Or let's say that some programs would need to download an update, but not to upload files greater than some few hundreds of KB, or copy/upload user's files placed at My Documents. Main question: Do antiviruses have any chance to agree with Microsoft Corporation a system to detect abnormal activity?įor example, let's say that is not normal that some processes are navigating through user's folders, listing all the directories, opening text files seeking for information, etc. NOTE: svchost.exe, according Windows page is a special Win process supposedly hosting Windows services, such as Windows Defender. It seems a very clear activity of a trojan, doesn't it? Summary of Norton History: on 30 Aug'15 from 2:47 to 2:51 am, Norton blocked 72 times the program C:\Windows\System32\svchost.exe when it tried to access DataDefinitions at Norton's install folder. Programs installed just after that time: licensed PowerISO on 29 Aug at 4:57 pm, Daemon Tools Lite on 29 Aug at 5:31 pm, WinRAR on 30 Aug 1:22 am, and qBittorrent on 30 Aug at 12:11 pm. The other programs I had installed before the trojan's date where: Ares on 29 Aug at 11:12 pm, a licensed Nero Burning ROM on 28 Aug (previous day) at 2:58 pm, Oracle VirtualBox on 28 Aug at 12:43 pm. The mentioned folder with the trojan has files created on 29 Aug'15 at 12:55 pm. ![]() More Dates Data: I installed Norton on 29 Aug'15 at 12:40 pm. Here is the icon of the shortcut destined to the trojan OLBPre.exe (sanitized by Norton the shortcut remained as a curiosity of my own. ![]() Unfortunately I do not remember the first time this window popped up). With one shortcut at my desktop named "MyPC Backup" (an utility that, although I erased from the Start Menu/startup folder, has been opening inviting me to register and do a backup of my files evidently I never accepted, since I did not installed such a program. Trojan location: specifically at C:\Program Files (x86)\OLBPre. A question that arises after an updated and licensed version of Norton Internet Security has detected a trojan installed in my new laptop (Windows 7 installed on 26 Aug'15 and fully updated).
0 Comments
Leave a Reply. |