cancel
Showing results for 
Search instead for 
Did you mean: 
Giacomo1970
Level 7

ARTEMIS false positive

Jump to solution

Hi everybody,

can you help me to solve this false positive (Artemis!).
I've sent to Mcafee (virus_research@avertlabs.com) these files a couple of times but false positive is still detected.
All files comes from an accounting software, and I dont' want turn off Mc Afee when I working with it.
LOADEXSE.EXE Artemis!9689FC4DDBEB
SSP.EXE Artemis!B87CADD947F4
770.EXE Artemis!FCF8C8647AA8
GTT.EXE Artemis!3D74E044F16B
IVA.EXE Artemis!6AC40C634D97
thanks for your help.
Ciao
Giacomo
0 Kudos
1 Solution

Accepted Solutions
nownitin
Level 12

Re: ARTEMIS false positive

Jump to solution

Hi,


These files are found innocent and detection on all these files has been suppressed.

As Artemis is updated in real-time there is no requirement to wait for a full DAT update nor to use an EXTRA.DAT intermediate solution. Simply wait approximately 30 minutes and this false will no longer exist or trigger on your system. Depending on the network settings you have or the caching involved between your system and ours it may take slightly longer for this false alarm to be resolved.

In future please send your sample in password-protected (password="infected") zipped file  to our email address:

virus_research@avertlabs.com

Regards,

Nitin Kumar

McAfee SME

0 Kudos
11 Replies
nchattop
Level 12

Re: ARTEMIS false positive

Jump to solution

Hi

I am working on your issue, will get back to you soon

Thanks

Neha Chattopadhyay

MCafee SME

0 Kudos
nchattop
Level 12

Re: ARTEMIS false positive

Jump to solution

Hi

Your issue has been escalated to our Senir Virus Resarchers of McAfee Labs. Files are under the review process. Once the evaluation is complete, we will send you further response.

Regards

Neha Chattopadhyay

Mcafee SME

0 Kudos
Giacomo1970
Level 7

Re: ARTEMIS false positive

Jump to solution

OK, Thanks

0 Kudos
nownitin
Level 12

Re: ARTEMIS false positive

Jump to solution

Hi,

two files  ssp.exe and iva.exe has been found innocent and detection has been suppressed on these two files. Our senior virus researcher are working on other samples.

Information required : sample LOADEXSE.EXE Artemis!9689FC4DDBEB  - Is this file a part of same accounting software?

As Artemis is updated in real-time there is no requirement to wait for a full DAT update nor to use an EXTRA.DAT intermediate solution. Simply wait approximately 30 minutes and this false will no longer exist or trigger on your system. Depending on the network settings you have or the caching involved between your system and ours it may take slightly longer for this false alarm to be resolved.

In future please send your sample in password-protected (password="infected") zipped file  to our email address:

virus_research@avertlabs.com

Regards

Nitin Kumar

McAfee SME

0 Kudos
Giacomo1970
Level 7

Re: ARTEMIS false positive

Jump to solution

Yes, LOADEXSE.EXE (Artemis!9689FC4DDBEB) is a part of the same accountig software.

They use this exe file to start every single application.

Messaggio modificato da Giacomo1970 on 22/06/10 3.11.00 CDT
0 Kudos
nownitin
Level 12

Re: ARTEMIS false positive

Jump to solution

Hi,


These files are found innocent and detection on all these files has been suppressed.

As Artemis is updated in real-time there is no requirement to wait for a full DAT update nor to use an EXTRA.DAT intermediate solution. Simply wait approximately 30 minutes and this false will no longer exist or trigger on your system. Depending on the network settings you have or the caching involved between your system and ours it may take slightly longer for this false alarm to be resolved.

In future please send your sample in password-protected (password="infected") zipped file  to our email address:

virus_research@avertlabs.com

Regards,

Nitin Kumar

McAfee SME

0 Kudos
SamSwift
Level 12

Re: ARTEMIS false positive

Jump to solution

Marking as assumed answered. Please let us know if the issue is not resolved.

Thanks,

Sam

0 Kudos
Giacomo1970
Level 7

Re: ARTEMIS false positive

Jump to solution

A problem is not fully resolved.

GTT.EXE is now detected as Generic.dx!szi (Troian Horse).

The other files are correctly skipped.

Regards

Giacomo

0 Kudos
SamSwift
Level 12

Re: ARTEMIS false positive

Jump to solution

Hi,

Thanks for your reply. I'll ask one of the team to investigate.

Sam

0 Kudos