The file being detected is the one presently available (June 18, 2010) at http://download.bleepingcomputer.com/grinler/rkill.com
No version number is listed; I found the link on http://www.bleepingcomputer.com/virus-removal/remove-av-security-suite
Thanks in advance for any help.
We have whitelisted this file. As Artemis is updated in real-time there is no requirement to wait for a full DAT update nor to use an EXTRA.DAT intermediate solution. Simply wait approximately 30 minutes and this false will no longer exist or trigger on your system. Depending on the network settings you have or the caching involved between your system and ours it may take slightly longer for this false alarm to be resolved.
In future, please submit your samples on https://www.webimmune.net/default.asp
Thank you very much for investigating the issue I brought up.
About submitting samples on https://www.webimmune.net/default.asp: My discussion posting was based on the guidelines in this discussion's Recent Documents > "Information needed for possible Artemis false positive investigations." If those guidelines need to place more emphasis on webimmune.net, maybe someone at McAfee can revise them?
Thanks again for your time.
You don't necessarily have to send us a sample for an Artemis FP, but it can speed things up in some cases.
Hope this clarifies.