3 Replies Latest reply on Feb 17, 2011 1:59 PM by vinoo

    Artemis False Positive - Artemis!851D3A4AA8A5

      Name of detection:  Artemis!851D3A4AA8A5

      Mcafee version:   5.400.0.1158

      Software location (URL):  http://www.connecta2000.com/descarga/InstalaConnecta.exe            

      MD5 hash of file:  851d3a4aa8a583b6f97d02a236a0ceab

       

      This is a online installer. It launch the Windows Installer Package (MSI) downloading this file: http://idd0084x.en.eresmas.net/descarga/Connecta.2000.v7.50.3.msi

      Both files are digitally signed ensuring that they have not been altered.

       

      Thanks!

                 

        • 1. Re: Artemis False Positive - Artemis!851D3A4AA8A5

          I sent the sample to McAfee Labs but have not yet received a reply:

           

           

          6446087 - *FALSE POSITIVE*  InstalaConnecta.exe

           

          McAfee Labs - Beaverton                                                              

          Current Scan Engine Version:5400.1158                                                

          Current DAT Version:6211.0000                                                        

          Thank you for your submission.                                                       

           

          Analysis ID: 6446087

           

          File Name           Findings                      Detection                   Type         Extra

          --------------------|------------------------------|---------------------------- |------------|-----

          instalaconnecta.exe |inconclusive                  |                            |            |no  

           

          inconclusive [instalaconnecta.exe]                                                                

           

             Upon analysis the file submitted does not appear to contain one of the 200,000 known  

          threats in the AutoImmune database. The file may contain a new threat, or no code     

          capable of being infected. Your submission is being forwarded to an McAfee Labs       

          Researcher for further analysis. You will be contacted by McAfee through e-mail with  

          the results of that analysis.                                                         

           

                     

           

           

          Today is still a false positive:   (all are negative except McAfee antivirus)

          http://www.virustotal.com/file-scan/report.html?id=8b635997bf634f9347f498b2b4e38 0c3301587db0287c63256b18ae0c850229f-1296497255

           

          Is there any solution?

           

          Thanks

           

           

          El mensaje fue editado por: jogal on 31/01/11 12:39:36 CST
          • 2. Re: Artemis False Positive - Artemis!851D3A4AA8A5

            What else should I do to add it to the whitelist?

             

            I'm having trouble with a bad reputation in the domain connecta2000.com because of his "Artemis" and not even get any answer... is frustrating

             

            Example:
            http://bdtoavchd.software.informer.com/
            http://www.siteadvisor.com/sites/www.connecta2000.com

            • 3. Re: Artemis False Positive - Artemis!851D3A4AA8A5
              vinoo

              Apologies for the delay. The file has been whitelisted - give it ~25 mins for the Artemis detection to go away.