3 Replies Latest reply on May 17, 2010 4:49 PM by nchattop

    Possible False Positive - Artemis!8FE76E02D9BA (Trojan)

      Engine version                          = 5400.1158

      5/16/2010 5:07:40 PM  AntiVirus   DAT version                 = 5984.0

      5/16/2010 5:07:40 PM  Number of detection signatures in EXTRA.DAT = None

      5/16/2010 5:07:40 PM  Names of detection signatures in EXTRA.DAT  = None

      5/17/2010 8:27:38 AM Not scanned (The file is encrypted)  CCANET\glschlut C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\glschlut\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7VM3ZIER\HPISDataManager[1].CAB\IDVECTRA.EXE

      5/17/2010 8:27:44 AM Deleted (Clean failed)  CCANET\glschlut C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\glschlut\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7VM3ZIER\HPISDataManager[1].CAB\IDVECTRA.EXE Artemis!8FE76E02D9BA (Trojan)

        • 1. Re: Possible False Positive - Artemis!8FE76E02D9BA (Trojan)

          Hi

           

          Thanks for submitting your file.

           

          We have examined the file in question and no malware was found.

           

          Hence we have suppressed Artemis False. As Artemis is updated in real-time there is no requirement to wait for a full DAT update nor to use an EXTRA.DAT intermediate solution. Simply wait approximately 30 minutes and this false will no longer exist or trigger on your system. Depending on the network settings you have or the caching involved between your system and ours it may take slightly longer for this false alarm to be resolved

           

          In future, please send us a sample for analysis, in a password-protected ZIP file (password - infected).
          You can find detailed instructions for how to do this at <http://vil.mcafeesecurity.com/vil/submit-sample.aspx>

           

          Feel free to contact us further for any query.

           

          Regards

          Neha Chattopadhyay

          McAfee SME

          • 2. Re: Possible False Positive - Artemis!8FE76E02D9BA (Trojan)

            Waited 30 minutes, and tried the site again - same issue:

             

            5/17/2010 4:01:25 PM Not scanned (The file is encrypted)  CCANET\glschlut C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\glschlut\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5CXZ08QN\HPISDataManager[1].CAB\IDVECTRA.EXE
            5/17/2010 4:01:31 PM Deleted (Clean failed)  CCANET\glschlut C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\glschlut\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5CXZ08QN\HPISDataManager[1].CAB\IDVECTRA.EXE Artemis!8FE76E02D9BA (Trojan)

            • 3. Re: Possible False Positive - Artemis!8FE76E02D9BA (Trojan)

              Done, please check and let me know if still any issue persists.

               

              Regards

              Neha Chattopadhyay

              McAfee SME