cancel
Showing results for 
Search instead for 
Did you mean: 
carles
Level 9

False Artemis!01A1737C1F6C

Jump to solution

Hi,

We are facing some false positive issues in the software we develop. Here is a link to download a sample installer and also individual content:

Downloads removed until McAfee deems them safe.

We think this could have been caused by the use of an EXE protector/packer/antidebug/anti-tampering

Unfortunately we can't stop using it for security reasons but we digitally sign all the installers and files, so we hope you can whitelist our digital signature, since this is causing many reputation issues to our company and negatively affecting to our relation with customers.

Here you have links to the report of both files on VirusTotal:

https://www.virustotal.com/#/file/f221e67a88d8b72dae0901e22356a5e5231485f8f406791e0895fbe63e8199b8/d...

https://www.virustotal.com/#/file/afc4aff64a02d2f697d8ca413984524524c819a4667d9ace9bfed45ed589ecfe/d...

We have reported the problem to McAfee several times by email as suggested in the website, but we got no response. The problem persists and I believe that there should be a solution to this.

Thank you very much in advance.

If you should need any further details or contact information, please do not hesitate to contact me.

0 Kudos
1 Solution

Accepted Solutions
carles
Level 9

Re: False Artemis!01A1737C1F6C

Jump to solution

Yes it is! Wow, that was superfast!

Thank you very much, I really appreciate your help.

0 Kudos
32 Replies
catdaddy
Level 20

Re: False Artemis!01A1737C1F6C

Jump to solution

​,

                Did you Zip it and password protect it using the password    infected   ? Also you can follow these instructions. Detection Dispute Submission | McAfee Labs  It seems your downloads are under 10mbs so that should not be any problem.

                 I can attempt to send those Hashes to McAfee Labs on your behalf, and escalate it.

Cliff
McAfee Volunteer
0 Kudos
catdaddy
Level 20

Re: False Artemis!01A1737C1F6C

Jump to solution

Note: Removed from Moderation Queue.

Cliff
McAfee Volunteer
0 Kudos
carles
Level 9

Re: False Artemis!01A1737C1F6C

Jump to solution

​ Yes, I did.

I carefully read and followed all the instructions.

The issue would be fixed if we got our signature whitelisted. We are desperated and we believe there is a way to fix this without  involving solicitors...

Thanks

0 Kudos
Peacekeeper
Level 20

Re: False Artemis!01A1737C1F6C

Jump to solution

If you sent them correctly zipped and password protected you would have gotten an immediate reply with an analysis id for each file sent.

So some thing is amiss with the sending. In case cd has not sent the hash/virustotal details off to the labs I will as well. If he already has all the better.

0 Kudos
Peacekeeper
Level 20

Re: False Artemis!01A1737C1F6C

Jump to solution

Escalated to the malware response team

Whoops sorry CD

0 Kudos
catdaddy
Level 20

Re: False Artemis!01A1737C1F6C

Jump to solution

  No problemo Matey....

Cliff
McAfee Volunteer
0 Kudos
catdaddy
Level 20

Re: False Artemis!01A1737C1F6C

Jump to solution

                  I work closely with the McAfee Labs engineers. I have escalated your software submission on your behalf. Generally we have a protocol of 3 buisness days to allow them to Analyze/Process. Hopefully we will hear something back in short order. Your escalated Ticket number is as follows  Ticket #: AM001267 - False Artemis

Hope this helped....

CD

Cliff
McAfee Volunteer
0 Kudos
carles
Level 9

Re: False Artemis!01A1737C1F6C

Jump to solution

Wow! I'm delighted and pleased with your interest and fast response.

Thank you very much for your time ​ !!

0 Kudos
Peacekeeper
Level 20

Re: False Artemis!01A1737C1F6C

Jump to solution

I still am wondering why the zipped file failed to be read. Several things are required

1. Zip format not any other compressed file format

2. Password protect the file when zipped with infected as password.

3. File when zipped less than 10mb.

4 I prefer 1 zip a file though you might be able to do more.

if no immediate reply with an analysis id number post here and post the VT details of a VT scan and we can escalate.

0 Kudos