3 Replies Latest reply on Aug 13, 2014 9:37 AM by catdaddy

    False Artemis!E1139B0D8FBF

    tammiegadbois

      I'm reporting this as instructed here: What To Do When McAfee Detects Legitimate Software As An Infection - How to Submit To McAfee Labs & Appeal

       

      I noticed the install of the FTP portion of my weather software being flagged as a Trojan in Total Protection.

      I already sent the False Artemis!E1139B0D8FBF email.

       

      What is causing this please, I need this piece of the software as it is the FTP client I use for outgoing reports from my weather station. File was obtain from a trusted source at www.weatherdisplay.com download center.

       

      Please Help!

        • 1. Re: False Artemis!E1139B0D8FBF
          catdaddy

          Did you receive confirmation that your submission is being analyzed? You should receive a Analysis ID # with your email confirmation. Please allow (4-5) business days to be processed. If not resolved after the appropriate time allowed.

           

          Kindly post back the Analysis ID # associated with your submission. And quite possibly we can expedite the process ,by contacting someone from McAfee Labs.

           

          If by chance it was not (zipped/password protected) You can submit it through Running the McAfee Getsusp Tool. Please remember to enter your Email address under "Preferences" before scanning. You should receive a confirmation afterwards with a Work Item #, save it for future reference.

           

          Edited: To add more content

           

          All the best,

          Regards,

          Catdaddy

          McAfee Volunteer Moderator

          • 2. Re: False Artemis!E1139B0D8FBF

            The cause, is that the software you are using, uses programing techniques commonly used in malware - techniques NOT common in legitimate software.

             

            It's not a case of "I know this is bad because I've seen it before" it's a case of "I've not seen this before, but it looks VERY similar to stuff I know is bad".

             

            Though you'd not see it by looking in this form, the overwhelmingly vast portion of Artemis detections are valid - off the top of my head I think the system currently runs at around 1:1000, or 0.1% false positives (legitimate things which are tagged as potentially bad).

             

            Unfortunately, no one ever posts "Hey, Artemis saved me from some real Malware!" ;-)

            • 3. Re: False Artemis!E1139B0D8FBF
              catdaddy

              Please allow me to thank you for your invaluable input Safeboot.  I can see a user,s frustration to a certain extent. Having said that...As you stated. "Unfortunately , no one ever posts "Hey, Artemis! saved me from some (Real) Malware.

               

              This is why I am hesitant in mentioning the (File Exclusion) available in the 13.6 Consumer Version and up.

               

              At least allow the File/Program to be cleared/whitelisted. As you stated, there is a (Valid) reason for McAfee detecting it in the first place. Not trying to "Blow Smoke", if you will. But it is sincerely appreciated that someone from Management takes the time/effort to chime in and add to the discussion.

               

              Again, Thank you....

              Regards,

              Catdaddy

              McAfee Volunteer Moderator