1 2 3 Previous Next 46 Replies Latest reply on Aug 15, 2013 10:26 AM by malware-alerts





      we have Mcafee AV 8.8.0 and we are receiven this alert for many valid programa




      is this a normal behavior????


      is ther a problem with DAT?????



        • 1. Re: Artemis

          We are experiencing issues with this as well.

          • 2. Re: Artemis

            Having the exact same problems... throughout the company.  On hold right now with support - hopefully this is not going to become a huge issue repairing deleted files.



            • 3. Re: Artemis

              We are in the same boat.   VS 8.8 with Artemis at Medium setting.   Over 10% of our clients, about 1000 unique exe files triggering 750+ Artemis detection IDs with No real virus detection identified.

              • 4. Re: Artemis

                I've diabled GTI for all systems due to this. I'm expecting McAfee to send some sort of notification on what happened here.

                • 5. Re: Artemis

                  We also disabled GTI for all systems.

                  • 6. Re: Artemis

                    McAfee just put out a tech article KB78993 about this error.


                    They are advising this is NOT NOT  a DAT issue.


                    They do not have a fix but recommend customers temporarily disable Global Threat Intelligence File Reputation until the issue is confirmed as resolved.  Text belwo


                    Technical Articles


                    Artemis false positive detections from Global Threat Intelligence

                    Technical Articles ID: KB78993

                    Last Modified: July 31, 2013



                    McAfee Global Threat Intelligence



                    This article will continue to be updated as additional information becomes available. Please check back for more information.



                    McAfee has determined that Artemis/GTI File Reputation is producing some falsepositive detections in North America due to a server issue.

                    IMPORTANT: This is not an issue with the current McAfee DAT files.



                    This is an issue with specific Global Threat Intelligence servers.



                    McAfee is investigating this issue. This article will be updated as additional information becomes available.



                    McAfee recommends that customers temporarily disable Global Threat Intelligence File Reputation until this issue is confirmed as resolved.

                    • 7. Re: Artemis

                      Can someone advise how to shut GTI off on EPO??

                      • 8. Re: Artemis

                        Out of 2500+ systems, we've had 23 systems (a few machines had several files deleted, so there were 38 incidents) all within 2:24pm - 3:30pm Central time with none since then.  All machines had DAT 7152 from yesterday, so it does not seem to be a "bad dat".  The deleted files all appear legitimate.  There is no apparant pattern to which files were deleted.  There is also no pattern to the machines affected; their OSes are XP, Win7, 2008.  Our Artemis setting in ePO is set to "Low", although I am now setting it to "Disable" until we hear something.



                        EDIT:  While typing this, McAfee released the KB.  Sorry for the late info!


                        Message was edited by: Travler on 7/31/13 3:49:52 PM GMT-06:00
                        • 9. Re: Artemis

                          Policies for virus scan, on access, and on demand scanner.

                          Set artemis to disabled.

                          Send wakeup to push out the policies.


                          not much time to talk now sorry hope this helps.

                          1 2 3 Previous Next