cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

ARTEMIS false positive

Jump to solution

Hi everybody,

can you help me to solve this false positive (Artemis!).
I've sent to Mcafee (virus_research@avertlabs.com) these files a couple of times but false positive is still detected.
All files comes from an accounting software, and I dont' want turn off Mc Afee when I working with it.
LOADEXSE.EXE Artemis!9689FC4DDBEB
SSP.EXE Artemis!B87CADD947F4
770.EXE Artemis!FCF8C8647AA8
GTT.EXE Artemis!3D74E044F16B
IVA.EXE Artemis!6AC40C634D97
thanks for your help.
Ciao
Giacomo
1 Solution

Accepted Solutions
nownitin
Level 12
Report Inappropriate Content
Message 7 of 12

Re: ARTEMIS false positive

Jump to solution

Hi,


These files are found innocent and detection on all these files has been suppressed.

As Artemis is updated in real-time there is no requirement to wait for a full DAT update nor to use an EXTRA.DAT intermediate solution. Simply wait approximately 30 minutes and this false will no longer exist or trigger on your system. Depending on the network settings you have or the caching involved between your system and ours it may take slightly longer for this false alarm to be resolved.

In future please send your sample in password-protected (password="infected") zipped file  to our email address:

virus_research@avertlabs.com

Regards,

Nitin Kumar

McAfee SME

11 Replies
nchattop
Level 12
Report Inappropriate Content
Message 2 of 12

Re: ARTEMIS false positive

Jump to solution

Hi

I am working on your issue, will get back to you soon

Thanks

Neha Chattopadhyay

MCafee SME

nchattop
Level 12
Report Inappropriate Content
Message 3 of 12

Re: ARTEMIS false positive

Jump to solution

Hi

Your issue has been escalated to our Senir Virus Resarchers of McAfee Labs. Files are under the review process. Once the evaluation is complete, we will send you further response.

Regards

Neha Chattopadhyay

Mcafee SME

Re: ARTEMIS false positive

Jump to solution

OK, Thanks

nownitin
Level 12
Report Inappropriate Content
Message 5 of 12

Re: ARTEMIS false positive

Jump to solution

Hi,

two files  ssp.exe and iva.exe has been found innocent and detection has been suppressed on these two files. Our senior virus researcher are working on other samples.

Information required : sample LOADEXSE.EXE Artemis!9689FC4DDBEB  - Is this file a part of same accounting software?

As Artemis is updated in real-time there is no requirement to wait for a full DAT update nor to use an EXTRA.DAT intermediate solution. Simply wait approximately 30 minutes and this false will no longer exist or trigger on your system. Depending on the network settings you have or the caching involved between your system and ours it may take slightly longer for this false alarm to be resolved.

In future please send your sample in password-protected (password="infected") zipped file  to our email address:

virus_research@avertlabs.com

Regards

Nitin Kumar

McAfee SME

Re: ARTEMIS false positive

Jump to solution

Yes, LOADEXSE.EXE (Artemis!9689FC4DDBEB) is a part of the same accountig software.

They use this exe file to start every single application.

Messaggio modificato da Giacomo1970 on 22/06/10 3.11.00 CDT
nownitin
Level 12
Report Inappropriate Content
Message 7 of 12

Re: ARTEMIS false positive

Jump to solution

Hi,


These files are found innocent and detection on all these files has been suppressed.

As Artemis is updated in real-time there is no requirement to wait for a full DAT update nor to use an EXTRA.DAT intermediate solution. Simply wait approximately 30 minutes and this false will no longer exist or trigger on your system. Depending on the network settings you have or the caching involved between your system and ours it may take slightly longer for this false alarm to be resolved.

In future please send your sample in password-protected (password="infected") zipped file  to our email address:

virus_research@avertlabs.com

Regards,

Nitin Kumar

McAfee SME

SamSwift
Level 12
Report Inappropriate Content
Message 8 of 12

Re: ARTEMIS false positive

Jump to solution

Marking as assumed answered. Please let us know if the issue is not resolved.

Thanks,

Sam

Re: ARTEMIS false positive

Jump to solution

A problem is not fully resolved.

GTT.EXE is now detected as Generic.dx!szi (Troian Horse).

The other files are correctly skipped.

Regards

Giacomo

SamSwift
Level 12
Report Inappropriate Content
Message 10 of 12

Re: ARTEMIS false positive

Jump to solution

Hi,

Thanks for your reply. I'll ask one of the team to investigate.

Sam