cancel
Showing results for 
Search instead for 
Did you mean: 

False Artemis!94FA1A92FEBD

Hello,

I am the owner of LightLogger keylogger. All my files including setup file are signed with digital certificate issued by COMODO.

The latest setup file can be downloaded from Removed by moderator links to files that could contain malware are not allowed.

Please update your DB and change the name from artemis to, for example, LightLogger.Keylogger or anything similar.

https://www.virustotal.com/en/file/e93a87f7780a961776710a4af4b5a070d78bdbdda8d38368025a66807956bfac/...

Regards,

Valery.

Message was edited by: Peace Keeper
Links to malware files not allowed by terms of service

0 Kudos
16 Replies
Peacekeeper
Level 20

Re: False Artemis!94FA1A92FEBD

So you are not complaining about the detection but the name it is being detected by?

I have kept a copy of the link in case the techs need it.

Artemis detection is a temporary name so please confirm what you want done and I will pass it on.

If you feel the detection should not have occurred that is different and needs  another answer . best to confirm things first

0 Kudos

Re: False Artemis!94FA1A92FEBD

Hello,

The best variant is that Mcafee does not detect my signed files as malware.

If it is not possible, I would like the name relates to my product LightLogger.

Regards,

Valery.

0 Kudos
Peacekeeper
Level 20

Re: False Artemis!94FA1A92FEBD

Ok first we will try to get this as not detected

post the analysis id here and if not fix or solution in 4 days re-ask and I will pass this directly to the guys who look at them. I cannot jump direct to them as others in the queue are waiting.

When you submit the file say why you think it is fine and mention the 14/54 virustotal result. Also mention the name change if they will not come party to the clear slate.

0 Kudos

Re: False Artemis!94FA1A92FEBD

Hello,

Here is what I got

---

Analysis ID: 9074768

File Name            Findings                       Detection                    Type         Extra

--------------------|------------------------------|----------------------------|------------|-----

lightloggersetup.exe|current detection             |keylog-lightlogger          |Application |no

----

But when I did rescan via VirusTotal I got:

McAfee

Artemis!94FA1A92FEBD

20140815

McAfee-GW-Edition

Artemis!94FA1A92FEBD

20140814

So is my file is detected as "keylog-lightlogger" or as "Artemis"?

Regards,

Valery.

0 Kudos
catdaddy
Level 20

Re: False Artemis!94FA1A92FEBD

Actually the Analysis above speaks for itself. And Peacekeeper has initiated assistance to your issues. You say you are the (Owner) of the here-in mentioned Application. I see that you indeed have made a submission.

Have you tried the following method of submission also?

Detection Dispute Submission | McAfee Labs

What do you think PK? Didn,t mean to intrude upon your discussion.

Regards,

Catdaddy

Cliff
McAfee Volunteer
0 Kudos
SafeBoot
Level 21

Re: False Artemis!94FA1A92FEBD

It's detected as both. Explicitly as |keylog-lightlogger and behaviourally as Artemis!94FA1A92FEBD

Don't worry - McAfee users will not be infected with this tool. They are safe.

0 Kudos
Peacekeeper
Level 20

Re: False Artemis!94FA1A92FEBD

0 Kudos

Re: False Artemis!94FA1A92FEBD

2Peacekeeper:

Yes. Please rename to "Keylogger.LightLogger".

Regards,

Valery.

0 Kudos
Peacekeeper
Level 20

Re: False Artemis!94FA1A92FEBD

I cannot do that you need to the email you got asking for this. Probably when they give it a proper name it might be something like that but best to ask now. I will follow up with contact to the McAfee lab if you do not get an affirmative reply in 4 days.

Change the email subject to read request to rename detection

0 Kudos