We are experiencing issues with this as well.
We are in the same boat. VS 8.8 with Artemis at Medium setting. Over 10% of our clients, about 1000 unique exe files triggering 750+ Artemis detection IDs with No real virus detection identified.
I've diabled GTI for all systems due to this. I'm expecting McAfee to send some sort of notification on what happened here.
We also disabled GTI for all systems.
McAfee just put out a tech article KB78993 about this error.
They are advising this is NOT NOT a DAT issue.
They do not have a fix but recommend customers temporarily disable Global Threat Intelligence File Reputation until the issue is confirmed as resolved. Text belwo
Artemis false positive detections from Global Threat Intelligence
Technical Articles ID: KB78993
Last Modified: July 31, 2013
McAfee Global Threat Intelligence
This article will continue to be updated as additional information becomes available. Please check back for more information.
McAfee has determined that Artemis/GTI File Reputation is producing some falsepositive detections in North America due to a server issue.
IMPORTANT: This is not an issue with the current McAfee DAT files.
This is an issue with specific Global Threat Intelligence servers.
McAfee is investigating this issue. This article will be updated as additional information becomes available.
McAfee recommends that customers temporarily disable Global Threat Intelligence File Reputation until this issue is confirmed as resolved.
Can someone advise how to shut GTI off on EPO??
Out of 2500+ systems, we've had 23 systems (a few machines had several files deleted, so there were 38 incidents) all within 2:24pm - 3:30pm Central time with none since then. All machines had DAT 7152 from yesterday, so it does not seem to be a "bad dat". The deleted files all appear legitimate. There is no apparant pattern to which files were deleted. There is also no pattern to the machines affected; their OSes are XP, Win7, 2008. Our Artemis setting in ePO is set to "Low", although I am now setting it to "Disable" until we hear something.
EDIT: While typing this, McAfee released the KB. Sorry for the late info!
Policies for virus scan, on access, and on demand scanner.
Set artemis to disabled.
Send wakeup to push out the policies.
not much time to talk now sorry hope this helps.