×
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
user_96245
Former Member
Message 1 of 11

Artemis!4452d3ed295e on activate.apk ver V1.0.16

Jump to solution

McAfee is flagging activate.apk (V1.0.16) as a High threat risk. 

Type: non-removable system app

Package name: com.android.tbks

Detection name: Artemis!4452d3ed295e

Phone Info: Alcatel A30 - Model 5046S

Android Version 7.0

Android Security Patch Level: Sept 1, 2017

Baseband version: JO.2.0.c1-00150-8909_GEN_PACK-1

Kernal version: 3.10.49-gcb98184  android-bld@WS229 #1    Wed Aug 23 18:04:32 CST 2017

Build number: vEBB2

I've seen a number of threads about false positives for Artemis!   How do I determine if this is an actual threat or not?  Where do I provide additional information to McAfee to investigate?

Thanks,

Coleen

2 Solutions

Accepted Solutions
user_96245
Former Member
Message 10 of 11

Re: Artemis!4452d3ed295e on activate.apk ver V1.0.16

Jump to solution

I updated virus definitions (version shows 4.4.6.67.1038).

Performed a scan (which again comes back as no threats found).  But, when I close that screen and go back to the McAfee main screen, it still shows the Red We found 1 threat as shown above.   I didn't know how to remove the warning if it was old.  So I uninstalled & reinstalled McAfee Mobile Security.  Set it all up again and re-ran the scan.  Now the warning is gone.

So you can consider this closed.  If it reappears, I'll let you know.

Thanks,

Coleen

View solution in original post

catdaddy
MVP
MVP
Message 11 of 11

Re: Artemis!4452d3ed295e on activate.apk ver V1.0.16

Jump to solution

Thank you for the confirmation..

Cliff
McAfee Volunteer

View solution in original post

10 Replies
Peacekeeper
Message 2 of 11

Re: Artemis!4452d3ed295e on activate.apk ver V1.0.16

Jump to solution

Follow me and message me the link to the apk file and I will escalate it to the mobile malware team

user_96245
Former Member
Message 3 of 11

Re: Artemis!4452d3ed295e on activate.apk ver V1.0.16

Jump to solution

Can you help me with where I'd find the .apk file?  The phone is not rooted and I don't know how to show android system files.  (I did enable developer mode & enabled USB debugging).

I attached the phone to my computer and looked under Internal shared storage > Android - only thing I see is a text file under Android > Data > com.android.tbks 

I searched for activate.apk under internal shared storage and I'm not finding it.

Thanks,

Coleen

catdaddy
MVP
MVP
Message 4 of 11

Re: Artemis!4452d3ed295e on activate.apk ver V1.0.16

Jump to solution

I have escalated your issue to a Tier 3 Technical Engineer from the Mobile Malware Research Team. I am awaiting a response back and will update you immediately.

All the Best,

Cliff

Moderator

Consumer Products

Cliff
McAfee Volunteer
Peacekeeper
Message 5 of 11

Re: Artemis!4452d3ed295e on activate.apk ver V1.0.16

Jump to solution

Thanks CD was waiting for a file link but mobile app links beyond me.

catdaddy
MVP
MVP
Message 6 of 11

Re: Artemis!4452d3ed295e on activate.apk ver V1.0.16

Jump to solution

Hi Coleen,

                 Just received this correspondence from the Malware Research Team,

Hi Cliff,

We need to collect logs if the customer cannot provide the apk installer.

Steps to generate logs

1. Open Mobile Security on the customer's device.

2. Ask the customer to tap the top-bar 10 times with-in a 20-second span to start logging activity.

3. Replicate the problem.

4. Ask the customer to tap the top-bar 10 times to stop the logging process.

5. Please provide the time and date logs generated.

6. Provide McAfee email address and Device Hardware ID/IMEI

Thank you,

Dilly

Cliff
McAfee Volunteer
user_96245
Former Member
Message 7 of 11

Re: Artemis!4452d3ed295e on activate.apk ver V1.0.16

Jump to solution

I don't know how to "replicate" the problem as it just says it was found during a security scan.

I did activate the log, run a scan - which comes back as no threats found:

Screenshot_20171205-221407.png

But when you close that window it still shows We found 1 threat as shown here:

Screenshot_20171205-221812.png

When I click on the Review now option it show this:

Screenshot_20171205-221157.png

When I click on the Activate.apk item it shows this:

Screenshot_20171205-221209.png

Log was generated 12/5/17 approximately 10:15pm Mountain Time Zone (USA)

McAfee email address coleen.pub at sudsol.com  (replace at with @ sign)

Device IMEI is 355068080130279

Coleen

catdaddy
MVP
MVP
Message 8 of 11

Re: Artemis!4452d3ed295e on activate.apk ver V1.0.16

Jump to solution

I will pass this info back to the Engineer.

Thank you,

Cliff

Cliff
McAfee Volunteer
catdaddy
MVP
MVP
Message 9 of 11

Re: Artemis!4452d3ed295e on activate.apk ver V1.0.16

Jump to solution

Hi Colleen,

                     Dilly just informed me that your detection has been cleared. Please follow her instructions.

Hi Cliff,

The application has been marked clear.

Let the customer update virus def version and do scan again.

Thank you for your assistance.

Regards,

Dilly

Cliff
McAfee Volunteer
user_96245
Former Member
Message 10 of 11

Re: Artemis!4452d3ed295e on activate.apk ver V1.0.16

Jump to solution

I updated virus definitions (version shows 4.4.6.67.1038).

Performed a scan (which again comes back as no threats found).  But, when I close that screen and go back to the McAfee main screen, it still shows the Red We found 1 threat as shown above.   I didn't know how to remove the warning if it was old.  So I uninstalled & reinstalled McAfee Mobile Security.  Set it all up again and re-ran the scan.  Now the warning is gone.

So you can consider this closed.  If it reappears, I'll let you know.

Thanks,

Coleen

How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community