cancel
Showing results for 
Search instead for 
Did you mean: 
kalelinho
Level 7

False Artemis!402CBFCF8CAE

Jump to solution

Hello,

I have bought a software of a trust company and when I try to open it after its installation McAfee keeps flagging the .exe file (tajweed.exe) as a virus, causing the software to fail. I am getting the "False Artemis!402CBFCF8CAE" message and McAfee takes my .exe (tajweed.exe) file for this software and quarantines it. Once I try to send it back to its resective folder, McAfee wil repeat the whole quarantine process once again.

What is the problem ?

What can I do to avoid the quarantine process and to be able to use this (expensive) software ?

Thank you in advance for your help.

Best regards.

0 Kudos
1 Solution

Accepted Solutions
Peacekeeper
Level 20

Re: False Artemis!402CBFCF8CAE

Jump to solution

Anandd I got an email from another avertlabs tech saying this is not fixed  is it

Kalelinho can you retest this please

If fixed can you mark this thread as answered and any post as helpful (in actions link) or correct answer as you see fit.

0 Kudos
16 Replies

Re: False Artemis!402CBFCF8CAE

Jump to solution

Hi there,

Please submit the file to McAfee as per below article and in the main time create a file exclusion for the exe that has been removed.

False positive submissions
If you think that a file has been falsely detected or incorrectly classified, follow this procedure to submit the sample to McAfee Labs. 

Submit false positive samples through the McAfee ServicePortal
The preferred method for submission is via the McAfee ServicePortal. See Solution 1 for instructions to submit samples using the ServicePortal.

When you use the ServicePortal to submit false positives, ensure that you select the appropriate Issue Type for your submission:

  • Artemis False (false positive detection from Global Threat Intelligence)
  • Suspected False (all other false positive detections)

Email submissions
To submit a sample via email, please send it to McAfee Labs Virus Research at: virus_research@mcafee.com.

  • Prefix the email subject line with the word FALSE. For example:

    FALSE: In-house file being detected by McAfee
  • Ensure that you include the On Access / On Demand Scan log files of the McAfee product along with the DAT and Engine versions in use at the time. Also, include any other relevant information regarding why you think the file has been incorrectly detected. This information is helpful when analyzing the sample.

        Information to provide: (example)

        Please review the submitted file as we believe this is a false detection.

    Product: VirusScan Enterprise 8.8
    DAT version: 6587
    Engine: 5400
    Description of issue: This application has been developed as an in-house tool for cleaning our databases. Please see the attached OAS/ODS log file showing this detection by VirusScan.

    NOTE: Failure to supply all of the information requested above might result in delays with the analysis.

After the sample has been analyzed, one of the following happens:

  • The sample is considered clean. Detection is suppressed and will be updated in the earliest DAT release.
  • The sample is incorrectly classified. It will be reclassified and detection will be updated in the earliest DAT release.
  • Analysis of the file determines that the sample is properly detected. You will be notified of the results.

Best regards,

José María

0 Kudos
k3tg
Level 14

Re: False Artemis!402CBFCF8CAE

Jump to solution

This is the link I have that is used to submit samples to McAfee for analysis

Good Luck

Tom K3TG

0 Kudos
catdaddy
Level 20

Re: False Artemis!402CBFCF8CAE

Jump to solution

There also is this link, Albeit may just be for Buisness/Corporate Customers?

Detection Dispute Submission | McAfee Labs

Regards,

Catdaddy

McAfee Volunteer Moderator

Cliff
McAfee Volunteer
0 Kudos
kalelinho
Level 7

Re: False Artemis!402CBFCF8CAE

Jump to solution

I have submitted the .exe file via Getsusp and the result is :

SR Number               Creation Date                WorkItem ID        Machine Name

=========               ==============               ===========        ===========

None specified          8/7/2014 5:57:36 PM          1398011            VAIO_YO

+-------------+----------------------------------+--------------+-----------+--------+
| File Name   | MD5                              | Findings     | Detection | Type   |
+-------------+----------------------------------+--------------+-----------+--------+
  | tajweed.ex_ | 402cbfcf8cae94755ce0767a647fb895 | not_detected |           | TROJAN |
+-------------+----------------------------------+--------------+-----------+--------+

0 Kudos
kalelinho
Level 7

Re: False Artemis!402CBFCF8CAE

Jump to solution

What can I do knowing that I am sur that the file is a trust one ?

0 Kudos

Re: False Artemis!402CBFCF8CAE

Jump to solution

You can open a case with Malware team and ask why is detected I mean what is the behaviour or what trigger to be detected...

Regards,

José María

0 Kudos
kalelinho
Level 7

Re: False Artemis!402CBFCF8CAE

Jump to solution

I can send the .exe file by mail for an analysis. Will they be able to whitelist it ?

0 Kudos
catdaddy
Level 20

Re: False Artemis!402CBFCF8CAE

Jump to solution

It looks as though you have sent it, by your Confirmation and Work Item #. Please allow them the appropriate time to analyze ( 4-5) business days. As they detect over 150,000 samples a day.

Regards,

Catdaddy

McAfee Volunteer Moderator

Cliff
McAfee Volunteer
0 Kudos
kalelinho
Level 7

Re: False Artemis!402CBFCF8CAE

Jump to solution

Ok I will wait. thank you for your answer.

0 Kudos