cancel
Showing results for 
Search instead for 
Did you mean: 

False Artemis!813E4FF9B8D5

One plugin from some software we have used for years provided by a trusted developer.  This is being quarantined after a recent upgrade.  Please help!

15 Replies
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 2 of 16

Re: False Artemis!813E4FF9B8D5

See if this helps: 

Re: False Artemis!813E4FF9B8D5

Thanks Ex Brit.  I have already done that but the frustrating reply from avertlabs.com is below.  Obviously the solution I need is to get this listed as a trusted programme.  I've replied to that effect but I am not hopeful.  Any other suggestions?  PS.  I am not a techie, just a small business owner with 9 other staff who also have this problem and i need to sort it out for all of us.

 

McAfee Labs Sample Analysis

Thank you for submitting your suspicious file(s). We have determined that the following files are detected with our current DAT files.

Reference  : (Escalation) 9415940

---------------------------------

        

+---------------------------+----------------------------------+------------------+----------------------+-----------------+

| File Name                 | MD5                              | Findings         | Detection            | Type            |

+---------------------------+----------------------------------+------------------+----------------------+-----------------+

        | image001.gif              | 373b9569212a964df9ba43024ca5eaf5 | clean            |                      | clean           |

+---------------------------+----------------------------------+------------------+----------------------+-----------------+

       

        

Solution:

To ensure that you have the maximum capability of detecting and cleaning this malware, please make sure you have the latest McAfee scanning engine.

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 4 of 16

Re: False Artemis!813E4FF9B8D5

Have the owner of the software contact the labs using this form:  Detection Dispute Submission | McAfee Labs

Also if you are using Enterprise software you could open a case through the Portal.

Re: False Artemis!813E4FF9B8D5

ExBrit, you obviously know what you are talking about; I don't!  But I have now reached the stage where avertlabs aren't responding to my emails.  They sent me the email below with a .dat file.  But I don't have the folder "Engine".  I think it might have to be copied into C/Program Files/McAfee/MPF/data but when I try that it says access denied.  Any ideas?  Will this .dat file prevent McAfee from quarantining the file I need?

Thank you for submitting your suspicious file(s) for analysis. Attached is an EXTRA.DAT file for extra detection.

This update will be added to our daily production DATs as soon as possible. Usually this will be within the next 48 hours but may be longer in certain circumstances.

Solution:

The attached EXTRA.DAT file will detect the following submitted files:

Filename MD5 digest

-------- ----------

  1. sos.connect.4.17....813e4ff9b8d57b4c5af546ccbc3de6c0                                

The EXTRA.DAT file should be copied into the directory where the other DAT files reside (the default folder is: C:\Program Files\Common Files\McAfee\Engine).

Highlighted
Reliable Contributor Peacekeeper
Reliable Contributor
Report Inappropriate Content
Message 6 of 16

Re: False Artemis!813E4FF9B8D5

Is this consumer version or enterprise version? Sounds as if they assume you have enterprise it uses dats consumer does not though not sure re extra dats

Re: False Artemis!813E4FF9B8D5

It's the consumer version Peacekeeper.  The developers have also submitted information to McAfee but had no response.  I really am struggling here.  I don't understand why McAfee doesn't just let me mark the file as trusted....

Reliable Contributor Peacekeeper
Reliable Contributor
Report Inappropriate Content
Message 8 of 16

Re: False Artemis!813E4FF9B8D5

Only if it detected as a PUP ie potentially Unwanted Program does it offer that option as to many users would click trust when it is really not a good idea to do so for other than PUPs.. The extra dat is as far as I remember corporate version only but it will be incorporated in a new dat/engine release soon.

See what Peter adds.Develops should use the link Peter gave in post 3

Re: False Artemis!813E4FF9B8D5

Thanks again Peacekeeper.  Trouble is, 11 days ago they told me it would be added to their daily production DATs as soon as possible. Usually this will be within the next 48 hours but may be longer in certain circumstances.  And this morning when I tried again, the file is still being quarantined.  Any idea how frequently they really do release these things?

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 10 of 16

Re: False Artemis!813E4FF9B8D5

Submit again then, the only possible way to a solution.

Edit: ignore, we my last response on page 2.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community