cancel
Showing results for 
Search instead for 
Did you mean: 

False Artemis!2563A98B058B

This is an addon for one of my games called Payday 2. I know its not a virus. Please help.

0 Kudos
18 Replies

Re: False Artemis!2563A98B058B

Also the file is PD2APIDLL1.dll

catdaddy
Level 20

Re: False Artemis!2563A98B058B

Please refer to what Herdprotect has to say about this particular file Here

If you feel that this is a False Detection,please follow the Guidelines/Instructions below my Signature (Last Link)...

I might add that in Version ( 13.6) the capability to exclude certain files from RTS has been reintroduced.

However that is at your own risk.

Edited; To add what VirusTotal analysis was HERE

All the very best,

Regards,

Message was edited by: catdaddy on 7/23/14 7:18:39 PM EDT
Cliff
McAfee Volunteer
0 Kudos
imsvale
Level 7

Re: False Artemis!2563A98B058B

VirusTotal scan by HoxHud (name of the mod) developers upon release of the latest version of HoxHud:

https://www.virustotal.com/en-gb/file/f695e41d28c23e7907fde1e47f53a4328b984746f3dbb72dfbaceab85e3496...

VirusTotal scan today (same version, so file is unchanged):

https://www.virustotal.com/en-gb/file/f695e41d28c23e7907fde1e47f53a4328b984746f3dbb72dfbaceab85e3496...

What needs to be done to prevent this relegation? McAfee cannot keep detecting this as malware by inference in this manner; it's clumsy, and it's frustrating for users of a perfectly legitimate piece of software.

You mention 13.6 (2014) reintroducing the option to manually exclude files. What about users of version 12 (2013)?

0 Kudos
catdaddy
Level 20

Re: False Artemis!2563A98B058B

@imsvale,

               I can appreciate your frustration, and your eagerness in regards to being a Gamer, wanting to play. I am fully aware of the HoxHud Mod,and various others.Especially associated with the Steam/Minecraft Programs/Downloads.

              Evidently Not only McAfee, yet other Anti-Virus engines detect something that is either Suspicious/Malicious in the codecs of the Download itself. I have no control over what McAfee or any other Security application detects.

               I am simply a (Volunteer Moderator) and Consumer like yourself. All I can do is from prior experience dealing with such questions, attempt to offer one advice/suggestions to possibly resolve your issue.

                As I suggested earlier in this thread, If you feel that this is indeed a Legitimate piece of software, then please submit it to McAfee Labs following the guidelines/instructions in the Link below my signature.Quite possibly after analysis of the mentioned software, it may be whitelisted.

                 The 13.6 Version is being throttled out to Consumers as we correspond.

               Having said that, one has to be cautious in utilizing such exclusions. For the end result being that it can become a "Double-Edged sword" if you will. Resulting in Consumers complaining to us, on why they are experiencing unfavourable behaviour on their systems, due to (Allowing) the Download/Installation.

                In other words,I am simply attempting to assist you...Please don,t "Shoot the Messenger", if you will.

Wishing you the very best,

Regards,

Cliff
McAfee Volunteer
0 Kudos
imsvale
Level 7

Re: False Artemis!2563A98B058B

Sure, I understand. But seeing as one usually can't get in direct touch with the engineers behind the program, these community forums with their community representatives is where frustration is vented and voluntary moderators such as yourself end up taking most of the abuse.

That said, I only wish for the engineers to take this into consideration – for the message to be passed on, if you will. I understand HoxHud uses Themida for protection against reverse-engineering. Many malware creators also use Themida to hide their malware from detection. I assume that Artemis thus infers malware on the basis of Themida being used. McAfee has effectively blacklisted Themida (which is itself legitimate) and everyone who chooses to use this. This is ... unfortunate. I do however see the dilemma, and a manual exclusion option is all that is needed to sort this out. Manual exclusion is of course done entirely at your own risk. I don't know what to say for people who don't understand this.

I had submitted a previous version of this file (and I did just submit this new file, no worries), on behalf of a friend (the actual user of McAfee). I guess it's only fair the file has to be submitted again when a new version is released. What I don't understand is the exact same version initially being whitelisted, and later has returned to being detected as malware. As you can see, the two files are identical.

Anyway, thanks for your answers.

For someone who uses McAfee (something) 2013, are they supposed to receive a free upgrade to 2014? I read something about this regarding 2012 and 2013 editions.

0 Kudos
catdaddy
Level 20

Re: False Artemis!2563A98B058B

Yes...As long as you have a Active subscription it will eventually Auto Update to 13.6.1012, (From my understanding) Also if you have not had your issues resolved with-in (4-5) buisness days. Please post back the Analysis ID #, and quite possibly we can expedite the process.

Thank you for your patience and understanding

All the best,

Regards,

Cliff
McAfee Volunteer
0 Kudos
Peacekeeper
Level 20

Re: False Artemis!2563A98B058B

I would add that the feature in 13.6 to exclude a file may not exclude it if mcafee detects malware. This feature is new and we are still getting info re it and how it works. Also 13.6 is not available for xp installs. Best way is to submit the file and get it whitelisted.

0 Kudos
catdaddy
Level 20

Re: False Artemis!2563A98B058B

Exactly..  Thanks PK. Especially pointing out not being available for XP. I inadvertently neglected to mention that.....

Cliff
McAfee Volunteer
0 Kudos
imsvale
Level 7

Re: False Artemis!2563A98B058B

"I would add that the feature in 13.6 to exclude a file may not exclude it if mcafee detects malware."

I'm confused. Then what is the point of whitelisting? Why would you need to whitelist something McAfee doesn't interfere with anyway?

Edit: Are we making a distinction between potentially unwanted, and definite malware? Then that wouldn't be a problem, I guess.

Message was edited by: imsvale on 7/25/14 8:30:21 AM CDT
0 Kudos