Jump to content

Kosta

Members
  • Content Count

    4
  • Joined

  • Last visited

  • Days Won

    3

Posts posted by Kosta

  1. I did a little bit of research of SmartMS.exe binary. I noticed that it has been compressed with outdated UPX v3.08 (Dated on 2011-12-13 almost 7 years old).  33 2E 30 38 00 55 50 58 21 -> 3.08.UPX!.

    In this case some antivirus programs/software might recognize the UPX Compressed binaries as if a threat for the most windows OSes, which is not.

    I think, the best way is to compress executable with most recent versions of UPX. Please see it here at https://upx.github.io/

    I hope this short information will help for further development.

    Thank you.

    Sincerely Kosta.

  2. Recently Microsoft Security Essentials has detected a Trojan:Win32/Azden.B!cl. in Smart Mobile Studio v3.0 smartms.exe binary, and this detection has been removed form malware definitions.

    Big&Many Thanks to jarto how to submit files to Microsoft in order to remove false malware detection.

    Report from Microsoft

    Submission details

    smartms.exe

    Submission ID: 43e9c4db-2060-431a-a8d8-17bbddecf3be

    Status: Completed

    Submitted by: k**********@gmail.com

    Submitted: Oct 2, 2018 4:44:50 PM

    User Opinion: Incorrect detection

    Analyst comments:

    Hello Kosta ***, Thank you for your inquiry. We have reviewed the file and we have removed the detection. Please try the following steps to clear cached detections and obtain the latest malware definitions.   1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender 2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures” The latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions Best regards, Windows Defender Response

     

    Thank you jarto Thank you lennart.

    Best regards

    Kosta.

  3. Thank you jarto, Thank you lennart, I have just submitted to Microsoft

    --

    Submission details

    smartms.exe

    Submission ID: 43e9c4db-2060-431a-a8d8-17bbddecf3be

    Status: Submitted

    Submitted by: k**********@gmail.com

    Submitted: Oct 2, 2018 4:44:50 PM

    User Opinion: Incorrect detection

    Analyst comments:

    No analyst comment provided.

    --

    I hope they will react to the false Trojan detection, however I doubt they will ever possible to respond to this issue.

    Unfortunately, I can't even restore this smartms.exe binary. MSE throws back again into virus list, and removes it with no time.

    Thank you very much for your concern.

    Sincerely Kosta.

  4. I have no success to install the Smart Mobile Studio 3.0 without severe notification from Microsoft Security Essentials Trojan Detected.

    Trojan:Win32/Azden.B!cl.

    Category: Trojan

    Description: This program is dangerous and executes commands from an attacker.

    Recommended action: Remove this software immediately.

    Items:
    startup:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Mobile Studio\Smart Mobile Studio.lnk
    file:C:\Program Files (x86)\Smart Mobile Studio\SmartMS.exe
    file:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Mobile Studio\Smart Mobile Studio.lnk

    Get more information about this item online.

    ____________________________________________

    Antimalware Client Version: 4.10.209.0
    Engine Version: 1.1.15300.6
    Antivirus definition: 1.277.125.0
    Antispyware definition: 1.277.125.0
    Network Inspection System Engine Version: 2.1.14600.4
    Network Inspection System Definition Version: 119.0.0.0

    ____________________________________________

    Reported by Microsoft Security Essentials 2016 on Windows 7 SP1 machine.

    Best regards.

×
×
  • Create New...