2 Replies Latest reply on Jul 31, 2008 10:06 AM by trent

    Purported Malware Trojan Detected in LD8.8-SP1 Installer via McAfee?

    Apprentice

      Hi ,

       

      McAfee VirusScan Enterprise 8.0 (ePO) VSE 8.0i is purportedly picking up Malware Trojan in LD8.8 SP1 Installer: LD88-SP1-Client.exe\LTACLIENTENFORCER.EXE and LD88-SP1-Core.exe\LTACLIENTENFORCER.EXE

       

       

      Message: The file <Path>\LANDesk_Software\8.8\SP1\LD88-SP1-Core.exe\LTACLIENTENFORCER.EXE is infected with the New Malware.ai Trojan. No cleaner available, quarantined successfully . Detected using Scan engine version 5200 DAT version 5350. (from SERVER  IP XX.XXX.XXX.XXX user SYSTEM running VirusScan Enter 8.0 (ePO) VSE 8.0i )

       

       

      Has anybody else encountered this?

       

       

      Hopefully its just a faulty DAT pattern (Scan engine version 5200 DAT version 5350)

       

       

        • 1. Re: Purported Malware Trojan Detected in LD8.8-SP1 Installer via McAfee?
          phoffmann SupportEmployee

          I've scanned my SP1 files and don't have a problem with that.

           

          Re-download SP1 potentially, (so it's "nice and clean") from our site, and run McAffee against it. If it detects something on the vanilla SP1, it's likely something borked in the definitions file (wouldn't be the first time they claim we're malware, as it happens - amusing thought that) :).

           

          Could be of course that the file is genuinely infected - either way my suggestion should help you figure out which is the case.

           

          LTACLIENTENFORCER is only significant if you use any kind of trusted access (i.e. LDDHCP / NAC, etc).

           

          Paul Hoffmann

          LANDesk EMEA Technical Lead.

          1 of 1 people found this helpful
          • 2. Re: Purported Malware Trojan Detected in LD8.8-SP1 Installer via McAfee?
            Apprentice

             

            Thanks Paul,

             

             

            Thinking about it, our very expensive slow internet pipe, has been known to corrupt downloads once in a blue moon, so i will download the files from my very cheep, reliable home connection and re-scan!

             

             

            If the problem persists i will check with McAfee

             

             

            Regards

             

             

            Trent