cancel
Showing results for 
Search instead for 
Did you mean: 

False Artemis!B2D10CE272A9

Hello,

As of at least 2011-11-28, McAfee 5.400.0.1158, and McAfee–GW–Edition 2010.1D are falsely flagging DownloadAdmin (e.g. vlcmediaplayer-setup.exe) as Artemis!B2D10CE272A9. DownloadAdmin is a TRUSTe Trusted Download – http://www.downloadadmin.com.

Please let me know if I can provide any additional information, such as a sample EXE, to resolve this false positive.

Thank you!

-Brian,

DownloadAdmin

0 Kudos
5 Replies
nownitin
Level 12

Re: False Artemis!B2D10CE272A9

Hi,

I am looking into this issue.

Regards,

Nitin

0 Kudos
nownitin
Level 12

Re: False Artemis!B2D10CE272A9

Hi,

This installer seems broken, The first window prompts the user to accept “something” – but it’s unclear what the user is accepting.

The second window prompts the user to installAsk.com toolbar but the display is off , it was reproducible on different test machines. Looks like unwanted program, Artemis detection seems to be accurate for this as not much user information prompts.

Regards,

Nitin Kumar

0 Kudos

Re: False Artemis!B2D10CE272A9

Hello Nitin,

Thanks for your quick response! DownloadAdmin requires IE7 or higher, and an open HTTP port 80 connection to render its installer screens. I have attached screenshots of the installer screens you should have seen for vlcmediaplayer-setup.exe. Please note that all sponsor products (e.g. Ask, EpicPlay, and Shop To Win) are completely optional, requiring the user to explicitly opt-in by choosing the "ACCEPT" button for each product.

I would appreciate it if you could verify the filename of the file in your system, and provide its MD5 hash if possible so I can identify it for troubleshooting on our side. I would also appreciate any suggestions for avoiding problems with Artemis' analysis engine in the future. For example, should we prevent the installer from running if we do not detect IE7 or higher on the user's system?

Thank you!

-Brian,

DownloadAdmin

DownloadAdmin01.png

DownloadAdmin02.png

DownloadAdmin03.png

DownloadAdmin04.png

DownloadAdmin05.png

DownloadAdmin06.png

0 Kudos
nownitin
Level 12

Re: False Artemis!B2D10CE272A9

Hi,

It works with IE7, but will not be able to remove detection since it is broken with other paltforms.

md5 of executable which i tested for is : b2d10ce272a9d4ad44178c788a2ab5a1, Please check the file with correction made.

Regards,

Nitin

0 Kudos

Re: False Artemis!B2D10CE272A9

Hello Nitin,

We are adding a web browser version check to prevent DownloadAdmin from running if the user does not have IE7 or higher. I should have an updated sample for you next week.

Thank you!

-Brian,

DownloadAdmin

0 Kudos