4 Replies Latest reply on Nov 13, 2016 6:00 PM by catdaddy

    False Artemis!175F8585A987

    sclutter

        Please take a look at this hopefully false detection. The
      file is called DataExporter.exe and is part of PC-Charge (credit card
      processing software).

       

      The detection is only occurring during backups (using
      Netbackup) and is only showing up in the shadow copy file. Full scans of the
      server show clean.

       

      Here is a sample of the detection from the log:

          

      8/20/2014            9:52:51PM          Will be deleted after the next reboot (Clean failed)         NT
      AUTHORITY\SYSTEM                C:\ProgramFiles\Veritas\NetBackup\bin\bpbkar32.exe                \Device\HarddiskVolumeShadowCopy86\Program
      Files\Active-Charge\DataExporter.exe  Artemis!175F8585A987
      (Trojan)

             

      Please respond with any questions and to let me know what the issue is.

          

      Thank You!!

        • 1. Re: False Artemis!175F8585A987

          did you report the file to McAfee, as explained in the other posts in this group?

          • 2. Re: False Artemis!175F8585A987
            sclutter

            Yes I did. Is the 'virus_research@mcafee.com' address correct?

            • 3. Re: False Artemis!175F8585A987
              catdaddy

              @ Sclutter,

                              You can refer to the following Link in regards to submittal of your False Artemis!/Samples:

                                What To Do When McAfee Detects Software As An Infection - How to Submit To McAfee Labs & Appeal

               

                                You should receive an Automated confirmation from McAfee Labs after a successful Submission, Which will include a Analysis ID # indicating it is under Analysis. Please allow the Appropiate time to be processed which is generally (4-5) business days.

               

                                Should your issue still remain unresolved. Please post back the Anaylysis ID #, and quite possibly we can expedite the process by contacting one of the Techs available @ McAfee Labs. As they receive over 150,000 plus Detections at any given time, you can understand the need for time to process.

               

                                   To go one step further, to ease your mind. After submittal of your False Artemis!. You can open your McAfee UI/ go to Navigation/Scroll down to Quarantined and Trusted Items/Open Quarantined Items/Quarantined Potentially Unwanted Programs/Select/Delete/and Restart.

               

                                      After allowing Windows to fully load, I recommend Running the Latest McAfee Stinger( Read how to Download/Install/Scan) followed by the Latest McAfee Getsusp Tool, please enter your Email Address under "Preferences" before scanning. Last but not least, Run Malwarebytes (Free) Version only for another opinion.

               

                                      You can keep Malwarebytes (Free) onboard to compliment your McAfee Anti-Virus/Anti-Spyware as it is compatible, just remember to (Update) each time before scanning as a (On Demand Scanner).All of these Superb (Free) Tools /others can be found in the following link;  Anti-Spyware/Malware & Hijacker Tools

               

              Wishing you all the very Best,

              Regards,

              Catdaddy

              Volunteer Moderator 1

              • 4. Re: False Artemis!175F8585A987
                catdaddy

                sclutter,

                                    Marking this thread as 'Assumed Answered' and locking it, as it is over 2 years old. And no further correspondence.

                 

                By

                Moderator