Showing results for 
Search instead for 
Did you mean: 

Our software is getting a False Artemis detection on McAfee


I am trying to get our software white listed as it is getting an Artemis detection that we are sure is a false positive.

I have submitted the software with all relevant details and I got the response pasted below.

Well - I know it is being detected already - what I want is to get it checked manually and white listed because it is not a Trojan.

Who do I talk to and how do I get it looked at manually so I can have a sensible discussion about what the software does, and why it is a false positive?

I've read a number of knowledgebase articles and have followed the instructions to the letter - just not sure what to do to escalate it from here?


McAfee Labs - Beaverton                                                               

Current Scan Engine Version:5900.7806                                                 

Current DAT Version:8738.0000                                                         

Thank you for your submission.                                                        

Analysis ID: 10491134

File Name            Findings                       Detection                    Type         Extra


app.ini             |inconclusive                  |                            |            |no  

dsp.bin             |inconclusive                  |                            |            |no  

dspboot.bin         |inconclusive                  |                            |            |no  

host.bin            |inconclusive                  |                            |            |no  

mpmprog.exe         |current detection             |rdn/generic.hbg             |Trojan      |no  

inconclusive [app.ini dsp.bin dspboot.bin host.bin]                                               

   Automated analysis was not able to determine that this file is malware. This file is  

being sent for further processing and the DAT files will potentially be updated if    

detection of this sample is warranted.                                                

current detection [mpmprog.exe]                                                                        

   The file submitted is malware that can be detected with current DAT files. It is      

recommended that you update your DAT and engine files and scan your computer again.   


Other information that may assist:

Product: VirusScan Enterprise 8.8
DAT version:

Description of issue:

The software is a small executable that opens a command window and loads a binary file into an embedded controller across an RS232 serial port. It is used to load firmware updates into the controller. It also logs any responses from the controller across the RS232 serial link into a text file for debugging if the firmware update has a problem.

A customer of ours has been using an earlier revision of this software for more than 10 years without a problem. We provided a newer version that is required to load later firmware updates into the controller. This newer program has been detected by their McAfee system as "GTI Reputation - Known Malicious".  We have checked against other brand virus systems and the result is that there is no virus detected.

Latest Applied Rule

4 v2 - Use GTI file reputation to identify trusted or malicious files

SHA-1 Hash


MD5 Hash


SHA-256 Hash


Certificate SHA-1 Hash

Not Available

Enterprise count


First contact

6/7/17 1:21:59 PM

Any assistance would be very much appreciated.


Brian O'Sullivan

Service Manager

NOJA Power Switchgear

3 Replies
Reliable Contributor Peacekeeper
Reliable Contributor
Report Inappropriate Content
Message 2 of 4

Re: Our software is getting a False Artemis detection on McAfee

You did the correct way to submit it and also the VirusTotal MD5 hash helps. We mods have to wait 3 days after submission before we can escalate the detection. We have to allow the labs to do a manual check following your submission and to try to let them fix it.

These are the rules we have been told to follow so if there is no fix in 3 days post back and 1 of we mods will immediately escalate the detection. The fix is usually 1 day or less after we escalate.

Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 3 of 4

Re: Our software is getting a False Artemis detection on McAfee

I have escalated your issue on your behalf,hopefully we will hear something in short order. Your escalated Ticket number is as follows;   Ticket #: AM001344 - False Artemis !

McAfee Volunteer
Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 4 of 4

Re: Our software is getting a False Artemis detection on McAfee

Hi Brian,

                 I just received back the following correspondence;

Hello Cliff,

Detection suppressed and sample is classified to clean.



Could you please confirm that your issue is resolved?

Thank you,



Consumer Products (Artemis!)

McAfee Volunteer
Member Rewards
McAfee Community rewards active and helpful members just like you. Click here to take a look at the first community members who received a special reward and were recognized by McAfee leader, Aneel Jaeel, for their participation and trusted knowledge in the community.