cancel
Showing results for 
Search instead for 
Did you mean: 
kwizzu
Level 9

False Artemis!864E8140AF4D for FastestTube for IE BHO component

Jump to solution

Hi!

I already posted here with similar questions about Artemis detection of our product, see . The issue was successfully solved.

Now we again encountered an Artemis problem with FastestTube BHO component.


FastestTube is a tool which allows users to download video from Youtube and also provide some Youtube usability improvements like a filtering ads inside video player and preventing video from playing without user's command. Official site of FastestTube is http://fastesttube.kiwzzu.com

FastestTube for IE is implemented as a BHO to be able to communicate with Youtube pages inside the IE. Exactly this BHO is now falsely detected as Artemis!864E8140AF4D

I also posted sample to the virus_research@mcafee.com

Please help us to solve this and remove false-positive detection. I can provide any additional information or other file samples by request.

Thanks in advance for your help.

Sincerely yours, Serg, FastestTube developer.

0 Kudos
1 Solution

Accepted Solutions
kwizzu
Level 9

Re: False Artemis!864E8140AF4D for FastestTube for IE BHO component

Jump to solution

Sorry for false alarm. Just rescanned the BHO again on virustotal and there is no detects from McAfee. So, looks like the problem is completely solved. I will monitor the VirusTotal for new detects for a few days and write here if something will change.

Once again, many thanks for the help with this issue.

0 Kudos
16 Replies
catdaddy
Level 20

Re: False Artemis!864E8140AF4D for FastestTube for IE BHO component

Jump to solution

,

                 It seems that this Detection was Cleared   Please confirm.....

Regards,CD

Cliff
McAfee Volunteer
0 Kudos
kwizzu
Level 9

Re: False Artemis!864E8140AF4D for FastestTube for IE BHO component

Jump to solution

Yes, detection for Installer was cleared. But new detection is not for installer, it's for the file inside installer. I.e. you can successfully download installer (with no detection), but when during installation installer began to unpack and install files, the one of the installed files (the BHO, main component) will be detected. So, the detection for the BHO is new case and it's not fixed yet.

0 Kudos
catdaddy
Level 20

Re: False Artemis!864E8140AF4D for FastestTube for IE BHO component

Jump to solution

I will once again contact someone on your behalf at McAfee Labs. Not for certain if you will have to re-submit?

I might add: FastestTube by Kwizzu - Should I Remove It?

Regards,

CD

Cliff
McAfee Volunteer
0 Kudos
kwizzu
Level 9

Re: False Artemis!864E8140AF4D for FastestTube for IE BHO component

Jump to solution

I will once again contact someone on your behalf at McAfee Labs.


Thank you!


Not for certain if you will have to re-submit?


Sorry, not fully understood this. Should I send sample again to the virus_research@mcafee.com or to another destination?


I might add: FastestTube by Kwizzu - Should I Remove It?


Interesting article, but the facts almost all wrong. FastestTube really can include additional ad-blocking features, but other facts are wrong (bundling of various 3-rd party software, popup advertising,  etc). All FastestTube features are visible and properly attributed as part of FastestTube. User can easily configure or disable any feature at any moment.

0 Kudos
kwizzu
Level 9

Re: False Artemis!864E8140AF4D for FastestTube for IE BHO component

Jump to solution

catdaddy wrote:


                 It seems that this Detection was Cleared Re: False Artemis!C6FF43A20974 for FastestTube for IE installer  Please confirm.....   



Ha-ha. Today I scan again our installer with Virustotal and it is detected as Artemis!D00DE18AADF6 by McAffee. So, the installer issue is actual again. Sent the sample to to the lab. Could you please advise, should I open new thread about installer or keep all information in this thread?

0 Kudos
catdaddy
Level 20

Re: False Artemis!864E8140AF4D for FastestTube for IE BHO component

Jump to solution

I would assume submitting the installer would be advisable. And any new Artemis! sample as you mentioned. As stated, I have contacted someone in regards to this. As for creating a new thread, you basically did when you brought the installer to our attention.

All the Best,

CD

Cliff
McAfee Volunteer
0 Kudos
kwizzu
Level 9

Re: False Artemis!864E8140AF4D for FastestTube for IE BHO component

Jump to solution

Got it!

Just received email that BHO was really a false positive and it was fixed. Waiting for signatures update to verify this. Also waiting for a solution for the installer.

, many thank you and all the virus lab team for quick responses and help!

catdaddy
Level 20

Re: False Artemis!864E8140AF4D for FastestTube for IE BHO component

Jump to solution

,

                 You are quite welcome, Actually all of the credit should go to the McAfee Lab Technicians/Engineers I am only a 'Messenger' if you will.

All the Best,

CD

Cliff
McAfee Volunteer
0 Kudos
kwizzu
Level 9

Re: False Artemis!864E8140AF4D for FastestTube for IE BHO component

Jump to solution

Hm... It's very strange, but today with new signatures, BHO is detected as "RDN/Generic.dx". So, Artemis issue looks really fixed, but false detection is still here . And the name looks like this detect is also caused by some heuristic mechanism.

Installer still detects as Artemis!D00DE18AADF6

0 Kudos