cancel
Showing results for 
Search instead for 
Did you mean: 
chaosaura
Level 7

Artemis!FF95E58D03BE-False Positive

Jump to solution

I've been trying to get a game called 'Super Mario Rpg The Seven Sages' working. Everytime I try to extract the .exe file it's automatically deleted and put under quarantine as Artemis!FF95E58D03BE. When I turn Real time scanning off, the game runs fine. I've heard other reports of mcafee reporting this file as a trojan, even though it's probably a false positive. There are videos all over youtube of this game being run, so that's good enough proof for me that this file is safe. I've also used this file on another computer with a different anti virus and had no problems.

on 18/08/12 1:05:32 AM
0 Kudos
1 Solution

Accepted Solutions
showvik
Level 12

Re: Artemis!FF95E58D03BE-False Positive

Jump to solution

Hi,

Artemis!FF95E58D03BE has been suppressed. It may take up to 2 hours for this update to reflect in Artemis system.

Regards,

Showvik

0 Kudos
7 Replies
Peacekeeper
Level 20

Re: Artemis!FF95E58D03BE-False Positive

Jump to solution

Send the file as explained to mcafee here

http://vil.nai.com/vil/submit-sample.aspx

You will most likely get an immediate reply saying it is infected and an analysis ID number. reply to this email adding false+ve and name of detection into the subject and in the body of the email say why you think it is a false detection.

Post the analysis id here and if no solution in 3 days post back and I will ping a lab tech to personally look at it.

0 Kudos
chaosaura
Level 7

Re: Artemis!FF95E58D03BE-False Positive

Jump to solution

Okay, I sent the file through getsusp and this is what I got:


Thank you for using the GetSusp tool and submitting your suspicious file(s). You will find detailed below, the status of each file in the submission after an initial analysis.

        SR Number               Creation Date                WorkItem ID        Machine Name
        =========               ==============               ===========        ===========
        None specified          8/18/2012 6:01:47 AM         646801             CHAOSAURA-PC


        File Name                           Findings                            Detection                           Type
        ---------                           --------                            ---------                           ----
        super mario rpg - the seven s...    not_detected                        TROJAN

In the event that the files are not listed as known threats, the submission will be forwarded to a McAfee Labs Researcher for further analysis. You will be contacted by McAfee Labs through email with the results of that analysis.

I also replied saying false+ve and the name of the detection like you said, so hopefully  this will be fixed soon.

0 Kudos
Peacekeeper
Level 20

Re: Artemis!FF95E58D03BE-False Positive

Jump to solution

No analysis id specified?

0 Kudos
chaosaura
Level 7

Re: Artemis!FF95E58D03BE-False Positive

Jump to solution

Just asking, how do you get this analysis id? My email cannot send .zip files containing .exes, so I can only upload with getsusp. The email i got from getsusp had no 'analysis id' on it.

How do I get the id?

OR is it the WorkItem Id which is 646801.

Thanks in advance.

on 19/08/12 3:54:47 AM
0 Kudos
Peacekeeper
Level 20

Re: Artemis!FF95E58D03BE-False Positive

Jump to solution

You used the email you show in your Mcafee community profile? ( I can read it) If so that and the workitem id might work. If no reply in 2 more days post back and I will ping a tech.

0 Kudos
showvik
Level 12

Re: Artemis!FF95E58D03BE-False Positive

Jump to solution

Hi,

Artemis!FF95E58D03BE has been suppressed. It may take up to 2 hours for this update to reflect in Artemis system.

Regards,

Showvik

0 Kudos
Peacekeeper
Level 20

Re: Artemis!FF95E58D03BE-False Positive

Jump to solution

Now thbat was fast work now?

0 Kudos