1 2 Previous Next 11 Replies Latest reply on Apr 20, 2017 9:06 PM by jimmyraz

    "False Artemis!4DD89AF63CF7"


      I have been submitting this for days.  No response via e-mail or GetSusp.


      This file abcreplace.exe is clean and a file of this programs on GitHub: RABCDAsm.


      I have been unable to use this program now for four days.

        • 1. Re: "False Artemis!4DD89AF63CF7"

          Have you tried following these Guidelines/Instructions? What To Do When McAfee Detects Software As An Infection - How to Submit To McAfee Labs & Appeal


          Also if you are having difficulty upload them to Virus Total and provide the MD5 hashes.

          • 2. Re: "False Artemis!4DD89AF63CF7"

            Did you not read the post?  I also explained why I posted two threads.


            "I have been submitting this for days.  No response via e-mail or GetSusp."  Do those instructions not tell you to use GetSup?

            • 3. Re: "False Artemis!4DD89AF63CF7"

              Did you *ZIP it and password protect it using the password   infected    ? With all due respect, I am attempting to help you resolve your issue. If you submit it correctly, you will recieve a Analysis ID#. As I (Clearly) stated..if you are having difficulty simply upload to Virus Total.


              To use *Getsusp* properly, enter your email address under preferences before scanning.

              • 4. Re: "False Artemis!4DD89AF63CF7"

                No , The file is to large to zip.


                "To use *Getsusp* properly, enter your email address under preferences before scanning."


                I just told you I read and followed those instructions.  That is what I did 4 days ago and I did it more than once.  I have also sent several e-mail.


                I have followed the instructions to the letter. Who's fault would it be that I am not getting a Analysis ID?  Also why are you not responding to my e-mails?


                I scanned the file with GetSup it came up clean.  How is Virus Total going to get your software to stop quarantining this file??


                I am at the computer right now.  There are only 2 or 3 buttons on GetSup.  Tell me how I did it wrong.



                Here is the result from  Virus Total


                File name:abcreplace.exe
                Detection ratio:11 / 62
                Analysis date:2017-04-11 13:40:59 UTC ( 1 week, 2 days ago )
                • 5. Re: "False Artemis!4DD89AF63CF7"

                  FYI..I am not responding to your emails. I am responding to your *Posts* I am simply doing my utmost in getting a resolution to your problem. I am very astute with Artemis! detections, as I work closely with the McAfee Labs Technicians/Engineers.


                  IWe can understand one getting frustrated. I will now contact someone from McAfee Labs on your behalf, to escalate your issue. I also agree that there is indeed a (10mb) limit. Hence is why I requested you to submit to Virus Total.


                  I would hope that you find my assistance *Helpful*

                  • 6. Re: "False Artemis!4DD89AF63CF7"

                    Yes,  I am irritated and I don't mean to take it out on you.  How can I get this software to stop quarantining this file?


                    Thanks for your help. 

                    • 7. Re: "False Artemis!4DD89AF63CF7"

                      Please be informed that your Artemis! has been submitted on your behalf. Your escalation Ticket number is as follows  Ticket #: AM000911 - Artemis!


                      Hopefully we will hear something in short order.

                      • 8. Re: "False Artemis!4DD89AF63CF7"

                        Hey guys, I'll take a look at this one.  Let us remain professional, as biting the hand, and all that.....    Our volunteer moderators work tirelessly to keep this communities moving forward.


                        - David

                        • 9. Re: "False Artemis!4DD89AF63CF7"

                          Thanks for the github link, because the file by itself won't execute, due to missing libraries.  However, from reviewing the source code, and other companion files, I don't think it's doing anything malicious. Assuming you aren't using it to inject malicious code into SWF files....

                          I've whitelisted the specific file mentioned, MD5=4dd89af63cf75832ed61cb0fd5fd5650


                          - David

                          2 of 2 people found this helpful
                          1 2 Previous Next