Info on mysterious executable stonewalled by Symantec?

[drhayden1]

Now aren't you all glad now to be part of this big avast family?

Sure am
And Damian when are you going to invite the family all over for dinner
Guess i will use the PCTools Firewall Plus until the Avast! one is available

[Hally]

Hi drhayden1 

Guess i will use the PCTools Firewall Plus until the Avast! one is available

Please Note!
If you do install - PC Tools Firewall Plus
You should probably turn  - Enhanced Security Verification - OFF

Open ... PC Tools Firewall Plus
Click On - Settings
Click On - Filtering Tab
Un-Tick - Enable Enhanced Security Verification
Click On - Apply

I've got PC Tools Firewall Plus on both my Laptop and Desktop Computer ... But with ESV - OFF

Why?

Coz...
Starting Since Version 4 ... PC Tools Firewall Plus .. Now Comes With - Enhanced Security Verification ( ESV )
ESV .. Is a relatively new feature that PC Tools have added to their Firewall ... But It Has Problems 
Can Cause.. High CPU Spikes, Manic Hard Drive, Freezes, Blue Screens 
So!
Even though - PC Tools Firewall Plus .. Is a great little Firewall 
Enhanced Security Verification .. Is Best Left -  OFF  .. Till they get it right! 

Just remember to turn ESV - OFF .. And you should have No Problems at all 

[drhayden1]

Just remember to turn ESV - OFF .. And you should have No Problems at all

thanks-just did-but never had any problems with pctools firewall in the first place

[Hally]

Hi drhayden1 

Just remember to turn ESV - OFF .. And you should have No Problems at all

thanks-just did-but never had any problems with pctools firewall in the first place

Sorry! 
I didn't realise you already had PC Tools Firewall Plus installed.

That's why I wanted to warn you 
Blue Screens ... Can be rather a Shock! 

Some people say their computers are OK with .. ESV - ON
But for most people...  :'(
See Here : http://www.pctools.com/forum/forumdisplay.php?f=30

[drhayden1]

I didn't realise you already had PC Tools Firewall Plus installed

Been using it since the beginning and waiting on the Avast! Firewall

[polonus]

Hi malware fighters,

Explanation about the reaction to the executable here:
and this: http://pifts.blogspot.com/2009/03/found-very-interesting-post.html
Also the Anubis analysis link for it there: http://anubis.iseclab.org/?action=result&task_id=19d7659347c3ebcd4a5ba7e9faa60fa14&format=html
Why they did not allow it through the firewall is strange if this is not pure speculation by the blogger...
Unfortunately, the analysis of the program is not by a programmer and the reason why this program opens up so many of these folders is not because they are scraping the contents, but because the libraries and modules they are using to access the Internet automatically access them. I monitored all file access while running the program, and yes they did access the folders, but did not query the contents. Misinterpretation is the food of conspiracy....

pol