Page 1 of 1

Trojan with Serviio

PostPosted: Tue Dec 27, 2011 5:41 pm
by Replicant
I downloaded the latest version of Serviio a couple of days ago.

Now I have a Trojan/virus in my computer.

McAfee Stinger found this:

"Found Artemis!F2172B04281A trojan!!!"
60.nsis is infected with the Artemis!F2172B04281A virus!!!
serviio-0.6.0.1-win-setup.exe\60.nsis is infected with the Artemis....

Thank you very much! Serviio deleted and removed from my computer.

Re: Trojan with Serviio

PostPosted: Tue Dec 27, 2011 6:31 pm
by moltra
Where did you download the serviio file from?

Re: Trojan with Serviio

PostPosted: Tue Dec 27, 2011 7:49 pm
by Cerberus
Replicant wrote:I downloaded the latest version of Serviio a couple of days ago.

Now I have a Trojan/virus in my computer.

McAfee Stinger found this:

"Found Artemis!F2172B04281A trojan!!!"
60.nsis is infected with the Artemis!F2172B04281A virus!!!
serviio-0.6.0.1-win-setup.exe\60.nsis is infected with the Artemis....

Thank you very much! Serviio deleted and removed from my computer.


Serviio is not distributed via NSIS (non-silent installation script) so this can not of been downloaded from serviio website, so this user has clearly downloaded it from somewere else and got a trojan that ha just been named as if it was actualy serviio, if this is even a real trojan alert and i very much doubt it is and infection method shown is not even used by this trojan.

Re: Trojan with Serviio

PostPosted: Tue Dec 27, 2011 8:01 pm
by zip
NSIS is actually the system used to create the Windows installer. I'm more inclined though to think it's a false positive.

Re: Trojan with Serviio

PostPosted: Tue Dec 27, 2011 8:46 pm
by will
Can you submit the file to virus total or something similar. It will scan it with lots of different definitions and should confirm that it is a false positive.

Re: Trojan with Serviio

PostPosted: Wed Dec 28, 2011 7:32 am
by Replicant
I downloaded Servio from this site by clicking the serviio-0.6.0.1-win-setup.exe link on the download page. I have F-Secure installed in my Windows 7 computer but that did not find the trojan.

My email server was black listed on CBL. Therefore I run a check using Stinger, this found the trojan with the above mentioned message. I do not know if my CBL blacklisting and the trojan are connected in any way or if this is just a coincidence. There are 25 are computers on our company network and any of those could have caused the CBL blacklisting.

I have removed Serviio from my computer so I do not have the files anymore.

Re: Trojan with Serviio

PostPosted: Wed Dec 28, 2011 8:17 am
by Cerberus
i work for a massive datacentre company here in the uk and usa, i have personaly verified all downloads and NO trojans exist.

Re: Trojan with Serviio

PostPosted: Wed Dec 28, 2011 9:45 am
by NX3
Serviio is clean, checked against several leading virus scanners.

Re: Trojan with Serviio

PostPosted: Wed Dec 28, 2011 10:29 am
by Replicant
Just downloaded Serviio again 10 minutes ago and installed it. My computer was clean as per Stinger before the download.

I run McAfee Stinger again using Sensitivity Level for Heuristic Network Check for Suspicious Files set at "Very High".

I get the same trojan/virus message as in my first post. No other viruses or trojans.

Could somebody try to the same with the Stinger? I would like to know if this really is just a false positive.

Re: Trojan with Serviio

PostPosted: Wed Dec 28, 2011 6:01 pm
by Cerberus
replicant its a false positive i use datacentre grade scanning and no trojan is in serviio.