2 Replies Latest reply on May 5, 2010 5:24 AM by SamSwift

    Possible False Positive - Artemis!2E6B15A8F687

      I got the in the subject line mentioned detected item message for 5 files. Three of those have to do with system restore.

      The other two are MCAFEE70_XS4ALL.EXE (seriously) and its back-up on my external hard drive. This is the installation file for McAfee that I got from my provider XS4ALL. I checked the 'symptoms' of other Artemis detections in the registry, but couldn't find anything suspicious. Then again, these other Artemis detections might have completely different symptoms. Anyway, I hope this helps. I could try and send you a zipped version of the MCAFEE70_XS4ALL.EXE file, but it might prove to be too big.

        • 1. Re: Possible False Positive - Artemis!2E6B15A8F687

          McAfee Labs Sample Analysis
          Virus Researcher: Girish Pillai
          Filename: mcinst.exe
          Detected as Artemis!2E6B15A8F687
          Identified: No Virus/Trojan
          McAfee Labs, Bangalore, India

           

          Thank you for submitting your suspicious file.


          Synopsis -

           

          McAfee Labs researchers have examined the file in question and no malware was found.

           

          Solution -

          McAfee(R) Artemis technology provides real-time protection that secures enterprises and consumers from threats as they strike and much quicker than traditional signatures can be deployed. As Artemis is updated in real-time there is no requirement to wait for a full DAT update nor to use an EXTRA.DAT intermediate solution. Simply wait approximately 30 minutes and this false will no longer exist or trigger on your system. Depending on the network settings you have or the caching involved between your system and ours it may take slightly longer for this false alarm to be resolved.


          Solution -

          To ensure that you have the maximum available capability of detecting and cleaning this malware on your system, please make sure you have the latest engine.

          DAT updates are available at: http://www.mcafee.com/apps/downloads/security_updates/dat.asp

          Support

           

          -

          Virus Research accepts file samples for analysis and possible inclusion into AV signature DAT sets. We are also prepared to answer general virus questions.

           

          All product related questions and comments can be addressed through technical support and customer service, including:

           

            * Product installation and update questions
            * Product usage questions
            * Specific operating system/version questions
            * Assistance with detection and cleaning or removal of viruses or trojans

           

          Please use the following link to reach our technical support group for McAfee products.

          Corporate Customers:


          <http://www.mcafee.com/us/support/index.html>

          Single

           

          User/Home User:


          <http://service.mcafee.com/default.aspx>

          Regards,

          Girish

           

          Pillai
          McAfee Labs
          --------------------------
          McAfee Labs Blog <http://www.avertlabs.com/research/blog/>
          AudioParasitics - The Official PodCast of McAfee Labs <http://podcasts.mcafee.com/audioparasitics>
          --------------------------
          Safe online? Avoid dangerous web sites using McAfee SiteAdvisor™ -  a FREE download from http://www.siteadvisor.com?cid=27092. Don't search or surf without it!

          • 2. Re: Possible False Positive - Artemis!2E6B15A8F687
            SamSwift

            Marking as assumed answered due to age of post