1 2 Previous Next 12 Replies Latest reply on Apr 12, 2014 2:09 PM by catdaddy

    Laplink.exe False Artemis!ACFD7E28BC45

    gdj

      As part of a system upgrade, I downloaded my prior Laplink file transfer program directly from Laplink.  Though I had no problems with McAfee and this program using XP, under Windows 7 the laplink.exe file is quarantined immediately.  I've contacted Laplink and they say there is no security issue with their file.

        • 1. Re: Laplink.exe False Artemis!ACFD7E28BC45
          catdaddy

          Hi gdj,

                   You may wish to follow the suggestions made by Moderator-PeaceKeeper in this inserted thread.

           

                                                                   https://community.mcafee.com/message/325974#325974

           

          You can in addition Run the Latest "Getsusp" Tool listed under "Top Rated Content", or below Moderator-Ex_Brit signature. Please remember to type in your Email address under "Preferences" before running a scan.

           

          Here is the Link:   https://community.mcafee.com/docs/DOC-2168

           

          You should recieve in return, upon completion of this scan. Verification that any "Suspicious/Unknown" files detected, are under analysis.

           

           

           

          Message was edited by: catdaddy on 4/5/14 10:18:42 AM CDT
          • 2. Re: Laplink.exe False Artemis!ACFD7E28BC45
            Hayton

            @gdj,

                If you got this file from www.laplink.com then it should be clean. If it downloaded without a problem onto XP but McAfee detected an Artemis when you downloaded to a Windows 7 machine did they both come from the same download location?

             

              Knowing the URL of the download location would be helpful here; and which Laplink product were you downloading - PCMover Home, PCMover Professional, Windows 7 Upgrade Assistant?

            • 3. Re: Laplink.exe False Artemis!ACFD7E28BC45
              catdaddy

              Hayton,

                       I am inclined to agree with your thinking. I briefly did some searches on the "Laplink.exe" file itself. And both Norton/Kasperky had initially flagged it as a Virus. However, this was as far back as 2006-and most recent as 2012.

               

                       After further analyzing, both Vendors found it to be a "False Positive" Like you said, if downloaded from the same link, and knowing the specific URL..would immensely help. Don,t quote me...but I think it was "PCMover Home" that both Vendors initially had issues with.

               

              They now mark it as "Safe"...If I,m not terribly mistaken.

              • 4. Re: Laplink.exe False Artemis!ACFD7E28BC45
                gdj

                Guys,

                 

                Thanks for the replies and helpful suggestions.  I ran GetSusp and oddly it didn't list the laplink.exe file in question as a potential threat when it sent the list to McAfee.  I then emailed the file to McAfee for analysis with an explanation.  Hopefully some action will be taken to remove this file as a perceived Trojan.

                 

                I got the recent version of the file directly from Laplink at their download site (URL: http://www.laplink.com/mysupport/mystore.asp) as part of an installation package for the program.  I believe the version I ran without problem on XP was also directly downloaded from them as part of a version upgrade (though it was years ago).

                 

                The file is still being quarantined immediately by McAfee, making it impossible to use the program.

                 

                Thanks.

                 

                GDJ

                • 5. Re: Laplink.exe False Artemis!ACFD7E28BC45
                  catdaddy

                  Hi Gdj,

                           Please post the Analysis ID # ,and quite possibly Moderator-PeaceKeeper can assist you further, after allowing appropiate time for it to get resolved. He has contacts in McAfee Labs that he can contact for additional assistance.

                   

                           You mentioned that "Laplink.exe" was not on the (List) sent to McAfee following the scanning with Getsusp? Were there additional Suspicous/Unknown files detected?

                   

                  If I may add, it is possible that the file in question quite possibly has a "Digital" signature. Which may explain why Getsusp did not detect it?

                  Greater minds than mine, would know this for certain.

                   

                  Regards,

                   

                  Message was edited by: catdaddy on 4/7/14 6:55:58 AM CDT
                  • 6. Re: Laplink.exe False Artemis!ACFD7E28BC45
                    Peacekeeper

                    When you emailed it did you do it as required here

                    http://vil.nai.com/vil/submit-sample.aspx

                     

                    You should have received an immediate reply with an analysis id. If not resend it as suggested in the above link. As CD says I can stir them up if we allow an appropriate time interval for them to act on your submission.

                    • 7. Re: Laplink.exe False Artemis!ACFD7E28BC45
                      gdj

                      Hi Tony and Cliff,

                       

                      The Analysis ID on the submission was 8057868.

                       

                      When using the GetSusp routine, 15 other files were identified as suspicious and 8 as unknown; these have not been flagged when running a McAfee scan.  The suspicious files are mostly related to my scanners (Epson and SnapScan), with the exception of a WordPerfect .dll and an Acrobat plug-in.  The unknowns are all related to my SoundBlaster audio card.  I doubt any are significant . . .

                       

                      Thanks.

                       

                      Greg

                      • 8. Re: Laplink.exe False Artemis!ACFD7E28BC45
                        Peacekeeper

                        Will pass the id info up the line

                        • 9. Re: Laplink.exe False Artemis!ACFD7E28BC45
                          vinoo

                          Thanks for reporting.

                          The file has been whitelisted - give it~25 mins for the false to go away.

                           

                          Cheers,

                          Vinoo

                          1 2 Previous Next