2 Replies Latest reply on Feb 20, 2013 6:26 AM by mioshchikhes

    False positive Artemis!C3C8D16BE1B8 , Artemis!6716D43C4311, Artemis!6E5076DB1257 (Analysis ID: 7369061)

      Dear Madam or Sir,


      We have sent the samples to McAfee and have got the answer on 01/10/2013 (see below).

      Nevertheless, the malware messages are not suppressed.

      Please, suppress the messages for these three applications.



      -----Ursprüngliche Nachricht-----

      Von: Virus_Research@avertlabs.com [mailto:Virus_Research@avertlabs.com]

      Gesendet: Donnerstag, 10. Januar 2013 16:32

      An: Axel Ensinger

      Betreff: 7369061 - False positive Artemis!C3C8D16BE1B8 , Artemis!6716D43C4311, Artemis!6E5076DB1257


      McAfee Labs - Beaverton                                                               

      Current Scan Engine Version:5400.1158                                                 

      Current DAT Version:6950.0000                                                         

      Thank you for your submission.                                                        




      File Name            Findings                       Detection                    Type         Extra

      --------------------|------------------------------|---------------------------- |------------|-----

      jobdocuwareupdate.ex|inconclusive                  |                            |            |no  

      jobmailupdate.exe   |inconclusive                  |                            |            |no  

      jobserviceconfigupda|inconclusive                  |                            |            |no  


      inconclusive [jobdocuwareupdate.exe jobmailupdate.exe jobserviceconfigupdate.exe]                 


         Automated analysis was not able to determine that this file is malware. This file is  

      being sent for further processing and the DAT files will potentially be updated if    

      detection of this sample is warranted.                                                


      Note –                                                                                 


      Due to the prevalence of network gateway AV products, it is important that all        

      submissions be zipped and the zip file password-protected (password - infected). Some 

      products will reject an email that contains a virus that is not sent in this way. In  

      addition, often we receive a file that appears not to have been infected, to find     

      later that the file was infected when it left the sender, and was cleaned somewhere   

      along the line.                                                                       






      McAfee Labs