0 Replies Latest reply on Mar 7, 2011 3:27 PM by Red Dawn

    False positive Artemis!4ED0F5023368

      Hi,

       

      Today I submitted sd1.1.0.325_setup.exe to avert labs, as McAfee is currently flagging it as Artemis!4ED0F5023368. This file is the installer for Shadow Defender, a well known and legitimate virtualization app.

       

       

       

      Here is the reply from Avert.

       

      -------------------------------------------------------------------------------- --------

       

      McAfee Labs Sample Analysis

      Issue Number:  6546752  

      Identified: Generic.TRA

       

      McAfee Labs, McAfee Labs

       

      Thank you for submitting your suspicious files.

       

      Synopsis -

       

      Attached is a file for extra detection, which will be included in a future DAT set.

       

      EXTRA.DAT

       

      The extra dat will detect the following files in the escalation.

       

      Filename            MD5 digest                                                      

      --------            ----------                                                      

      sd1.1.0.325_setup...4ed0f50233680ffc37fbe5cf8057c634     

       

      -------------------------------------------------------------------------------- -------

       

       

      I didn't ask for an extra DAT to detect this file, McAfee is already flagging the file.

       

      And as far as I know, users who get Artemis detections don't receive extra DATS.

       

      I don't believe this file was checked properly.

       

       

       

      Can someone please check this file again, as I'm quite sure it is a false positive.