Kabuto trojan

[glennd]

Is this known?

Kabuto reported this:

Scan Date December 11th 2016 at 2:21:09 am
Scan Status Complete
Scan Log
Emsisoft Anti-Malware - Version 12.1.0.6970

Last update: 10/12/2016 12:01:33 AM

Initiated by: Scheduler

Computer name: SHUTTLE

OS version: Windows 7x64 Service Pack 1

Scan settings:

Scan type:

Objects: Rootkits, Memory, Traces, C:\, D:\, E:\, F:\

Detect PUPs: On

Scan archives: On

ADS Scan: On

File extension filter: Off

Direct disk access: Off

Scan start: 11/12/2016 12:00:19 AM

C:\Program Files\Kabuto\kabuto_updater.exe Trojan-Ransom.PadCrypt (A) [282991]

Scanned 309046

Found 1

Scan end: 11/12/2016 2:21:09 AM

Scan time: 2:20:50

C:\Program Files\Kabuto\kabuto_updater.exe Quarantined: Trojan-Ransom.PadCrypt (A)

Quarantined: 1

Edit:

Kabuto Managed AV
Engine Version: 4.0.0.799
Product Version: 12.1.0.6970

 

[phaZed]

Looks like a Ransomware encryption virus may be infecting that machine.

 

[fincoder]

Or more likely a false positive based on the behaviour of kabuto_updater, probably due to it being a newly updated exe file that is uncommon.

 

[repairtechinc]

Hey - So nothing to worry about here. Just a false positive.

Ian

 

[glennd]

Hey - So nothing to worry about here. Just a false positive.

Ian

kewl

 

[repairtechinc]

Hey - Forgot to update this thread. I talked to Emsisoft and they said the issue was on their end, they patched it up within a couple hours of seeing it.

Ian