cancel
Showing results for 
Search instead for 
Did you mean: 
elanman
Level 7

Artemis not found after Scanning Container.

Last night I inadvertantly downloaded an Artemis Trojan inpite of scanning the file with Virus scann (Mcafee Anti virus and anti spyware V18.0 build 18.0.9019 engine 2636)

When I opened the file Mcafee notified me that it had detected unwanted software several times and I confirmed the request to quarantine each time when I performed a full scan with no threats detected, However mt DVD drive had been renamed as the E drive and there was a D drive with 0 bytes of 643 free and several unfamiliar programes appeared ,so being a suspicious so-n-so i restored my system to a earlier configuration and re-insalled Mcafee total protection. A new full scan revealed trojans:-

PUP-RGQV

Artemis!237AAA173D67

Artemis!AB798F6DF51B

Artemis!237AAA173D67

Artemis!AB798F6DF51B

All of which were then quarantined and deleted I then shredded the downloaded file.

Am I expecting to much of Mcafee?

Does the fact that Mcafee didn't find the trojan before it was reinstalled indicate that Mcafee had been compromised and is this something I need to tell Mcafee about and how?

Are there any other procedures to check a downloaded file for threats?

I kknow these questions may be naive but this is the first occasion that Mcafee has really failed me in 10 years.

elanman

0 Kudos
6 Replies
exbrit
Level 21

Re: Artemis not found after Scanning Container.

I moved this to Malware Discussions > Artemis

Artemis by definition means an unknown detection so it isn't necessarily a threat, just something for the labs to look at.  Normally once detected it wouldn't be picked up a second time.

Some are often false detections and require clearance, see: 

A PUP is also not usually a threat, simply a programme you may wish to get rid of, but it's your choice.

PUP's can be ignored from future scans if you wish.

elanman
Level 7

Re: Artemis not found after Scanning Container.

Thanks any ideas about why virus scan didn't spot this before it was reinstalled?

0 Kudos
exbrit
Level 21

Re: Artemis not found after Scanning Container.

Sorry, not sure about that.  To be on the safe side it might be a good idea to try some 3rd party scans.  Try Malwarebytes Free for instance from the following link: Anti-Spyware/Malware/Hijacker Tools

No antivirus is 100% guaranteed  so maybe a good idea.

0 Kudos
elanman
Level 7

Re: Artemis not found after Scanning Container.

Thanks for the sugestion very illuminating

0 Kudos
SafeBoot
Level 21

Re: Artemis not found after Scanning Container.

sounds like you downloaded something which created a virtual drive with the malware in it - so the thing you downloaded was not really malware in its own right - it was also probably created just for that download - if you download it again I expect the hash would change.

Artemis is a behavioural detection engine - it catches things which look bad (but are not known to be either bad or good). Most of the detection within McAfee AV is "on access" so things can exist on disk, but if you don't do a full scan they won't be detected unless you try to run them.

So remember - a full scan detects things we know from past experience to be bad, but there are extra triggers which come into play to catch things we've never seen that are trying to behave badly.

elanman
Level 7

Re: Artemis not found after Scanning Container.

Thanks for the help to paraphrase mr Rumseld "the problem is the things we don't know are unknown"