1 2 Previous Next 15 Replies Latest reply on May 29, 2015 5:38 AM by exbrit

    False Artemis!813E4FF9B8D5


      One plugin from some software we have used for years provided by a trusted developer.  This is being quarantined after a recent upgrade.  Please help!

        • 2. Re: False Artemis!813E4FF9B8D5

          Thanks Ex Brit.  I have already done that but the frustrating reply from avertlabs.com is below.  Obviously the solution I need is to get this listed as a trusted programme.  I've replied to that effect but I am not hopeful.  Any other suggestions?  PS.  I am not a techie, just a small business owner with 9 other staff who also have this problem and i need to sort it out for all of us.


          McAfee Labs Sample Analysis


          Thank you for submitting your suspicious file(s). We have determined that the following files are detected with our current DAT files.


          Reference  : (Escalation) 9415940



          +---------------------------+----------------------------------+--------------- ---+----------------------+-----------------+

          | File Name                 | MD5                              | Findings         | Detection            | Type            |

          +---------------------------+----------------------------------+---------------- --+----------------------+-----------------+


                  | image001.gif              | 373b9569212a964df9ba43024ca5eaf5 | clean            |                      | clean           |


          +---------------------------+----------------------------------+--------------- ---+----------------------+-----------------+








          To ensure that you have the maximum capability of detecting and cleaning this malware, please make sure you have the latest McAfee scanning engine.

          • 3. Re: False Artemis!813E4FF9B8D5

            Have the owner of the software contact the labs using this form:  Detection Dispute Submission | McAfee Labs


            Also if you are using Enterprise software you could open a case through the Portal.

            • 4. Re: False Artemis!813E4FF9B8D5

              ExBrit, you obviously know what you are talking about; I don't!  But I have now reached the stage where avertlabs aren't responding to my emails.  They sent me the email below with a .dat file.  But I don't have the folder "Engine".  I think it might have to be copied into C/Program Files/McAfee/MPF/data but when I try that it says access denied.  Any ideas?  Will this .dat file prevent McAfee from quarantining the file I need?


              Thank you for submitting your suspicious file(s) for analysis. Attached is an EXTRA.DAT file for extra detection.

              This update will be added to our daily production DATs as soon as possible. Usually this will be within the next 48 hours but may be longer in certain circumstances.




              The attached EXTRA.DAT file will detect the following submitted files:


              Filename MD5 digest

              -------- ----------

              1. sos.connect.4.17....813e4ff9b8d57b4c5af546ccbc3de6c0                                 


              The EXTRA.DAT file should be copied into the directory where the other DAT files reside (the default folder is: C:\Program Files\Common Files\McAfee\Engine).

              • 5. Re: False Artemis!813E4FF9B8D5

                Is this consumer version or enterprise version? Sounds as if they assume you have enterprise it uses dats consumer does not though not sure re extra dats

                • 6. Re: False Artemis!813E4FF9B8D5

                  It's the consumer version Peacekeeper.  The developers have also submitted information to McAfee but had no response.  I really am struggling here.  I don't understand why McAfee doesn't just let me mark the file as trusted....

                  • 7. Re: False Artemis!813E4FF9B8D5

                    Only if it detected as a PUP ie potentially Unwanted Program does it offer that option as to many users would click trust when it is really not a good idea to do so for other than PUPs.. The extra dat is as far as I remember corporate version only but it will be incorporated in a new dat/engine release soon.


                    See what Peter adds.Develops should use the link Peter gave in post 3

                    • 8. Re: False Artemis!813E4FF9B8D5

                      Thanks again Peacekeeper.  Trouble is, 11 days ago they told me it would be added to their daily production DATs as soon as possible. Usually this will be within the next 48 hours but may be longer in certain circumstances.  And this morning when I tried again, the file is still being quarantined.  Any idea how frequently they really do release these things?

                      • 9. Re: False Artemis!813E4FF9B8D5

                        Submit again then, the only possible way to a solution.


                        Edit: ignore, we my last response on page 2.

                        1 2 Previous Next