cancel
Showing results for 
Search instead for 
Did you mean: 
kaasethu
Level 7

False Artemis!9C3701008853

Few minutes back I sent the following email to virus_research@mcafee.com with subject : False Artemis!9C3701008853

****************************************************************

The McAfee AV - Internet Security (up to date version in) Windows 10 in my Dell XPS-13 laptop, falsely removes to quarantine the executable "ekalappai.exe" from the program folder of eKalappai which is an IME (Input Method Editor). This file gets removed to quarantine persistently if I try to reinstall again.

The quarantine indicates the threat as  Artemis 9C3701008853

This eKalappai IME is for providing keyboard driver with 5 key-maps for the purpose of inputting Tamil language content.

This is a very popular program and no other AV / Internet Security programs have found any malware with it anytime.

The program is an open source project of  "Thamizha" organisation project.

The project sites are as follows:

1. Project information site on current release - version 3.0.3 : http://thamizha.org/2015/05/29/ekalappai-v3.0.3-released.html

2. URL for the Installer binary downloading: http://thamizha.com/sites/downloads/eKalappai-3.0.3-installer.exe

3. Github site of the project including source code of the version 3.0.3 : https://github.com/thamizha/ekalappai/releases/tag/3.0.3

I have attached zipped file of the quarantined  ekalappai.exe file in zipped archive prepared with 7z ZIP RAR program protecting with password as per instructions in https://community.mcafee.com/thread/2016.

I request you to clear this at then earliest please.

K. Sethu

****************************************************************

I was not allowed by gmail interface to attach to my gmail, the password protected zip file containing the  falsely suspected ekalappai.exe file. I am attaching it here. (The password is as per instructions in
Thank you

K. Sethu

0 Kudos
7 Replies
exbrit
Level 21

Re: False Artemis!9C3701008853

Sample removed per community guidelines.  Please do not attach samples here.

Try another email client.  See: Submit a Virus or Malware Sample | McAfee Labs

See if this helps: 

0 Kudos
kaasethu
Level 7

Re: False Artemis!9C3701008853

Thanks for information.

A little while ago, I used my yahoo email and succeeded in attaching the zipped file 

A reply came just now with the following report:

>>

Analysis ID: 9587126

File Name            Findings                      Detection                    Type        Extra

--------------------|------------------------------|----------------------------|------------|-----

ekalappai.exe      |current detection            |rdn/generic.dx              |Trojan      |no

current detection [ekalappai.exe]                                         

  The file submitted is malware that can be detected with current DAT files. It is

recommended that you update your DAT and engine files and scan your computer again.

[..]

<<

I shall update whatever needs updated, check and report back tomorrow as it is sleep time for now.

Good night for now 

K. Sethu

0 Kudos
exbrit
Level 21

Re: False Artemis!9C3701008853

OK it appears that it is malware.    If you think that is wrong read the link I posted.  Good luck ;-)

0 Kudos
Peacekeeper
Level 20

Re: False Artemis!9C3701008853

I would also test the file at www.virustotal.com and see how many of the products detect it.

0 Kudos
catdaddy
Level 20

Re: False Artemis!9C3701008853

,

                 As your confirmation from McAfee Labs indicates, it could quite possibly be deemed Malware. If such the case a Dat will be created. Please allow 4-5 business days for the process to be complete. Following protocol we Mods have to follow, if your issue is not resolved.

                  We can then contact someone from McAfee Labs on your behalf,and quite possibly expedite the case.

Wishing you all the Best

Cd/Catdaddy

Cliff
McAfee Volunteer
0 Kudos
catdaddy
Level 20

Re: False Artemis!9C3701008853

,

                    Could you please confirm if your issues have been resolved,or if you need further assistance?

Thank you,

CD/Catdaddy

Cliff
McAfee Volunteer
0 Kudos
catdaddy
Level 20

Re: False Artemis!9C3701008853

Marking this thread as 'Assumed Answered' as there has been no response back/Activity.

CD

Cliff
McAfee Volunteer
0 Kudos