4 Replies Latest reply on Jan 21, 2011 6:56 AM by ConorD62

    Possible False Positive - Artemis!8B6132F9B455



      this comes from the software Daemon Tools Pro 4.10.0215

      the file is: DTPROHLP.DLL


      the path is; C:\PROGRAM FILES (x86)\DAEMON TOOLS PRO\


      on WIndows 7





        • 1. Re: Possible False Positive - Artemis!8B6132F9B455

          Upload it to VirusTotal,

          If it comes back with anything else, it's a trojan.

          If nothing comes back, then read this post for more information on reporting false positives.

          Good Luck!

          • 2. Re: Possible False Positive - Artemis!8B6132F9B455

            There is a document in the Artemis Discussion forum which outlines what to do in the case of a suspected false positive. You seem to have read it, because you've created the thread and supplied the required information.


            Step 3 in that document says :

            3) If you are able to, please submit a sample of the file (zipped with a password of infected) to either virus_research@avertlabs.com (with the word FALSE in the subject line) or to webimmune and include the analysis ID you receive in the discussion thread you previously created.



            Step 3 is not always necessary, but what's most important is providing the full detection name.


            We will then investigate the detection and respond back as appropriate.

            For a suspected Artemis false positive, that is the recommended course of action.


            If you come across references to Platinum (for example, Platinum Portal), that refers to a Corporate Customer package. If you are a Home/Home Office user you'll be using the ServicePortal.



            Message was edited by: Hayton on 20/01/11 13:32:29 GMT
            • 3. Re: Possible False Positive - Artemis!8B6132F9B455



              thanks for your replies


              I've just done the third step you mentioned.


              My analysis ID is 6472556.


              the analysis seems to be:


              "The file received is infected and can be detected and removed with our current DAT
              files and engine. It is recommended that you update your DAT and engine files and scan
              your computer again.                                                   


              If you are not seeing this with the product you are using, please speak with technical
              support so that they can help you determine the cause of this discrepancy."




              the thing is, I KNOW FOR SURE the file is NOT infected. I've used this software for years. Many antivirus had issues with it but I was always able to bypass it.



              Ce message a été modifié par: pimpoum on 21/01/11 05:28:57 CST
              • 4. Re: Possible False Positive - Artemis!8B6132F9B455

                Hi Pimpoum,

                I think that if you email them again asking for a review, or just saying false review,

                They will look at it again.