False Artemis! EA896CFE4FD
New DaT update has disabled my program
McAfee DaT update 2 days ago now McAfee says my favorite program is a virus.. it
is not. I have run scan with diferent software (TrendMicro Housecall AGV ) and all my
computers and network is clean and all say the program - Artemis!
EA896CFE4FD ENGINE.EXE - is not a virus or Trojan.
Please fix this or make it so I can add this item to a trusted list.
4 days ( 2 1/2 days of mcaffe non english speaking techs) now and they have done nothing but ask me to give them $89.00 dollars per computer to remove the file from my computers LOL ( I have 3 networked so I guess they see $$) The file is not a virus or a trojan. And yes I had to find this forum and everything all by myself.
Anyone know how to stop Mcafee from quaranteening this file? Or making it a trusted file?
I have been a loyal customer for almost a decade to mcaffee and I have ran this program for 7 years with mcaffe with little issue ( I have Mcaffe quaranteen recored on my computer they have had issue with this file since 2008 but this is first time they have not allowed me to start the program, see 1st image below as proof), this is not very cool , it seems only mcafee is saying this file is a trojan, even mcafee's own Stinger stand alone scanner says it is not a trojan.
File for Kalonline MMORPG game.
I received this when I was able to send an email to Virus_Research@avertlabs.com and recived this email responce below , if you want to try and send a false positive to Mcaffee tech suoport for evaluation ( LOL) check this thread https://community.mcafee.com/thread/2016 may take you several time reading and trying to send the file but it will work almost imedatly with a auto resaponce if you do it right , yes it took me 1 whole day to figure out that I did it wrong and I had to keep trying and sending my 6 mb file till I got just like they want it, key is the auto responce will let you know quickly that they recived the email -
McAfee Labs - Beaverton
Current Scan Engine Version:5400.1158
Current DAT Version:6656.0000
Thank you for your submission.
Analysis ID: 6964540
File Name Findings Detection
engine.exe |inconclusive | |
Automated analysis was not able to determine that this file is malware. This file
being sent for further processing and the DAT files will potentially be updated if
detection of this sample is warranted.
Due to the prevalence of network gateway AV products, it is important that all
submissions be zipped and the zip file password-protected (password - infected). Some
products will reject an email that contains a virus that is not sent in this way. In
addition, often we receive a file that appears not to have been infected, to find
later that the file was infected when it left the sender, and was cleaned somewhere
along the line.
It is hard waiting day after day for the tech supoort to even answer email and this forum. Even harder to talk to an eourpean tech who can not speak english and try and explain what is going on. They need to resolve this soon (yes I need my game) OR I must fire Mcaffee as my virus stoper and go to another company that can take care of it's customers.
I contacted AVG anti virus (March 25 2012) And I found out their antivrus program thats is a comparable level to the McAfee I use has a feature to make this type of file a trusted file. Cost is slightly more for my 3 computers, I am considering it. I will update this post as to what happens with McAfee tech support, moderators of this forum, how they deal with this and what I end up doing. As of now they have not contacted me, answred my question here or fixed the false positive.
Message was edited by: nova on 3/25/12 1:56:30 PM MDT
@nova, it might help you to get your file rated safe if you tell the labs exactly what the file is, what it's for, and where it comes from (I wasn't able to tell from your post which game this file is for, I had to go and look it up). Then the labs can either download their own copy if they need to or ask the company to let them have a copy of engine.exe, and do a comparison to make sure your copy hasn't been infected somehow (these things do happen).
Tell them it comes from INixSoft and give them the contact details, which are on http://www.inixsoft.com/Helpdesk/Inquiry.asp
You should know that files with the name "engine.exe" are sometimes found to be malicious.
It comes with installation of the game Pirates of the Carribian and you need it to play the game.
JanA Game. Combat Arms Lionel
See what I mean? Used in lots of games. You need to specify which one.
|Across all ThreatExpert reports, the file "engine.exe" has sometimes been a threat.|
|File "engine.exe" has the following statistics:|
So the labs won't give it the all-clear until they've done testing it. You can help speed things up though.
The issue is only 1 day old the labs need a bit more time than that to fix and test these issues but it is fixed now after I pinged a tech.
I usually do this after a 3 day wait.
Please confirm and make as answered if OK.
If you want a trust this file option button add it as an idea see my sig. Check first that noone has asked already.Message was edited by: Peacekeeper on 27/03/12 1:35:19 PM
Hi, Hayton - as you can see from my post I do have the info you said i did not have take a look at the 1st image and I also stated the name of the game please read the post and look at the images.
Ok before everyone thinks I hate McAfee, I do not. they have been the best antivirus program I have ever had and over the last 7+ years NONE of my computers have had a trojan or virus McAffee was perfect!!!!!! and still is.
If I seemed upset in my post it was only due to my frustration of the complexity of the McAfee's false positve remedy system, all they had to for me was answer me right away to let me know they were working on it.
Also ty Peacekeeper for your answer.
SO guess what? They FIXED IT !!!!!!!!! tytyty. I hope no one is mad at me hehe.
MCAFEE ROCKS once again!! I am so happy. I still wish I had a trust button but all good now hehe.
THANK YOU McAfee
As I said somewhere add this suggestion as an idea if it is not already. If already there bump it up.
Ideas links in my sig
I forgot 1 thing - I found an artical in the forum ( i cant seem to find it now to link here) it said ... When you receive the auto email back from Virus_Research@avertlabs.com you need to then forward it with the word Suspected in the begining of the subject line back to the same email address, idk if this helped me or the forum moderators made it happen, I lean towards the moderators they seem to get things moving once involved.
Yes in this case I made it happen I pinged a tech and he looked up the analysis ID I gave him.
We recommend when you get the auto reply you click on reply and change subject to suspected false +ve and name of detection.
In the body say why you think it is a false +ve.
The Artemis!EA896CF9E4FD has been suppressed. Kindly update your DAT to the latest one (DAT 6662).