1 2 Previous Next 19 Replies Latest reply on Apr 4, 2017 7:49 AM by dmeier

    FALSE Artemis!4434F3C22855


      Our updater is detected as generic malware. Including McAfee


      Can you tell us on what base our updater is marker as malware so we can avoid this in the future. Our application is signed by a certificate we paid $120 for, just to avoid this issue, yet it started popping up again.


      So, please tell us why it failed and how we can avoid being marked as malware? We don't want this to start again when we update our application.


      Kind regards


      Attatchment removed until deemed safe by McAfee Labs.

        • 1. Re: FALSE Artemis!4434F3C22855

          Try following these Guidelines/Instructions What To Do When McAfee Detects Software As An Infection - How to Submit To McAfee Labs & Appeal


          I also noticed that your zip contained 50mbs, the individual limit is 10 mbs per zipped submission. It may be that you have to submit to VirusTotal.com and possibly provide the hashes  to me in a Direct Message. I will follow you just in case. Please hover over my Avatar,and click okay/done and follow me, if needed.

          1 of 1 people found this helpful
          • 2. Re: FALSE Artemis!4434F3C22855

            I will also add that once your software has been analyzed/processed and considered clean by McAfee standards. Quite possibly you could submit your software for future references/updates, to McAfee,a *GetClean* program.


            I will discuss this with the a McAfee Labs Engineer.

            1 of 1 people found this helpful
            • 3. Re: FALSE Artemis!4434F3C22855

              I received your hashes from Virus Total, Please be informed of your escalated ticket number:

              Ticket #: AM000882 - Artemis! (User could not submit normally 50mbs zip )

              • 4. Re: FALSE Artemis!4434F3C22855

                For your information:


                Hi Cliff,


                This sample has been escalated up to the research team for further analysis.




                • 5. Re: FALSE Artemis!4434F3C22855

                  Please confirm that your software/detection has indeed been suppressed:


                  Hi Cliff


                  The detection for this file has been suppressed.




                  • 6. Re: FALSE Artemis!4434F3C22855

                    This does NOT answer my question


                    My question was why our signed executable was marked as malware?




                    • 7. Re: FALSE Artemis!4434F3C22855

                      Excuse me?  The reason it was detected is McAfee deemed it as *Suspicious* not necessarily as Malware. Now it is no longer considered as such. So by saying your software is suppressed/clean. It is in my opinion *Answered*. For the sake of me, I cannot understand your logic.

                      • 8. Re: FALSE Artemis!4434F3C22855

                        Ok. here is my logic,


                        I am responsible for the update process for our companies software at our customers site. We have a lot of issues with AV software since they all tend to block our software now and then. To address this we started using "code signing" certificates. That's fine. Now suddenly (since last week or so) our signed executable are marked as "Suspicious* and are put in quarantine and/or scaring our customers with "scary" messages (not only McAfee but also a lot of other major AV solutions).


                        Its fine that the current executable is not marked as *Suspicious* anymore. But who says that the next version of our updater executable will not suddenly get marked?
                        We can also build another build of exactly the same code, and then It will also not being detected anymore. But its only a matter of time before it is marked again for no reason.


                        How can I tell our customer support team that they do not have to expect that suddenly the updates stop working because AV software has started blocking those again?


                        I just want to make sure that when our support team wants to update our application they don't have to worry about AV software.



                        You also do not block updates from for example "Google".

                        • 9. Re: FALSE Artemis!4434F3C22855

                          Due to the (Fact) I have taken every step possible to assist and get a resolution to your issue. And McAfee Labs has indeed found your software to be clean of any malicious content. I am marking this as *Correctly Answered* and locking.


                          If you have any further issues moving forward, Please start a new thread.

                          1 2 Previous Next