no virus found
NOD32v2 1955 01.03.2007 probably unknown NewHeur_PE virus
Norman 5.80.02 12.31.2007 W32/FileInfector
Panda 9.0.0.4 01.03.2007 Bck/ServU.GJ
Prevx1 V2 01.03.2007 no virus found
Sophos 4.13.0 01.02.2007 no virus found
Sunbelt 2.2.907.0 12.18.2006 VIPRE.Suspicious
TheHacker 6.0.3.141 01.01.2007 no virus found
UNA 1.83 01.03.2007 no virus found
Aditional Information
File size: 17408 bytes
MD5: 7608d5398c775579e71525d679dd118c
SHA1: b3bb2efc1db28e44c292d9b82e0b76b5bd8b4b91
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO:
ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 17408 bytes.
[ Changes to registry ]
* Deletes value "Svchost" in key "HKLMSoftwareMicrosoftWindowsCurrentVersionRun ".
* Sets value "SvchostVersion"="3" in key "HKCUSoftwareMicrosoftWindowsCurrentVersion".
[ Spreading by infecting files ]
* File infector; modifies existing executable files.
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.