McAfee Artemis/GTI File Reputation False Positive
FYI...
McAfee Artemis/GTI File Reputation False Positive
- https://isc.sans.edu/diary.html?storyid=16264
Last Updated: 2013-07-31 23:06:26 UTC - "... readers reporting false postive issues with McAffees GTI and Artemis products. According to a knowledgebase article on McAfee's site, it appears that the file reputation system is producing bad results due to a server issue [1]..."
[1] https://kc.mcafee.com/corporate/inde...ent&id=KB78993
Artemis false positive detections from Global Threat Intelligence
Last Modified: August 01, 2013 - "... updated as additional information becomes available. Please check back for more information.
Problem: McAfee has determined that Artemis/GTI File Reputation is producing some false-positive detections due to a server issue.
IMPORTANT: This is not an issue with the current McAfee DAT files.
Cause: This issue was caused by specific Global Threat Intelligence servers.
Solution: McAfee is investigating this issue. This article will be updated as additional information becomes available...
IMPORTANT: If you have files that were incorrectly detected, do not restart your systems. This could cause the files to be unrecoverable.
See the following workarounds for instructions to recover from this issue..."
- https://isc.sans.edu/forums/diary/Mc...Positive/16264
"... A remediation tool is now available. Customers with quarantined files should access KB78993 ( https://kc.mcafee.com/corporate/inde...ent&id=KB78993 ) to download the remediation tool and recover the quarantined files."
