Jump to content
Enpass Discussion Forum

Trojan detected

Writer

By Writer
in Windows PC

 Share

Recommended Posts

Writer Newbie

Writer

Posted
  • Author
Posted

Thanks for the welcome, although I would rather not have been here ;)

I uninstalled the Windows Store version completely and tried to reinstall it from the Store. It immediately triggered McAfee again and made the install useless. So I had to uninstall again and tried installing the desktop windows version from your site. This didn't result in any errors so I could now use Enpass again. 

On your questions, my laptop and McAfee are managed by my employer so i can not exclude Enpass from McAfee detection nor do I think that's a smart suggestion to make to customers. 

I tried to paste the data from McAfee here but that resulted in a warning that my message was spam, so can't share that?

 

  • Like 1
Link to comment
Share on other sites
Dentonthebear Newbie

Dentonthebear

Posted
Posted
17 hours ago, Writer said:

Thanks for the welcome, although I would rather not have been here ;)

I uninstalled the Windows Store version completely and tried to reinstall it from the Store. It immediately triggered McAfee again and made the install useless. So I had to uninstall again and tried installing the desktop windows version from your site. This didn't result in any errors so I could now use Enpass again. 

On your questions, my laptop and McAfee are managed by my employer so i can not exclude Enpass from McAfee detection nor do I think that's a smart suggestion to make to customers. 

I tried to paste the data from McAfee here but that resulted in a warning that my message was spam, so can't share that?

Assuming Sinew have proper in-house quality control (which, yes you have to take on blind faith) that would stop an infected product being uploaded to the Windows Store it does sound as though McAfee is producing a false positive, especially as other Enpass users, who again I am assuming are using other competing antivirus products, have not reported an issue.  According to an old post on the McAfee forum an item designated as an Artimis Trojan is something that the software does not recognize and maybe a possible risk, basically it is being overly protective and giving you a warning.  Excluding the items from a scan is I agree not best practice, but a quality AV solution even if an item of malware was excluded by name should then stop it making erroneous changes to the system.

McAfee forum post: https://is.gd/j2vCOm

Instead of pasting (was the error generated by the forum software?) the McAfee data maybe you could enter it in manually, yes I understand this would take more time and effort, but it would help the developers to be able to communicate the problem with a third party such as McAfee quickly and easily.  Long term this would help yourself, your work colleges if they too use Enpass, and the rest of the community.

 

 

Link to comment
Share on other sites
  • 4 weeks later...
jedison Newbie

jedison

Posted
Posted
On 9/16/2020 at 4:45 PM, Writer said:

Thanks for the welcome, although I would rather not have been here ;)

I uninstalled the Windows Store version completely and tried to reinstall it from the Store. It immediately triggered McAfee again and made the install useless. So I had to uninstall again and tried installing the desktop windows version from your site. This didn't result in any errors so I could now use Enpass again. 

On your questions, my laptop and McAfee are managed by my employer so i can not exclude Enpass from McAfee detection nor do I think that's a smart suggestion to make to customers. 

I tried to paste the data from McAfee here but that resulted in a warning that my message was spam, so can't share that?

 

Thanks for the advice. I am in the same situation. I can open McAfee settings, but after adding an Exclusion for Enpass, it is promptly removed by McAfee. Downloading the traditional Win32 version seems to be the workaround.

McAfee product Name: McAfee Endpoint Security 10.6.1
DAT version -- Engine version, sorry, those are not obvious anywhere.


Analyzer / Detector
Analyzer content creation date    9/13/2020 8:21 AM
Product name    McAfee Endpoint Security
Product version    10.6.1
McAfee GTI query    Yes
Task name    On-Access Scan
Feature name    On-Access Scan
 
Threat
Action taken    Delete
Threat category    Malware detected
Threat detected on creation    No
Threat event ID    1027
Threat handled    Yes
Threat name    Artemis!4397290DA94C
Threat severity    Critical
Threat timestamp    9/14/2020 1:40 PM
Threat type    Trojan
 
Source
Source hostName    xxxxxxxx-BE
Source process name    C:\Windows\explorer.exe
 
Target
Target access time    9/14/2020 1:39 PM
Target create time    9/14/2020 1:31 PM
Target file size (bytes)    9216
Target hash    4397290da94cb862684facd9382c3047
Target host name    xxxxxxxx-BE
Target modify time    9/14/2020 1:39 PM
Target name    EnpassBridge.exe
Target path    C:\Program Files\WindowsApps\SinewSoftwareSystems.EnpassPasswordManager_6.50.700.0_x86__fwdy0m65qb6h2\EnpassBridge
Target user name    xxxxxxxx-BE\xxxxxxxx
 
Other
Vector type    Local System
Cleanable    Yes
Detection message    Threat Prevention Alert!
Detection quarantine ID    {FDBCDCFE-C33D-4DFF-AF27-9051A2EDE5C5}
Duration before detection (days)    0
Description    xxxxxxxx-BE\xxxxxxxx ran C:\Windows\explorer.exe, which attempted to access C:\Program Files\WindowsApps\SinewSoftwareSystems.EnpassPasswordManager_6.50.700.0_x86__fwdy0m65qb6h2\EnpassBridge\EnpassBridge.exe. The Trojan named Artemis!4397290DA94C was detected and deleted.
First action status    Succeeded
First attempted action    Clean
Second action status    Failed
Second attempted action    Delete

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...