Newest patch update for Starcraft II comes up as an Artemis trojan in McAfee and is immediately quarantined. Patching freezes at 98% and automatically retries until the user cancels the process.
Path: I:\STARCRAFT II\SUPPORT
Error message displayed when trying to install the patch:
The update could not be applied.
The file "I:\StarCraft II\Support\BlizzardDownloader.exe.4672bec7.temp" could not be renamed to "I:\StarCraft II\Support\BlizzardDownloader.exe". If this problem persists, you may be able to solve it by uninstalling and then reinstalling the game. If you are unable to correct this problem, please contact Blizzard Technical Support. (ConflictManager::ResolveConflicts/2)
The file "I:\StarCraft II\Support\BlizzardDownloader.exe.4672bec7.temp" could not be deleted. (ConflictManager::UncreateObjects)
Many other Starcraft II users with McAfee are reporting the same issue. Disabling McAfee and uinstalling/reinstalling Starcraft II does not do anything.
Thanks for any help.
I have discovered several false positives.
Here is a list of the Artemis numbers:
Is this sufficient, or will you need the actual files in order to whitelist them?
If so, how should I send them?
Thanks for reporting.
Do these files belong to a particular software company/package or are random suspected falses?
The detection names will suffice. I'll escalate these to our virus analyst to take a look.
Thanks very much for your quick response.
Yes, all of these files are in use on various CDs and DVDs distributed by Macmillan Education.
They are dictionaries and various educational tools used by students of English.
Macmillan is using a custom packer to protect their files. This is causing antivirus vendors to heuristically trigger on these applications.
Most of them have been located and added to our whitelist. I'll send you offline the list of files for which we will require the actual file.