8 Replies Latest reply on Jul 1, 2010 6:22 AM by SamSwift

    Possible False Positive: Artemis!D6638336CAB9

      I posted it here http://community.mcafee.com/thread/25970?tstart=0 , But I rather post it here in Artemis Discussion too.:

       

       

      THis is what happened to me today:

       

      My McAfee (updated, version 14.0, DAT version: 6029) detected today a Artemis!D6638336CAB9 Trojan. (could NOT find this trojan in your Mcafee virus database)

      My PC has: WinXP Pro, 32b.

       

      Info was:  File: C/ Windows/system32/iedkcs32.dll

      process: C/Windows/system32/svchost.exe

       

      Mcafee desinfected this file and sended it to "cuarentena" (quarenteen sp? ). After that, I had to reboot my PC by Mcafee.

       

      After rebooting system I got a message from automatic windows update : to install : KB982381

      So I try to install that update, but install always fails (after 3 tries). So I try to install it by downloading the file from windows update web here:

      http://www.microsoft.com/downloads/details.aspx?familyid=9CFF9ABA-7743-4C33-87C7 -37D06ED60A21&displaylang=en

       

      After downloading this file, I try to install it, but it gives an error and again suddenly Mcafee finds the trojan : Artemis!D6638336CAB9

      in file: SP3GDR/iedkcs32.dll

      in process: IE8-WindowsXP-KB982381-x86-ESN.exe

       

      So after all this info I think that Mcafee thinks that this file is a Trojan, despite it is an authentic windows update file.

      Could someone help me please?

      Thanks

       

      Ops. forgot to tell you I´ve got:

      Mcafee Total Protection:

       

      Mcafee Security Center :

      Version: 10.0

      Compilation: 10.0.580

      Last Update: 13/05/2010

       

      Mcafee Virus Scan:

      Version 14.0

      Compilation: 14.0.309

      Last Update: 01/07/2010

      DAT version: 6029

      DAT creation date: 30/06/2010

      engine version: 5400.1158

       

       

      and some more like firewall, siteadvisor , and so on (please, let us copy+paste this info in "About Mcafee" window !!! )

       

      I am Spanish, so my Mcafee language is Spanish.

      I contacted Mcafee spanish support but they did not helped me. They told me to use "Stinger" application which I am currently using to find Trojans (they think I have got some trojan couse of the Artemis detection )

       

      If you need more info, ask for it

      but please, help me here !

       

      PS: If you need the file(s), I can upload it here.