cancel
Showing results for 
Search instead for 
Did you mean: 
soporteln
Level 7

FALSE POSITIVE - Detected as Artemis!1BA11ED92F48

Some legitime applications and DLL's, ICGHGRAF.DLL has been created by a company. However, it has still been  detected as Artemis!1BA11ED92F48 threat by McAfee. Please, check/remove this false positive detection.

0 Kudos
12 Replies
soporteln
Level 7

Re: FALSE POSITIVE - Detected as Artemis!1BA11ED92F48

Also we have another false detections from the same application.

ICGResources.dll detected as Artemis!8C75EC5A2E82.

ICGHGraf.dll detected as Artemis!B0DA07D7549D

Please, check/remove this false positive detection too as soon as posible.

I'd like to transmit the urgency of the issue.

Thanks

0 Kudos
lakshmanans
Level 12

Re: FALSE POSITIVE - Detected as Artemis!1BA11ED92F48

Hi Soportein,

McAfee identified as Generic.Tra!a711be9dccc0 if your product is enter prise edition like VSE kindly follow the below steps . if your Home user kindly contatct the McAfee support.

McAfee Labs Sample Analysis

Issue Number:  6893450  

Identified: Generic.TRA

McAfee Labs, McAfee Labs

Thank you for submitting your suspicious files.

Synopsis -

Attached is a file for extra detection, which will be included in a future DAT set.

Solution -

EXTRA.DAT

The extra dat will detect the following files in the escalation.

Filename            MD5 digest                                                      

--------            ----------                                                      

icghgraf.dll        a711be9dccc040b646d5f59a2ba38a4e                                

The file should be copied into the directory where the other DAT files reside (with default installation, C:\Program Files\Common Files\McAfee\Engine).

Once you have copied the file, reboot the system for the driver to be loaded.

0 Kudos
soporteln
Level 7

Re: FALSE POSITIVE - Detected as Artemis!1BA11ED92F48

Thanks for the answer,

but I also need CGResources.dll detected as Artemis!8C75EC5A2E82 to be included. It's attached is the other file.

0 Kudos
lakshmanans
Level 12

Re: FALSE POSITIVE - Detected as Artemis!1BA11ED92F48

Hi Soportein,

the above file is also thw same variant of previous infected file kindly find the analysis information

McAfee Labs Sample Analysis

Issue Number:  6893639  

Identified: Generic.TRA

McAfee Labs, McAfee Labs

Thank you for submitting your suspicious files.

Synopsis -

Attached is a file for extra detection, which will be included in a future DAT set.

Solution -

EXTRA.DAT

The extra dat will detect the following files in the escalation.

Filename            MD5 digest                                                      

--------            ----------                                                      

icgresources.dll    2d1a99309fa4b7ab5e3f0cc4eadbf631                                

The file should be copied into the directory where the other DAT files reside (with default installation, C:\Program Files\Common Files\McAfee\Engine).

Once you have copied the file, reboot the system for the driver to be loaded.

0 Kudos
lakshmanans
Level 12

Re: FALSE POSITIVE - Detected as Artemis!1BA11ED92F48

The Detection name is Generic.Tra!2d1a99309fa4

kindly apply the extra DAT if you are enterprise customer else the Extra detection wll be covered in future update.

0 Kudos
soporteln
Level 7

Re: FALSE POSITIVE - Detected as Artemis!1BA11ED92F48

Please, let me explain myself. It is a false positive detection. The McAfee antivirus has already detected an legitime application as a threaten.

We are asking you to delete/remove these false detections from your virus database.

0 Kudos
soporteln
Level 7

Re: FALSE POSITIVE - Detected as Artemis!1BA11ED92F48

Hi

please I'd like to claim a solution for this issue as soon as possible.

Thanks

0 Kudos
Peacekeeper
Level 20

Re: FALSE POSITIVE - Detected as Artemis!1BA11ED92F48

Did you submit the files to McAfee as laid out here

http://vil.nai.com/vil/submit-sample.aspx

Reply to the auto detection reply changing the subject to false +ve and name of detection.

Note the analysis ID in your post here if no fix in 3 days. I will get it escalated.

Message was edited by: Peacekeeper on 9/02/12 6:33:28 AM
0 Kudos
SamSwift
Level 12

Re: FALSE POSITIVE - Detected as Artemis!1BA11ED92F48

Have asked research to look into this.

Sam

0 Kudos