Uploaded file to VirusTotal. Already Analyzed. 1/37 antivirus programs detected it as malicious, Microsoft OneCare.
I elected for the file to be Reanalyzed. This time 3/37. Wow, not bad. Probably not a FP ... Too bad Norton does not reconigze it.
Appearantly the big "bear", Symantec does move slowly in the winter =).
I just really hope that Symantec bothers to include this in the definitions. Another file I submitted was deemed to be malicious; the link to the site was removed ... do not post links to malicious sites ... and everyone aggreed after I did some extensive testing within Sandboxie. However, its been so long ... =) ... 3 days as a matter of fact ... and I am just hoping that right now some SSR employee is adding that to the defs.
My tracking for this sample is#10090727
ThreatExpert analysis coming soon! Stay posted!
Looking at the ThreatExpert Report, OneCare was able to discern deep into the actions of the program without even executing it. Too bad Bloodhound can't do that. OneCare was able to see that the file created scrmss.exe entry in %AppData%\. OneCare was also able to see that the file created was malicious.Message Edited by Tech0utsider on 12-03-2008 10:49 PM