cancel
Showing results for 
Search instead for 
Did you mean: 
lrock
Level 9

Increased Trojan / Malware Detection after changing Artemis Sensitivity Level

Jump to solution

VSE 8.8 Patch 2

McAfee Agent 4.5

Since we changed the Artemis Sensitivity Level from Very Low to Medium, we've recieved an increased number of threat notifications.

Example:

c:\documents and settings\username\local settings\temporary internet files\content.IE5\....

Trojan detected

JS/Redirector.xx

JV/Blacole-....

JS/Exploit....

We are mandated to have the ePO On Access Policies for Artemis sensitivitiy level to Medium. I'm trying to rule out false positives in this regard.

I may just need to open a support case with McAfee though I wanted to see if others are experiencing a similar response. If there are other posts that I should direct my attention to, please let me know.

Thanks

0 Kudos
1 Solution

Accepted Solutions
lrock
Level 9

Re: Increased Trojan / Malware Detection after changing Artemis Sensitivity Level

Jump to solution

Feedback I'm getting from McAfee as expected -  - changing Artemis Sensitivity Level from Low to Medium brings more detections. If anything, this enables us to promote that our users should not be visiting 'none-work-related-sites'. I did change the sensitivity level on a few test workstations from Medium to HIGH and VERY HIGH which resulted in some false positives. Note to those running Win8 and Server 2012 - VSE 8.8 P3 makes the Artemis Default level to Medium instead of very low as i'm sure you've seen.

https://community.mcafee.com/thread/10865

https://kc.mcafee.com/corporate/index?page=content&id=KB70130

http://www.google.com/url?sa=t&rct=j&q=mcafee+vse+8.8+patch+3&source=web&cd=7&cad=rja&ved=0CG8QFjAG&...

0 Kudos
1 Reply
lrock
Level 9

Re: Increased Trojan / Malware Detection after changing Artemis Sensitivity Level

Jump to solution

Feedback I'm getting from McAfee as expected -  - changing Artemis Sensitivity Level from Low to Medium brings more detections. If anything, this enables us to promote that our users should not be visiting 'none-work-related-sites'. I did change the sensitivity level on a few test workstations from Medium to HIGH and VERY HIGH which resulted in some false positives. Note to those running Win8 and Server 2012 - VSE 8.8 P3 makes the Artemis Default level to Medium instead of very low as i'm sure you've seen.

https://community.mcafee.com/thread/10865

https://kc.mcafee.com/corporate/index?page=content&id=KB70130

http://www.google.com/url?sa=t&rct=j&q=mcafee+vse+8.8+patch+3&source=web&cd=7&cad=rja&ved=0CG8QFjAG&...

0 Kudos