Hi,
Submitted some new malware to SARC on Saturday. Tracking number #10554091
Hope it will be detected soon.
Best wishes
Jlo
Hi, Thaks for the advice. I have not been infected. in fact I download the file of threatexpert and used Sandboxie to download it in so has not (and i am not planning to run it)
Only around 9 scanners on VirusTotal detected the file (Today this has risen to 13) so just want to make sure it gets added to Symantec.
We use Symantec internet security suite on my wifes computer (Alongside Prevx Edge)
Best wishes
Jlo
Hi,
No detection added yet. I wonder if anyone from Symantec can check the above submission and see if its being processed. Thanks. Jlo
Still no detection yet. Just wondered if anyone from Symantec can look in to this?
Chees
Jlo
please give us your virustotal result…please users share the results with all of us…well Symantec in case of threat sevearity respondes more quickly…
Message Edited by silverhawk on 04-17-2009 05:53 AM
Here you go.
File system.exe received on 04.17.2009 01:34:34 (CET)
Current status: finished
Current status: finished
Result: 23/40 (57.50%)
Antivirus Version Last Update Result a-squared 4.0.0.101 2009.04.16 Trojan-Dropper.Agent!IK AhnLab-V3 5.0.0.2 2009.04.16 - AntiVir 7.9.0.143 2009.04.16 DR/Agent.vht Antiy-AVL 2.0.3.1 2009.04.16 AntiAV/Win32.Win32 Authentium 5.1.2.4 2009.04.17 - Avast 4.8.1335.0 2009.04.16 - AVG 8.5.0.287 2009.04.16 Generic_c.AJOZ BitDefender 7.2 2009.04.17 - CAT-QuickHeal 10.00 2009.04.16 - ClamAV 0.94.1 2009.04.16 Trojan.Autoit.gen Comodo 1116 2009.04.16 - DrWeb 4.44.0.09170 2009.04.17 - eSafe 7.0.17.0 2009.04.13 Win32.Autorun.worm.Z eTrust-Vet 31.6.6455 2009.04.14 Win32/Yahlover.HU F-Prot 4.4.4.56 2009.04.16 - F-Secure 8.0.14470.0 2009.04.17 Trojan-Dropper.Win32.Agent.amle Fortinet 3.117.0.0 2009.04.17 W32/AutoRun.ZA!worm GData 19 2009.04.17 - Ikarus T3.1.1.49.0 2009.04.16 Trojan-Dropper.Agent K7AntiVirus 7.10.704 2009.04.15 Trojan-Dropper.Win32.Agent.amle Kaspersky 7.0.0.125 2009.04.17 Trojan-Dropper.Win32.Agent.amle McAfee 5586 2009.04.16 W32/Autorun.worm.gen.za McAfee+Artemis 5586 2009.04.16 Generic!Artemis McAfee-GW-Edition 6.7.6 2009.04.16 Trojan.Dropper.Agent.vht Microsoft 1.4502 2009.04.16 VirTool:Win32/DelfInject.gen!X NOD32 4014 2009.04.16 Win32/Sohanad.Gen Norman 6.00.06 2009.04.16 BAT/Suspicious.A nProtect 2009.1.8.0 2009.04.16 - Panda 10.0.0.14 2009.04.17 Trj/Downloader.MDW PCTools 4.4.2.0 2009.04.15 - Prevx1 V2 2009.04.17 High Risk Worm Rising 21.25.34.00 2009.04.16 - Sophos 4.40.0 2009.04.16 Mal/Inet-Fam Sunbelt 3.2.1858.2 2009.04.17 - Symantec 1.4.4.12 2009.04.17 - TheHacker 6.3.4.0.309 2009.04.16 - TrendMicro 8.700.0.1004 2009.04.16 WORM_AUTORUN.ECB VBA32 3.12.10.2 2009.04.12 Trojan-Downloader.Autoit.gen ViRobot 2009.4.16.1696 2009.04.16 - VirusBuster 4.6.5.0 2009.04.16 -
Thanks for the information and file, jlo.
We analyzed the file and have added detection for it as W32.Imaut.C
This detection will be available in definitions 20090417.052 and higher. Using LiveUpdate you will receive this update in approximately 8 hours from now (midnight Pacific). If anyone is using Rapid Release builds look for sequence 94400 and higher.
Regards,
- DesiT
Hi jlo -
Thanks for your patience in resolving this!
I wish it could have been processed a bit faster, but the number of new threats seen on a daily basis is really high.
Regards. 
Compumind wrote:Hi jlo -
Thanks for your patience in resolving this!
I wish it could have been processed a bit faster, but the number of new threats seen on a daily basis is really high.
Regards.
That's exactly the reason why it takes so slow. Please be patient they will all be added soon
@DesiT
Found 3 new Cracks for illegal use NIS16.5 and N36v3, Trialreset 2.0-2.9
Symantec Security Response Automation: Tracking #10579589
Symantec Security Response Automation: Tracking #10579571
Symantec Security Response Automation: Tracking #10579564
Hope it will be detected soon.
Thanks.
Thanks for getting it added!
Best wishes
jlo
[CLOSING]: Symantec Security Response Automation: Tracking #10579571
filename:
machine: Machine
result: See the developer notes
Our automation was unable to identify any malicious content in this submission.
The file will be stored for further human analysis
I hope the analysis is thorough , all 3 Cracks are working ... 
[edit: removed crack filename per the Participation Guidelines and Terms of Service. Please do not discuss illegal cracks.]
Message Edited by Tim_Lopez on 04-20-2009 06:48 PM
Suggest you PM the info to TomV. He asked me for the info when I bumped into some.
After 3 days no detection, Symantec has no interest to remove the new cracks ? 
Hello Voyager10,
Hopefully I can clear this up for you.
We don't block or add cracks or other illegal files unless the file performs malicious activity on the system.
Also, I think its important to note that while keygens and cracks are illegal, it doesn't mean that they're technically malware (at least 100% of the time). I'm sure we could detect and delete the files just to protect our company, but we put customer protection first.
If the file is malware, we will detect it and add it to the definitions. However, if it doesn't contain any of the characteristics of the types of threats that are malicious, it is likely to be left alone.
Since discussions regarding cracks and keygens are against Participation Guidelines and Terms of Service, I will lock this thread. If you have any further questions, please PM me.
Hi,
Submitted some new malware to SARC on Saturday. Tracking number #10554091
Hope it will be detected soon.
Best wishes
Jlo