cancel
Showing results for 
Search instead for 
Did you mean: 
mail4deepak
Level 7

Possible False positive - Artemis!769E63185BE6

2 years back I had created an exe file from a bat file by using "Bat to Exe Converter v1.5.1". From 10th April McAfee has started detecting this exe to be infected with "Artemis!769E63185BE6". As this exe has been bundled with a product that is in the market for past 2 years I need to detrmine whthere the files is really infected ASAP.

One more update: McFee is detecting the virus on desktops but not on the server edition of microsoft OS .. Desktops and servers have sane version of Dat file (6677.0000)

Message was edited by: mail4deepak on 4/12/12 5:09:21 AM CDT

Message was edited by: SamSwift - please no attachements, even if you believe them to be clean. on 12/04/12 13:50:10 IST
0 Kudos
3 Replies
SamSwift
Level 12

Re: Possible False positive - Artemis!769E63185BE6

Hi,

I'll ask one of the team to take look at the detection name. Are you able to send us the file using the submit a sample link on the main security awareness community page please? Do make sure you put the word 'FALSE' in the email subject line.

Thanks,
Sam

0 Kudos
mail4deepak
Level 7

Re: Possible False positive - Artemis!769E63185BE6

I was able to submit to Virus_Research@avertlabs.com. This is the reply that I got.

McAfee Labs - Beaverton                                                   
Current Scan Engine Version:5400.1158                                     
Current DAT Version:6677.0000                                             
Thank you for your submission.                                            

Analysis ID: 6991476

File Name            Findings                       Detection                    Type         Extra
--------------------|------------------------------|----------------------------|------------|-----
dbcreatebackupdump.e|inconclusive                  |                            |            |no

inconclusive [dbcreatebackupdump.exe]                                     

   Automated analysis was not able to determine that this file is malware. This file is
being sent for further processing and the DAT files will potentially be updated if
detection of this sample is warranted.                                    

0 Kudos
showvik
Level 12

Re: Possible False positive - Artemis!769E63185BE6

Hi,

Artemis!769E63185BE6 has been suppressed. Please allow up to 30 minutes for the update to reflect in Artemis system. Some systems where Artemis feature was not enabled, may not have shown this detection.

Regards,

Showvik

0 Kudos