Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
2426 Views 12 Replies Latest reply: Feb 9, 2012 5:53 AM by soporteln RSS Branched to a new discussion. 1 2 Previous Next
soporteln Newcomer 7 posts since
Feb 3, 2012
Currently Being Moderated

Feb 3, 2012 7:02 AM

FALSE POSITIVE - Detected as Artemis!1BA11ED92F48

Some legitime applications and DLL's, ICGHGRAF.DLL has been created by a company. However, it has still been  detected as Artemis!1BA11ED92F48 threat by McAfee. Please, check/remove this false positive detection.

Attachments:
  • Lakshmanan Sathyamoorthy Champion 308 posts since
    May 16, 2011

    Hi Soportein,

     

    McAfee identified as Generic.Tra!a711be9dccc0 if your product is enter prise edition like VSE kindly follow the below steps . if your Home user kindly contatct the McAfee support.

     

    McAfee Labs Sample Analysis

    Issue Number:  6893450  

    Identified: Generic.TRA

     

    McAfee Labs, McAfee Labs

     

    Thank you for submitting your suspicious files.

     

    Synopsis -

     

    Attached is a file for extra detection, which will be included in a future DAT set.

     

    Solution -

     

    EXTRA.DAT

    The extra dat will detect the following files in the escalation.

     

    Filename            MD5 digest                                                      

    --------            ----------                                                      

    icghgraf.dll        a711be9dccc040b646d5f59a2ba38a4e                                

     

    The file should be copied into the directory where the other DAT files reside (with default installation, C:\Program Files\Common Files\McAfee\Engine).

     

    Once you have copied the file, reboot the system for the driver to be loaded.

    Attachments:

    Regards,

    Lakshmanan S




  • Lakshmanan Sathyamoorthy Champion 308 posts since
    May 16, 2011

    Hi Soportein,

     

    the above file is also thw same variant of previous infected file kindly find the analysis information

     

    McAfee Labs Sample Analysis

    Issue Number:  6893639  

    Identified: Generic.TRA

     

    McAfee Labs, McAfee Labs

     

    Thank you for submitting your suspicious files.

     

    Synopsis -

     

    Attached is a file for extra detection, which will be included in a future DAT set.

     

    Solution -

     

    EXTRA.DAT

    The extra dat will detect the following files in the escalation.

     

    Filename            MD5 digest                                                      

    --------            ----------                                                      

    icgresources.dll    2d1a99309fa4b7ab5e3f0cc4eadbf631                                

     

    The file should be copied into the directory where the other DAT files reside (with default installation, C:\Program Files\Common Files\McAfee\Engine).

     

    Once you have copied the file, reboot the system for the driver to be loaded.


    Regards,

    Lakshmanan S




  • Lakshmanan Sathyamoorthy Champion 308 posts since
    May 16, 2011

    The Detection name is Generic.Tra!2d1a99309fa4

     

    kindly apply the extra DAT if you are enterprise customer else the Extra detection wll be covered in future update.

    Attachments:

    Regards,

    Lakshmanan S




  • Peacekeeper Volunteer Moderator 21,384 posts since
    Nov 23, 2002

    Did you submit the files to McAfee as laid out here

    http://vil.nai.com/vil/submit-sample.aspx

    Reply to the auto detection reply changing the subject to false +ve and name of detection.

     

    Note the analysis ID in your post here if no fix in 3 days. I will get it escalated.

     

    Message was edited by: Peacekeeper on 9/02/12 6:33:28 AM

    Tony
    Volunteer Moderator
    Mcafee Total Protection 7.0 beta, Windows 8 64bit
    No Unrequested PMs please
    Do you have an idea for improving McAfee products? Please share it in the new Ideas community space!  NOTE: You must register an account first.

  • SamSwift Group Leader 651 posts since
    Nov 9, 2009

    Have asked research to look into this.

     

    Sam

1 2 Previous Next

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points