1 of 1 people found this helpful
Submit the file as per
They will immediately reply saying it is infected . Reply to that email with subject "false +ve detection Artemis!C9BEA7A645AB"
Post the analysis number from the reply email here and if no fix in 3 days post back and I will stir them up.
I submitted it on 6/4 and got the following reply but have not heard anything since. Do you know if they notify you directly or it just gets updated without any notification?
McAfee Labs - Beaverton
Current Scan Engine Version:5400.1158
Current DAT Version:6732.0000
Thank you for your submission.
Analysis ID: 7058755
File Name Findings Detection Type Extra
mass effect trainer |inconclusive | | |no
inconclusive [mass effect trainer +12.exe]
Automated analysis was not able to determine that this file is malware. This file is
being sent for further processing and the DAT files will potentially be updated if
detection of this sample is warranted.
Due to the prevalence of network gateway AV products, it is important that all
submissions be zipped and the zip file password-protected (password - infected). Some
products will reject an email that contains a virus that is not sent in this way. In
addition, often we receive a file that appears not to have been infected, to find
later that the file was infected when it left the sender, and was cleaned somewhere
along the line.
They should notify you but will ping a lab techa nd get him to have a look see
Do you have a public link from where this trainer file can be downloaded from? This is needed to verfiy its origin.
There are 20+ vendors detecting this file currently.
It's from a member only site CheatHappens.com so you can't exactly link directly to the file without a login but it's located here: http://www.cheathappens.com/13879-PC-Mass_Effect_cheats. It's the first one on the list called MASS EFFECT MEGA TRAINER 1.02 (STEAM).
Thanks for the info.
File has been whitelisted. Give it ~25 mins for the false suppression to populate the Artemis cloud.
Hmmm. Been more than 24hrs and it still tries to quarantine it as soon as I unzip it to a folder location. I've manually run the update process in McAfee Security Center and even rebooted my PC but still quarantines the file the moment I extract it.
My software info:
McAfee SecurityCenter McAfee VirusScan McAfee Person Firewall McAfee SiteAdvisor McAfee Anti-Spam McAfee Parental Controls McAfee QuickClean and Shredder
Version: 11.0 Version: 15.0 Version: 12.0 Version: 3.4 Version: 12.0 Version: 13.0 Version: 11.0
Build: 11.0.678 Build: 15.0.302 Build: 12.0 Build: 126.96.36.199 Build: 12.0.292 Build: 13.0.319 Build: 11.4.418
Affid: 636 DAT: 6739 Affid: 636 Content Ver: 4249
Boot DAT: 6732.0000
You're right. Let me escalate to the backend team to find out what's going wrong.