The new malware detection is a heuristic detection so that means we would need the sample to be submitted to us for further review. Please send the sample to email@example.com or else submit via the Webimmune (www.webimmune.net) portal.
Once we receive your sample, we will be able to analyze it and provide a solution as needed.
Thanks for the reply.
Yes, I submitted it yesterday. The result was:
Name Findings Detection Type Extra files_name.exe variant detection new malware-d Trojan no
variant detection [ files_name.exe ]
The file received may contain a potential virus or trojan threat identified heuristically. This potential threat was identified with our most powerful set of heuristic DAT drivers. Heuristic drivers can cause false-positive identifications, as such, this issue is being escalated to Avert Labs for a thorough review. You will be contacted through e-mail with the results of our analysis.
So, WebImmune detected it, but VirusScan didn't. I've had same this sort of problem a couple of times before. I sent a suspicious file through WebImmune and got a reply via e-mail confirming that the file contained a new malware. Now, when the dat file I received via e-mail, is out-of-date, VirusScan doesn't detect it anymore, though it is in Artemis database. Why is that?
Thanks for submitting your suspicious file for analysis.
When you submitted your sample, you should have received confirmation of your submission that included an assigned Analysis ID number identifying your escalation. Please respond to this message with that Analysis ID number so that we may expedite this issue to our researchers as necessary.
today, I received an email confirming that the file contained a new malware and VirusScan automatically removed the infection after installing the newest dat file.
(The analyse ID for this file is: 5788387)
The problem is that I've discovered many infections of a certain malware that I have already once got rid of. Now I have the same infection. I've scanned my computer several times but without any success. I uploaded one of these files to Virustotal and here's the result:
McAfee 5886 2010.02.08 - McAfee+Artemis 5886 2010.02.08 Artemis!440BEA0DC500
So, I need to delete these files manually but the snag is that I don't know where all these files exist.
The Issue Number for this detection is 5724445.
I currently use VirusScan engine version 5301.4018, is that the latest version?
I replied to your mail, as this malware can be identified and removed with our current scanners (Engine 5.3.00 + the current DAT).
Detection Name: Generic.dx!moc
Now I've got rid of that infection with dat version 5886.
Still, VirusScan won't detect "Artemis!CCFE6B8B3DB0 trojan !!!" and "Generic.TRA!440bea0dc500"
(analysis ID fot Generic.TRA: 5724445)
I detected these infections by using Stinger and online scanner.
Thanks for the information.
I'll take a look at the Analysis ID 5724445 and will get back to you soon.
We analysed the file further and a detection for the file submitted as ID 5724445 has been added as BackDoor-ARY. A response has been sent to your email, as well as an Extra.dat file for extra detection, which will be included in a future DAT set.