KiTTY : Forum Last modification : -
Welcome / Recent changes / News / Forum / Download / Contacts	Edit
Advertising seems to be blocked by your browser. Please notice that advertising helps us to host the project. Without advertising Forum does not work. Forum Home McAfee Endpoint Security Detection nuvan - Fri 01/06/2018 23:30:46 CEST +0200 REDACTED$ ran on-demand scan "Quick Scan", which detected the threat Trojan named Artemis!581FBBE1DE47 while scanning C:\Tools\KiTTY\kitty.exe but the file can't be deleted because it's locked. The file will be deleted when the file isn't locked. To identify the process locking the file, see KB85494. Analyzer / Detector Analyzer content creation date 5/31/2018 11:15 AM Product name McAfee Endpoint Security Product version 10.5.0 McAfee GTI query Yes Task name Quick Scan Feature name On-Demand Scan Threat Action taken Delete pending Threat category Malware detected Threat detected on creation No Threat event ID 1428 Threat handled Yes Threat name Artemis!581FBBE1DE47 Threat severity Critical Threat timestamp 6/1/2018 12:24 PM Threat type Trojan Source Source hostName REDACTED Source process name On-Demand Scan Target Target access time 5/31/2018 2:47 PM Target create time 5/31/2018 2:47 PM Target file size (bytes) 698368 Target hash 581fbbe1de47e9fd7776961a10657b56 Target host name REDACTED Target modify time 5/31/2018 2:47 PM Target name kitty.exe Target path C:\Tools\KiTTY Target user name REDACTED$ Other Vector type Local System Cleanable Yes Detection quarantine ID {0EAC5363-4C2D-43DB-87EE-B3F985FDEA89} Duration before detection (days) 0 Description REDACTED$ ran on-demand scan "Quick Scan", which detected the threat Trojan named Artemis!581FBBE1DE47 while scanning C:\Tools\KiTTY\kitty.exe but the file can't be deleted because it's locked. The file will be deleted when the file isn't locked. To identify the process locking the file, see KB85494. First action status Failed First attempted action Clean Second action status Succeeded Second attempted action Delete Cyd - Sat 02/06/2018 12:51:33 CEST +0200 Here is the virus total analysis report: https://www.virustotal.com/fr/url/5fd4534d0cbcbf12076418cb2966c10f3d150726ee7c08cbe2b9504f4f640d0c/analysis/ Peter Hoogendijk - Tue 26/06/2018 10:26:33 CEST +0200 Scanning the latest kitty_portable version 0.70 with McAfee Endpoint Security does not detect any threats, but executing it does: "Threat Type: Real Protect-LS!4d82cfaa285e". The kitty_portable executable is deleted by the McAfee Endpoint Security protection. So for now it's back to PuTTY for me :-( Sven - Thu 28/06/2018 23:14:15 CEST +0200 Same problem here with latest KiTTY portable 0.70.0.5. McAfee reports a virus and deletes the file immediately... Answer The forum is actually closed
	L'adresse initiale de cette page est http://kitty.9bis.com/ Wiki utilisant PumaWiki 1.0, merci aux membres de la PuTTY Team 2026/06/10 02:02 -- en -- 216.73.216.230 --

McAfee Endpoint Security Detection

nuvan - Fri 01/06/2018 23:30:46 CEST +0200

REDACTED$ ran on-demand scan "Quick Scan", which detected the threat Trojan named Artemis!581FBBE1DE47 while scanning C:\Tools\KiTTY\kitty.exe but the file can't be deleted because it's locked. The file will be deleted when the file isn't locked. To identify the process locking the file, see KB85494.
Analyzer / Detector
Analyzer content creation date 5/31/2018 11:15 AM
Product name McAfee Endpoint Security
Product version 10.5.0
McAfee GTI query Yes
Task name Quick Scan
Feature name On-Demand Scan

Threat
Action taken Delete pending
Threat category Malware detected
Threat detected on creation No
Threat event ID 1428
Threat handled Yes
Threat name Artemis!581FBBE1DE47
Threat severity Critical
Threat timestamp 6/1/2018 12:24 PM
Threat type Trojan

Source
Source hostName REDACTED
Source process name On-Demand Scan

Target
Target access time 5/31/2018 2:47 PM
Target create time 5/31/2018 2:47 PM
Target file size (bytes) 698368
Target hash 581fbbe1de47e9fd7776961a10657b56
Target host name REDACTED
Target modify time 5/31/2018 2:47 PM
Target name kitty.exe
Target path C:\Tools\KiTTY
Target user name REDACTED$

Other
Vector type Local System
Cleanable Yes
Detection quarantine ID {0EAC5363-4C2D-43DB-87EE-B3F985FDEA89}
Duration before detection (days) 0
Description REDACTED$ ran on-demand scan "Quick Scan", which detected the threat Trojan named Artemis!581FBBE1DE47 while scanning C:\Tools\KiTTY\kitty.exe but the file can't be deleted because it's locked. The file will be deleted when the file isn't locked. To identify the process locking the file, see KB85494.
First action status Failed
First attempted action Clean
Second action status Succeeded
Second attempted action Delete

Cyd - Sat 02/06/2018 12:51:33 CEST +0200

Here is the virus total analysis report:
https://www.virustotal.com/fr/url/5fd4534d0cbcbf12076418cb2966c10f3d150726ee7c08cbe2b9504f4f640d0c/analysis/

Peter Hoogendijk - Tue 26/06/2018 10:26:33 CEST +0200

Scanning the latest kitty_portable version 0.70 with McAfee Endpoint Security does not detect any threats, but executing it does: "Threat Type: Real Protect-LS!4d82cfaa285e".
The kitty_portable executable is deleted by the McAfee Endpoint Security protection. So for now it's back to PuTTY for me :-(

Sven - Thu 28/06/2018 23:14:15 CEST +0200

Same problem here with latest KiTTY portable 0.70.0.5. McAfee reports a virus and deletes the file immediately...

Answer

The forum is actually closed