cancel
Showing results for 
Search instead for 
Did you mean: 
wkwthree
Level 7

False Artemis!BEFE895D206B

Jump to solution

Hello,

Another one of our applications is incorrectly identified as the malicious Artemis!BEFE895D206B.I don't have the engine specifics or logs since the detections are only surfacing via VirusTotal. I’m not getting a comparable match when verifying with McAfee Total Protection but the getsup tool is flagging the file as suspicious. The same flag is also surfacing with McAfee Gateway Web. I've included a copy of the details from the gusup.exe submission. For privacy I've removed the machine name.

Some details about the application: The product is installed with the user’s full consent. At the time of install, the software is clearly disclosed as ad-supported. The product does not collect, share or sell any personally identifying information. Furthermore, the product provides a standard method to easily uninstall via the Windows Add/Remove program.

Please help in getting the flag removed and white-list the application to prevent this issue from reoccurring. This is a separate build from my other post. I’ve submitted it separately since it has a different signature.

Let me know if further details are required.

E-mail Submission Synopsis:

SR Number               CreationDate                WorkItem ID        Machine Name           

=========              ==============              ===========       ===========            

None specified         5/1/2014 3:30:56 PM         1330051            REMOVED

| File Name         | MD5                              | Findings                       | Detection          | Type           |

+--------------------+----------------------------------+--------------------------------+--------------------+----------------+

| setup_88201-it.ex_ | c8620cd60a158bdd6544c78825e25b61 |beta_heuristic_virus_detection | beav-new malware.x | assumed_dirty3 |

Thanks,
Wes

0 Kudos
1 Solution

Accepted Solutions
vinoo
Level 13

Re: False Artemis!BEFE895D206B

Jump to solution

Thanks for reporting. The file has been whitelisted.

0 Kudos
5 Replies
exbrit
Level 21

Re: False Artemis!BEFE895D206B

Jump to solution

To expedite matters if something is identified, maybe wrongly as "Artemis" then McAfee already knows about it.  Merely send an email to virus_research@mcafee.com with the Artemis detection name and the words "False Artemis!++++++++++++" (where ++++++++++++ is the 12-digit code given to it) as the subject/header line. (Minus the "").

0 Kudos
exbrit
Level 21

Re: False Artemis!BEFE895D206B

Jump to solution

I just heard from my contact at the labs.

I've escalated this internally. Given that we'll need to make a call whether to brand it as PUP/Adware or mark it clean, i thought it's best reviewed by  researcher.

0 Kudos
vinoo
Level 13

Re: False Artemis!BEFE895D206B

Jump to solution

Thanks for reporting. The file has been whitelisted.

0 Kudos
wkwthree
Level 7

Re: False Artemis!BEFE895D206B

Jump to solution

Thank you Ex_Brit and Vinoo. Your assistance is greatly appreciated.

Thanks,
Wes

0 Kudos
exbrit
Level 21

Re: False Artemis!BEFE895D206B

Jump to solution

Good luck Wes.  ;-)

0 Kudos