I am fresh in this community, so at first I will say hello
My name is Stefan and I am a software engineer in a company which develops software for the German statutory health insurance. Our software bases on SAP and I develop the most time in ABAP language. Additionally in my free time I programmed software to simplificate the development process in the SAP context. Therefore I develop a tool for SAP GUI Scripting, which automate user interaction. And now I have trouble with this tool with a virus alert in our company.
Sine version 3.00 of my tool detects McAfee enterprise Artemis!93D3036559E2 resp. McAfee-GW-Edtion Artemis in my tool, Tracker.exe. Funny is, that in the version 3.01 - with tiny bug fixes - McAfee doesn't detects malware. But actual in the version 3.02 - which is only compiled with a newer version of the compiler - it detects Artemis again. So I send this morning the complete package to virus lab of McAfee, as it described here. This afternoon I found another description here which proposes to send more information.
Well I hope I can offer this information here:
- A list of all files contained in the sample submission, including a brief description of where or how you found them
COM.ps1 - PowerShell script for COM support
Hinweis.txt - Text file with hints
Recorder.dll - Library which contains version information about Recorder.exe
Recorder.exe - Executable which records user activities on the SAP GUI for Windows
Scintilla.dll - Library for the editor
Snippets.xml - XML file with code snippets
Tracker.chm - Help file
Tracker.exe - Main program, Scripting Tracker
Tracker.ini - Preference file of Scripting Tracker
TypeLibInfo.dll - Library to analyze SAP GUI Scripting APIThe complete set of files can be found http://tracker.stschnell.de/tracker.zip
- What symptoms cause you to suspect that the sample is malicious
McAfee virus scanner detects in Tracker.exe Artemis virus
- Whether any security products find a virus
Only McAfee virus scanner detects Artemis
- Your McAfee product information
McAfee enterprise with signature files from 08.08.2016
- Any system details that may be relevant, including operating system and service packs
Windows 7, x64
Thanks for your support.