I received a pop up today from McAfee saying it found and quarentined the following trojan, Artemis!789F02E07883. I can't find any information doing a search online.
The file was located in C:\Users\name\Downloads\Unconfirmed 11144.crdownload
Is there any way I can find out more about this to help try and figure out how I got this?
Any help would be appreciated, thanks!
From another mods post>
Artemis is the name for the Active Protection component of VirusScan. When something is detected 'heuristically' and VirusScan isn't sure about it it consults an online database and if it still think it could be dangerous it quarantines it and labels it Artemis!xxxxxxxx where xxxx can be just about anything depending on where it indexes it.
It is explained here: http://community.mcafee.com/message/98519#98519
If you think it is an incorrect analysis then read here: https://community.mcafee.com/message/6645 on how to submit it to Mcafee.
You haven't said what you were trying to download. There is a VirusTotal report that includes this Artemis detection (see it HERE) where the downloader is also trying to load some unwanted adware - OpenCandy, in that case.
The file name you gave indicates that you were using Chrome for the download. The .crdownload suffix indicates that the download did not complete or the file would have been put, with its correct name, into the download folder. When Chrome downloads a file it first checks it for malware and may block it. You didn;t say if that happened so I assume not. Then McAfee runs its own checks on the file and, in your case, quarantined the file so interrupting Chrome's download process.
Is there any way I can find out more about this to help try and figure out how I got this
Nothing more I can tell you without knowing what you were doing at the time. The filename is no help.Message was edited by: Hayton on 12/05/14 03:29:48 IST
In regards to your second sentence mentioning Virus Total (see it HERE) , the link is not resolving itself. At least not on my end.
Well, I checked the link in the post using the HTML view and it's a valid URL. If the link is failing then it's the fault of SiteAdvisor because everything goes to sa-live.com for checking, and in that phase there's some extra padding around the URL. It's SiteAdvisor breaking the link.Message was edited by: Hayton on 12/05/14 03:59:41 IST
That could very well be the case. Especially with the server issues this weekend. I noticed in another thread, there were issues broken as well via Site Advisor. Just trying to let ya know
As a matter of fact,after attemtping to "View a Site Report", the server still has issues.
All other Features are functioning properly.
Message was edited by: catdaddy on 5/11/14 10:02:07 PM CDT
I had been downloading SpeedFan through download.com. It had some kind of odd download utility that I had not seen through download.com before. I cancelled things partially through since I didn't feel comfortable with it. Then I saw this pop up from Mcafee about this trojan.