4 Replies Latest reply on Feb 12, 2013 12:04 PM by showvik

    Stinger finds trojan in Kapanga softphone download Artemis!265C3DD296CC

      Newbie here;

       

      Is this a false positive?

       

      Copyright (c) 2012 McAfee, Inc. All Rights Reserved.
      Virus data file v1000.0000 created on Feb 1 2013.
      Ready to scan for 6136 viruses, trojans and variants.

      Scan initiated on Sun Feb 03 10:19:25 2013
      Rootkit scan result : Not Scanned


        Master Boot Record(s):....1
        Possibly Infected:.............0
        Boot Sector(s):.................1
        Possibly Infected: ............0

      C:\Documents and Settings\Dell\Desktop\SOFTWARE DOWNLOADS\kapanga.zip\setup_Kapanga Softphone_Desktop_Win32_Build 2182d.exe\5.nsis\0231a9e4.EXE
           Found the Artemis!265C3DD296CC trojan !!!
      C:\Documents and Settings\Dell\Desktop\SOFTWARE DOWNLOADS\kapanga.zip\setup_Kapanga Softphone_Desktop_Win32_Build 2182d.exe\5.nsis\0231a9e4.EXE is infected with the Artemis!265C3DD296CC virus !!!
      C:\Documents and Settings\Dell\Desktop\SOFTWARE DOWNLOADS\kapanga.zip\setup_Kapanga Softphone_Desktop_Win32_Build 2182d.exe\5.nsis\0231a9e4.EXE has been deleted.
        Number of clean files: 452129
        Number of infected files: 1
        Number of files cleaned: 1

       

       

      Thank you!

       

      Message was edited by: Ex_Brit on 03/02/13 8:53:40 EST PM

       

      Message was edited by: Ex_Brit on 04/02/13 7:41:25 EST PM
        • 1. Re: Stinger finds trojan in Kapanga softphone download Artemis!265C3DD296CC
          exbrit

          zaqlpxsw wrote:

           

          Newbie here;

           

          Is this a false positive?

           

          Copyright (c) 2012 McAfee, Inc. All Rights Reserved.
          Virus data file v1000.0000 created on Feb 1 2013.
          Ready to scan for 6136 viruses, trojans and variants.

          Scan initiated on Sun Feb 03 10:19:25 2013
          Rootkit scan result : Not Scanned


            Master Boot Record(s):....1
            Possibly Infected:.............0
            Boot Sector(s):.................1
            Possibly Infected: ............0

          C:\Documents and Settings\Dell\Desktop\SOFTWARE DOWNLOADS\kapanga.zip\setup_Kapanga Softphone_Desktop_Win32_Build 2182d.exe\5.nsis\0231a9e4.EXE
               Found the Artemis!265C3DD296CC trojan !!!
          C:\Documents and Settings\Dell\Desktop\SOFTWARE DOWNLOADS\kapanga.zip\setup_Kapanga Softphone_Desktop_Win32_Build 2182d.exe\5.nsis\0231a9e4.EXE is infected with the Artemis!265C3DD296CC virus !!!
          C:\Documents and Settings\Dell\Desktop\SOFTWARE DOWNLOADS\kapanga.zip\setup_Kapanga Softphone_Desktop_Win32_Build 2182d.exe\5.nsis\0231a9e4.EXE has been deleted.
            Number of clean files: 452129
            Number of infected files: 1
            Number of files cleaned: 1

           

           

          Thank you!

           

          Message was edited by: Ex_Brit on 03/02/13 8:53:40 EST PM

          If it's being detected in error then you must submit it to the labs.

           

          See https://community.mcafee.com/thread/2016

           

          Message was edited by: Ex_Brit on 04/02/13 7:41:44 EST PM
          • 2. Re: Stinger finds trojan in Kapanga softphone download Artemis!265C3DD296CC

            I don't think that I said that the Artemis!265C3DD296CC

            virus was being found in error (a false positive); I asked if

            it was being found in error. I had downloaded the

            Kapanga zip file, and before extracting/opening/installing

            it, I ran a Stinger scan which automatically deleted the

            file in question. I may be a newbie, but I am not so

            foolish as to re-download the ("infected"?) file, install it,

            and then sit back and wait for evidence of the virus. I

            would much rather be pro-active, and let you folk play

            with it in your sandbox (is that the right term?) then risk

            doing damage to my laptop.

             

            A Google search didn't seem to show any other people

            having trouble with the Kapanga software; maybe they

            all died from the virus! So did Stinger delete that file

            because it KNOWS that that file is the Artemis virus, or

            just because it seemed suspicious, or because of how

            something else might be configured on my laptop, or

            what? A more helpful suggestion would have been

            instructions on how to submit the original ("infected"?)

            file for evaluation, so you can be sure that Stinger is

            working correctly, and so I can be sure that the Kapanga

            software is/is not safe to install.

             

            Thank you!

             

            on 2/4/13 6:36:05 PM CST

             

            Message was edited by: Ex_Brit on 04/02/13 7:42:05 EST PM
            • 3. Re: Stinger finds trojan in Kapanga softphone download Artemis!265C3DD296CC
              exbrit

              Ah that's different. I moved the thread to the Artemis section.

               

              Here's what to do when something is being wrongly accused of being malware:  https://community.mcafee.com/thread/2016

              • 4. Re: Stinger finds trojan in Kapanga softphone download Artemis!265C3DD296CC

                Hi,

                 

                We have analyzed the file and did not notice anything malicious. Artemis!265C3DD296CC has been suppressed. Kindly allow up to two hours for this update to reflect in GTI system.

                 

                Regards,

                Showvik

                 

                Message was edited by: showvik on 2/12/13 12:04:08 PM CST