It's not Arthemis detection...
I did try to resend the files to virus_research (at) avertlabs.com and reply to the auto response noting that it's a false positive but just got yet another auto response with the same scanning result.
I am attaching the files in question as well as their source code, password is 'infected'.
The files are used and in circulation for ages as per this thread:
and suddenly a few months back several antivirus vendors started detecting it.
This affects a few helpful applications which make use of this setup.exe:
I hope someone from McAfee would eventually have a look and take the appropriate action.
false_positive.zip 5.6 K
That link I gave isn't just for Artemis-identified items. Perhaps one of their staff will answer this soon.
I have already followed what's not about Artemis.
1. Submitted the files to email@example.com, replied to the auto response as well
2. Submitted the files to http://vil.nai.com/vil/submit-sample.aspx
3. Sumbitted the files to https://www.webimmune.net/default.asp
4. Had a chat with tech. support who referred me back to http://vil.nai.com/vil/submit-sample.aspx although I explained that had been done
It's just a crazy loop lasting more than 2 weeks already which I am trying to break...
If you submitted the sample and got an auto-response then it will eventually be followed by the final answer usually within a matter of hours.
If negative simply reply disputing it.
First time I've submitted it was more than a week ago, never received second, 'final' response.
Disputing the auto response led to nothing as well, just yet another auto response, just like the semi-automatic emails from the tech. support where only name is the different part.
on 11/12/10 9:10:24 PM CST
That's odd I must say, they are usually pretty quick in my own experience. Hopefully one of their staff will spot this thread or you could submit it again.
Still no reply...
I'll alert someone to this thread.