cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Analysis ID: 10395006 - Received automated email but no follow up response

Jump to solution

Below is the original email I received when attempting to get a .exe whitelisted via the submission process at https://community.mcafee.com/thread/2016

Could I get some assistance on how to proceed from that point?

I appreciate the help and thanks for your time!

======================================================================================

McAfee Labs - Beaverton

Current Scan Engine Version:5900.7806

Current DAT Version:8611.0000

Thank you for your submission.

Analysis ID: 10395006

File Name Findings Detection Type         Extra

--------------------|------------------------------|----------------------------|------------|-----

  1. zipandupload.exe |inconclusive | |            |no  

inconclusive [zipandupload.exe]

   Automated analysis was not able to determine that this file is malware. This file is  

being sent for further processing and the DAT files will potentially be updated if    

detection of this sample is warranted.

Note –

Due to the prevalence of network gateway AV products, it is important that all        

submissions be zipped and the zip file password-protected (password - infected). Some 

products will reject an email that contains a virus that is not sent in this way. In  

addition, often we receive a file that appears not to have been infected, to find     

later that the file was infected when it left the sender, and was cleaned somewhere   

along the line.

Regards,                                                                              

McAfee Labs                                                                           

1 Solution

Accepted Solutions
dmeier
Level 13
Report Inappropriate Content
Message 6 of 13

Re: Analysis ID: 10395006 - Received automated email but no follow up response

Jump to solution

I've marked this file as clean, and you shouldn't have any more detections.

- David

12 Replies

Re: Analysis ID: 10395006 - Received automated email but no follow up response

Jump to solution

I apologize for the lack of an Artemis ID as instructed. The detections are on several  remote client PCs in which I do not have immediate access to.

Re: Analysis ID: 10395006 - Received automated email but no follow up response

Jump to solution

Ok I will escalate this detection. Usually submission takes a few days I will assume you have waited this time before asking.

Re: Analysis ID: 10395006 - Received automated email but no follow up response

Jump to solution

Thank you for the quick response!

Re: Analysis ID: 10395006 - Received automated email but no follow up response

Jump to solution

Ticket #: AM001273 - Analysis ID: 10395006 false detection maybe

dmeier
Level 13
Report Inappropriate Content
Message 6 of 13

Re: Analysis ID: 10395006 - Received automated email but no follow up response

Jump to solution

I've marked this file as clean, and you shouldn't have any more detections.

- David

Re: Analysis ID: 10395006 - Received automated email but no follow up response

Jump to solution

Fantastic! I'll try to confirm this at the remote sites with the issue.

Thank you both for your time and quick assistance. Have a good weekend!

dmeier
Level 13
Report Inappropriate Content
Message 8 of 13

Re: Analysis ID: 10395006 - Received automated email but no follow up response

Jump to solution

Happy to help, you have a good one too.

- David

catdaddy
Level 20
Report Inappropriate Content
Message 9 of 13

Re: Analysis ID: 10395006 - Received automated email but no follow up response

Jump to solution

Could you kindly confirm that your detection has been suppressed,so as we can close this thread?

Thank you,

CD

Cliff
McAfee Volunteer

Re: Analysis ID: 10395006 - Received automated email but no follow up response

Jump to solution

My apologies, it has taken longer to coordinate an available remote session with the affected districts than anticipated.

I was able to restore the .exe and manually scan the file today at 1 of the 4 locations and it appeared to be properly white listed. If the manual scan functions off the same definitions as the scheduled scan then I believe we should be good.

Thank you again for your assistance with this issue!