Recently, I downloaded a malware pack of 13 samples from Malware Tips.
After scanning with McAfee Antivirus Plus, 6 samples are missed.
However, I found that some missed samples are reported as malwares by the McAfee engine employed by Virus Total
Here is the screenshot of the virus total report for one of the samples, you can see that this sample is detected as malware by Artemis:
And here is the link of the full report: https://www.virustotal.com/en/file/b9894606a6cd2b6732b4d7642f21961916042db7078602400575b3837900d805/...
The engine of my McAfee is successfully updated every day, and I have not changed any default settings.
So, I cannot understand that why the local scanning result is different from the virus total report.
By the way, I have submitted this sample via getsusp, but getsusp also says that "no suspicious file is found"...
I do not know that whether this forum allows to upload the malware sample, so I cannot upload it here.
Pending a more explanatory reply from a support person, if they are around, I can only hazard a guess that as that detection was labelled "Artemis" then it's new and as yet unclassified. I say that because the McAfee engine gives any unknown detection the name Artemis.
Thanks for your reply.
The problem is that, since the consumer edition of McAfee can also access GTI and Artemis, the expected result here is that the local scanner also reports this sample as "Artemis!XXXXX", but it treats this sample as a safe file.
VirusTotal uses a different detection engine to the endpoint products - they are not equivalent.