cancel
Showing results for 
Search instead for 
Did you mean: 
sclutter
Level 7

False Artemis!175F8585A987

  Please take a look at this hopefully false detection. The
file is called DataExporter.exe and is part of PC-Charge (credit card
processing software).

 

The detection is only occurring during backups (using
Netbackup) and is only showing up in the shadow copy file. Full scans of the
server show clean.

 

Here is a sample of the detection from the log:

    

8/20/2014            9:52:51PM          Will be deleted after the next reboot (Clean failed)         NT
AUTHORITY\SYSTEM                C:\ProgramFiles\Veritas\NetBackup\bin\bpbkar32.exe                \Device\HarddiskVolumeShadowCopy86\Program
Files\Active-Charge\DataExporter.exe  Artemis!175F8585A987
(Trojan)

       

Please respond with any questions and to let me know what the issue is.

    

Thank You!!

0 Kudos
4 Replies
SafeBoot
Level 21

Re: False Artemis!175F8585A987

did you report the file to McAfee, as explained in the other posts in this group?

0 Kudos
sclutter
Level 7

Re: False Artemis!175F8585A987

Yes I did. Is the 'virus_research@mcafee.com' address correct?

0 Kudos
catdaddy
Level 20

Re: False Artemis!175F8585A987

@ Sclutter,

                You can refer to the following Link in regards to submittal of your False Artemis!/Samples:

                 

                  You should receive an Automated confirmation from McAfee Labs after a successful Submission, Which will include a Analysis ID # indicating it is under Analysis. Please allow the Appropiate time to be processed which is generally (4-5) business days.

                  Should your issue still remain unresolved. Please post back the Anaylysis ID #, and quite possibly we can expedite the process by contacting one of the Techs available @ McAfee Labs. As they receive over 150,000 plus Detections at any given time, you can understand the need for time to process.

                     To go one step further, to ease your mind. After submittal of your False Artemis!. You can open your McAfee UI/ go to Navigation/Scroll down to Quarantined and Trusted Items/Open Quarantined Items/Quarantined Potentially Unwanted Programs/Select/Delete/and Restart.

                        After allowing Windows to fully load, I recommend Running the Latest McAfee Stinger( Read how to Download/Install/Scan) followed by the Latest McAfee Getsusp Tool, please enter your Email Address under "Preferences" before scanning. Last but not least, Run Malwarebytes (Free) Version only for another opinion.

                        You can keep Malwarebytes (Free) onboard to compliment your McAfee Anti-Virus/Anti-Spyware as it is compatible, just remember to (Update) each time before scanning as a (On Demand Scanner).All of these Superb (Free) Tools /others can be found in the following link; 

Wishing you all the very Best,

Regards,

Catdaddy

Volunteer Moderator 1

Cliff
McAfee Volunteer
0 Kudos
catdaddy
Level 20

Re: False Artemis!175F8585A987

​,

                    Marking this thread as 'Assumed Answered' and locking it, as it is over 2 years old. And no further correspondence.

By

Moderator

Cliff
McAfee Volunteer
0 Kudos