cancel
Showing results for 
Search instead for 
Did you mean: 
jjrice
Level 7
Report Inappropriate Content
Message 1 of 6

Artemis!BCEE2DD4128A

Trying to update a US Treasury Program called Saving Bond Wizard. McAfee blocks update as Artemis!BCEE2DD4128A

Please help

5 Replies
Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 2 of 6

Re: Artemis!BCEE2DD4128A

,

               Try following these Guidelines/Instructions;

                 For Corporate/Enterprise ;Submit a Virus or Malware Sample | McAfee Labs

All the Best,

Catdaddy

McAfee Volunteer Moderator

Consumer Products

Cliff
McAfee Volunteer
Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 3 of 6

Re: Artemis!BCEE2DD4128A

,

              Could you please confirm if your issue has been resolved? Or if you need further assistance.

Regards,

Catdaddy

Cliff
McAfee Volunteer
McAfee Employee dmeier
McAfee Employee
Report Inappropriate Content
Message 4 of 6

Re: Artemis!BCEE2DD4128A

I'm currently sorting through the details.

The file detection you mention, points to MD5 hash bcee2dd4128a67f6039162fef34d5c72. Which is reported to have the file name sbwcrv.exe. When extracted the file simply contains .txt files full of numerical values.


jjrice.JPG


This is also associated to two download locations having to do with savings bonds, that also have file names sbwcrv.exe.

However, the files when downloaded from those links, have the MD5 hash of b35d8a1453a51a82ff7ab188251060eb.

Their contents appear to be the same as above, leaving me with the question, what does this file do? Is it expected to simply drop .txt files?

- David

McAfee Employee dmeier
McAfee Employee
Report Inappropriate Content
Message 5 of 6

Re: Artemis!BCEE2DD4128A

I'll recommend that you download the file from the source again, and confirm it's not detected.

I'm not sure why, but the file you first mentioned, seems to be a re-wrapped version using 7Zip, rather than the original that used WinRAR. I just can't tell for what purpose.

I'll likely whitelist the original file, but would feel better if you could re-download the package, and you should get the one with MD5 b35d8a1453a51a82ff7ab188251060eb, as I did.

- David

McAfee Employee dmeier
McAfee Employee
Report Inappropriate Content
Message 6 of 6

Re: Artemis!BCEE2DD4128A

I understand now that the .txt files are a "database update", to the original program "swbsetup.exe".  I still cannot figure out where you got the 7Zip version, and would prefer to not whitelist it, on the basis that the legit site points to the WinRAR version.

- David

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community