cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ouyangx
Level 7
Report Inappropriate Content
Message 11 of 23

Re: Too many missed detections

You know there`s a thing called getsusp and you know its function, right?

The list above show the analysis report of the samples that have been missed on my PC.

catdaddy
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 12 of 23

Re: Too many missed detections

With all due respect, after using the Software for over (15) years and being a Moderator. Of course I do. I think Simon clearly explained the Difference between Detection Capabilities.

All the very Best,

CD/Catdaddy

Cliff
McAfee Volunteer
ouyangx
Level 7
Report Inappropriate Content
Message 13 of 23

Re: Too many missed detections

Is he referring to difference between detection capabilities of mcafee in getsusp and on my PC?

catdaddy
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 14 of 23

Re: Too many missed detections

The primary thing to take into consideration is, Are you experiencing any abnormal behavior, anything untoward in regards to your Software? If the answer is (No)...then there should be no reason for concern in my sincere honest opinion.

Cliff
McAfee Volunteer
ouyangx
Level 7
Report Inappropriate Content
Message 15 of 23

Re: Too many missed detections

there are samples that were missed on my PC, but when I uploaded them onto getsusp, it says that mcafee can kill some of them already.

that`s all I wanna express, and that`s abnormal enough, from my point of view.

catdaddy
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 16 of 23

Re: Too many missed detections

In regards to 'Stinger'  Stinger | McAfee Free Tools  Read how to use.

Cliff
McAfee Volunteer
SafeBoot
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 17 of 23

Re: Too many missed detections

What makes you think consumer products don't do behavioural protection? Of course they do!

getsup just looks at hashes of files and compares them with our dataset - it doesn't answer the question "would this file be allowed to run".

RDN refers to our datacenter machine learning system. It's often misunderstood that we hand-analyse all the malware we find, but when you're seeing upwards of 200k a day that's not scalable - most malware gets categorized automatically. Only the truly unique stuff needs human eyes.

One odd one I noticed in your dump was 7b84e05bf2045a64fba566dfb929d140 - If you look at VT most AV's consider it benign, which is usually a good sign that the few that don't are falsing.

It could be malware though - opinions change but given it's been in the system for two weeks it almost seems as if it's just some test code. Where are you getting samples from, and what are you trying to achieve by downloading them and submitting them?

SafeBoot
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 18 of 23

Re: Too many missed detections

oh, and if you are actually trying to answer the question "is this detected" - Stinger is a better tool for that.

ouyangx
Level 7
Report Inappropriate Content
Message 19 of 23

Re: Too many missed detections

my question is simple: Why my internet security can`t detect some samples while getsusp marked them as "detected",like this one:

| 34.ex_    | ec30c5cbca734b6c0311e5f332558606 | detected | rdn/ransom                | assumed_dirty4 |

That`s the only thing I want to know.

It`s my fault if I`ve expressed something in bad manner, but can you explain that?

vinoo
Level 13
Report Inappropriate Content
Message 20 of 23

Re: Too many missed detections

This sample gets detected by OAS and ODS for me as Artemis!EC30C5CBCA73

Am on VirusScan 8.8 - the enterprise product.

Do you see any Artemis! based detection names in MIS? Just want to make sure the cloud detection feature is enabled and working for you.

How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community