0 Replies Latest reply on Mar 7, 2011 3:27 PM by Red Dawn

    False positive Artemis!4ED0F5023368



      Today I submitted sd1.1.0.325_setup.exe to avert labs, as McAfee is currently flagging it as Artemis!4ED0F5023368. This file is the installer for Shadow Defender, a well known and legitimate virtualization app.




      Here is the reply from Avert.


      -------------------------------------------------------------------------------- --------


      McAfee Labs Sample Analysis

      Issue Number:  6546752  

      Identified: Generic.TRA


      McAfee Labs, McAfee Labs


      Thank you for submitting your suspicious files.


      Synopsis -


      Attached is a file for extra detection, which will be included in a future DAT set.




      The extra dat will detect the following files in the escalation.


      Filename            MD5 digest                                                      

      --------            ----------                                                      



      -------------------------------------------------------------------------------- -------



      I didn't ask for an extra DAT to detect this file, McAfee is already flagging the file.


      And as far as I know, users who get Artemis detections don't receive extra DATS.


      I don't believe this file was checked properly.




      Can someone please check this file again, as I'm quite sure it is a false positive.