My McAfee virus scanner just detected the Artemis!E4857B9E3DF5 Trojan in the gdiplus.dll during installation of EraserDropPortable version 2.1 (just downloaded today).
Has anyone else seen this?
I've used an earlier version of the app before, and it did *not* have the trojan in it. The app still _seems_ to work without the (replacement) DLL.
Info on the (original) DLL:
According to MSDN, Windows GDI+ (gdiplus.dll) is a class-based API for C/C++ programmers. It enables applications to use graphics and formatted text on both the video display and the printer. This trojan DLL is trying to exploit a vulnerability in that Windows will try to load a DLL from the directory from which the app was opened before searching for it in the system path.
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
It's a false positive. If you check it on VirusTotal, you'll see it's just a McAfee issue again. Please report it to them.
Sometimes, the impossible can become possible, if you're awesome!
Thanks for the false positive report. I'll let my I.T. team know.
Any idea why it replaces the GDI+ DLL when it works without it?
:Michael
It doesn't replace the one on the PC already (as in copy itself onto the local PC), it's there in case there isn't on on the local PC already. Otherwise, if there isn't one on the local PC, the app would just crash.
Sometimes, the impossible can become possible, if you're awesome!