Hi

Although the downloaded file from the site "SmartProtector.exe" is not blocked or detected,    The 2 main files that the .exe file downloads to install "Smart Protector'  on to your system is detected, blocks one being created, and Quarantines the other.

16/10/2009 7:56 p.m.,High,setup.exe (Suspicious.MH690.A) detected by Auto-Protect,Quarantined,Resolved - No Action

16/10/2009 7:56 p.m.,High,smartprotector[1].exe (Suspicious.MH690.A) detected by Auto-Protect,Blocked,Resolved - No Action 

Quads 

Hi silverhawk,

---

silverhawk wrote:
Tracking #13261575

 

Symantec automatic response

 

We have analyzed your submission.  The following is a report of our
findings for each file you have submitted:

filename:  sys files.zip
machine: Machine
result: See the developer notes

filename: 49D2D2D924.sys
machine: Machine
result: See the developer notes

filename: KGyGaAvL.sys
machine: Machine
result: See the developer notes

Customer notes:



Developer notes:
 sys files.zip is a container file of type  ZIP
49D2D2D924.sys is a data file.  This file is contained by   sys files.zip
KGyGaAvL.sys Our automation was unable to identify any malicious content in this submission.
 The file will be stored for further human analysis  This file is contained by   sys files.zip

 

Virustotal found nothing with any scanner.

 

http://i248.photobucket.com/albums/gg181/sweetvivek007/Untitled-10.jpg

 

This submission include my pc file, which i think may be a threat as i found in program data folder of windows 7, it does not come when i clean install windows, it comes when i install some of my common used programs.

---

All files in Tracking #13261575 are clean.

Keep up the good work ;) 

JohnM

---

Quads wrote:

Hi

 

Although the downloaded file from the site "SmartProtector.exe" is not blocked or detected,    The 2 main files that the .exe file downloads to install "Smart Protector'  on to your system is detected, blocks one being created, and Quarantines the other.

 

16/10/2009 7:56 p.m.,High,setup.exe (Suspicious.MH690.A) detected by Auto-Protect,Quarantined,Resolved - No Action

16/10/2009 7:56 p.m.,High,smartprotector[1].exe (Suspicious.MH690.A) detected by Auto-Protect,Blocked,Resolved - No Action 

 

Quads 

Message Edited by Quads on 10-16-2009 07:24 PM

---

Thanks for clarifying the situation, today i executed the file in my testing pc and yes Norton blocked it..Great going Norton..

Happy Diwali to all..

---

JohnM wrote:

Hi silverhawk,

---

silverhawk wrote:
Tracking #13261575

 

Symantec automatic response

 

We have analyzed your submission.  The following is a report of our
findings for each file you have submitted:

filename:  sys files.zip
machine: Machine
result: See the developer notes

filename: 49D2D2D924.sys
machine: Machine
result: See the developer notes

filename: KGyGaAvL.sys
machine: Machine
result: See the developer notes

Customer notes:



Developer notes:
 sys files.zip is a container file of type  ZIP
49D2D2D924.sys is a data file.  This file is contained by   sys files.zip
KGyGaAvL.sys Our automation was unable to identify any malicious content in this submission.
 The file will be stored for further human analysis  This file is contained by   sys files.zip

 

Virustotal found nothing with any scanner.

 

http://i248.photobucket.com/albums/gg181/sweetvivek007/Untitled-10.jpg

 

This submission include my pc file, which i think may be a threat as i found in program data folder of windows 7, it does not come when i clean install windows, it comes when i install some of my common used programs.

---

All files in Tracking #13261575 are clean.

 

Keep up the good work ;) 

 

JohnM

---

Thanks john for letting me know about these files..

Happy Diwali to all.

One story to share..

Today only i installed Norton on my father laptop which came preinstalled with McAfee by dell, as his McAfee got stumbled and could not protect data of his hard work, 2 days back some rogue did it what i have come to know after investigation. 

Then he said me to install Norton on his laptop as well, as i use it, he was amazed by new performance of his laptop, that mcafee might have slowed it down till now. Well after 30 days he will purchase for this laptop. He is trialing right now. And i installed Norton as he got unsatisfied by mcafee  protection. 

And i Norton as it has proved to be the best among all..It's soooooooo powerful in all aspects. And you won't believe, Norton caught one threat in this laptop. wow..!!

That is why i just loveeeeee Norton.

Dell XPS laptop 2.13 GHZ processor, 3 GB DDR3 RAM, 250 GB HDD, Vista Home Premium SP2 , ATI Radeon 3670 HD Graphics.

 Tracking #13274909

http://www.virustotal.com/analisis/131e5271582d4e6486b9fd4da8393275577d59be5944fd7f47fcb8ae700c08c0-...

http://www.threatexpert.com/report.aspx?md5=8b790d51d32b8f878d5057ba01c2beaa

Happy diwali to all.

3 New threats

 http://www.virustotal.com/analisis/3b7914c0e73bb360d3928c9166992e6243680bea5cd5e08bb0c182abb4da1db0-...

http://www.virustotal.com/analisis/21b9a61631027bb3ddaadfba4dce15f5891e86c9f72c9f5d7049e10813fd3e80-...

We have analyzed your submission.  The following is a report of our
findings for each file you have submitted:

filename:  svchost.zip
machine: Machine
result: See the developer notes

filename: svchost.exe
machine: Machine
result: See the developer notes

Customer notes:



Developer notes:
 svchost.zip is a container file of type  ZIP
svchost.exe Our automation was unable to identify any malicious content in this submission.
 The file will be stored for further human analysis  This file is contained by   svchost.zip