1 2 Previous Next 18 Replies Latest reply on Sep 7, 2014 3:08 PM by catdaddy

    False Artemis!2563A98B058B

    zacharystaton

      This is an addon for one of my games called Payday 2. I know its not a virus. Please help.

        • 1. Re: False Artemis!2563A98B058B
          zacharystaton

          Also the file is PD2APIDLL1.dll

          • 2. Re: False Artemis!2563A98B058B
            catdaddy

            Please refer to what Herdprotect has to say about this particular file Here

            If you feel that this is a False Detection,please follow the Guidelines/Instructions below my Signature (Last Link)...

             

            I might add that in Version ( 13.6) the capability to exclude certain files from RTS has been reintroduced.

            However that is at your own risk.

             

            Edited; To add what VirusTotal analysis was HERE

             

            All the very best,

            Regards,

             

            Message was edited by: catdaddy on 7/23/14 7:18:39 PM EDT
            1 of 1 people found this helpful
            • 3. Re: False Artemis!2563A98B058B
              imsvale

              VirusTotal scan by HoxHud (name of the mod) developers upon release of the latest version of HoxHud:

               

              https://www.virustotal.com/en-gb/file/f695e41d28c23e7907fde1e47f53a4328b984746f3 dbb72dfbaceab85e3496fd/analysis/1405130452/

               

              VirusTotal scan today (same version, so file is unchanged):

               

              https://www.virustotal.com/en-gb/file/f695e41d28c23e7907fde1e47f53a4328b984746f3 dbb72dfbaceab85e3496fd/analysis/1406280845/

               

              What needs to be done to prevent this relegation? McAfee cannot keep detecting this as malware by inference in this manner; it's clumsy, and it's frustrating for users of a perfectly legitimate piece of software.

               

              You mention 13.6 (2014) reintroducing the option to manually exclude files. What about users of version 12 (2013)?

              • 4. Re: False Artemis!2563A98B058B
                catdaddy

                @imsvale,

                 

                               I can appreciate your frustration, and your eagerness in regards to being a Gamer, wanting to play. I am fully aware of the HoxHud Mod,and various others.Especially associated with the Steam/Minecraft Programs/Downloads.

                 

                              Evidently Not only McAfee, yet other Anti-Virus engines detect something that is either Suspicious/Malicious in the codecs of the Download itself. I have no control over what McAfee or any other Security application detects.

                 

                               I am simply a (Volunteer Moderator) and Consumer like yourself. All I can do is from prior experience dealing with such questions, attempt to offer one advice/suggestions to possibly resolve your issue.

                 

                                As I suggested earlier in this thread, If you feel that this is indeed a Legitimate piece of software, then please submit it to McAfee Labs following the guidelines/instructions in the Link below my signature.Quite possibly after analysis of the mentioned software, it may be whitelisted.

                 

                                 The 13.6 Version is being throttled out to Consumers as we correspond.

                 

                               Having said that, one has to be cautious in utilizing such exclusions. For the end result being that it can become a "Double-Edged sword" if you will. Resulting in Consumers complaining to us, on why they are experiencing unfavourable behaviour on their systems, due to (Allowing) the Download/Installation.

                 

                                In other words,I am simply attempting to assist you...Please don,t "Shoot the Messenger", if you will.

                 

                Wishing you the very best,

                Regards,

                • 5. Re: False Artemis!2563A98B058B
                  imsvale

                  Sure, I understand. But seeing as one usually can't get in direct touch with the engineers behind the program, these community forums with their community representatives is where frustration is vented and voluntary moderators such as yourself end up taking most of the abuse.

                   

                  That said, I only wish for the engineers to take this into consideration – for the message to be passed on, if you will. I understand HoxHud uses Themida for protection against reverse-engineering. Many malware creators also use Themida to hide their malware from detection. I assume that Artemis thus infers malware on the basis of Themida being used. McAfee has effectively blacklisted Themida (which is itself legitimate) and everyone who chooses to use this. This is ... unfortunate. I do however see the dilemma, and a manual exclusion option is all that is needed to sort this out. Manual exclusion is of course done entirely at your own risk. I don't know what to say for people who don't understand this.

                   

                  I had submitted a previous version of this file (and I did just submit this new file, no worries), on behalf of a friend (the actual user of McAfee). I guess it's only fair the file has to be submitted again when a new version is released. What I don't understand is the exact same version initially being whitelisted, and later has returned to being detected as malware. As you can see, the two files are identical.

                   

                  Anyway, thanks for your answers.

                   

                  For someone who uses McAfee (something) 2013, are they supposed to receive a free upgrade to 2014? I read something about this regarding 2012 and 2013 editions.

                  • 6. Re: False Artemis!2563A98B058B
                    catdaddy

                    Yes...As long as you have a Active subscription it will eventually Auto Update to 13.6.1012, (From my understanding) Also if you have not had your issues resolved with-in (4-5) buisness days. Please post back the Analysis ID #, and quite possibly we can expedite the process.

                     

                    Thank you for your patience and understanding

                     

                    All the best,

                    Regards,

                    • 7. Re: False Artemis!2563A98B058B
                      Peacekeeper

                      I would add that the feature in 13.6 to exclude a file may not exclude it if mcafee detects malware. This feature is new and we are still getting info re it and how it works. Also 13.6 is not available for xp installs. Best way is to submit the file and get it whitelisted.

                      • 8. Re: False Artemis!2563A98B058B
                        catdaddy

                        Exactly..  Thanks PK. Especially pointing out not being available for XP. I inadvertently neglected to mention that.....

                        • 9. Re: False Artemis!2563A98B058B
                          imsvale

                          Alright, I'll see if his version 12.8 gets updated to 13.6 (we're talking Security Center version, right?). Seems like a big leap from 12.8 to be honest, so I was thinking his software wasn't being updated properly. Last update for his Security Center was 21 May 2014. Does that sound right?

                           

                          Is v13.6 out yet, or is it on its way?

                           

                          Edit: Ah, new replies in the meantime. Thanks.

                           

                          Message was edited by: imsvale on 7/25/14 8:22:13 AM CDT
                          1 2 Previous Next