GUYS!
Vino and Tony,
here I have the following info the customer received when sending the files via GetSusp:
SR Number Creation Date WorkItem ID Machine Name
========= ============== =========== ===========
None specified 8/15/2011 4:45:52 PM 279982 AMELIA_DELGADO
File Name Findings Detection Type
--------- -------- --------- ----
startup.ex_ detected generic.dx TROJAN
SR Number Creation Date WorkItem ID Machine Name
========= ============== =========== ===========
None specified 8/15/2011 4:51:05 PM 279986 AMELIA_DELGADO
File Name Findings Detection Type
--------- -------- --------- ----
ggxx.ex_ not_detected TROJAN
What do YOU think about this?
Can you help me provide a solution for the customer's problem?
I really appreciate all the help you have provided me with this issue.
So, I wait for the good news!!
Alex N.
Further info:
Startup.exe <---- Gears of War exec. file ,PC game.
ggxx.exe <---- Guilty Gear exec. file, PC game.
That's it.
Alex N.
Thanks Alex - I've escalated these two files to a researcher to have a look.
Startup.exe has 13/43 detections and ggxx.exe has 8/42 vendor detections on VirusTotal. Will update this thread shortly on the status of the analysis - unless these game file executables were patched to remove CD protection 😉
Thank you very much for your help Vinoo!
Now, could you explain me, whenever you have a minute, what does "13/43 and 8/42 vendor detections" means?
Thanks again, and in advance.
Alex N.
It means that the file has 13 detections as malware etc from a test scan of 43 Anti virus products. This is what virustotal site does.ie www.virustotal.com
OK.
So this appears to me as to the majority of the solutions dont consider these files a threat.
I hope we can provide the customer a solution.
Thank you for the info Tony!
Alex N.
Wait and see what the guru says.
Both files have been analyzed clean and detection suppressed. The Artemis detection on ggxx.exe should not occur right away while the suppression for Startup.exe will reflect in tomorrow's 6442 DAT release.
Best,
Vinoo
Allright!
Thank you very much for the great news!
I'll try to contact the customer ASAP.
I let you know the final conclusion of the case.
Thanks again!
Alex N.
Thanks vinoo for your assistance
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: