cancel
Showing results for 
Search instead for 
Did you mean: 
anahata
Level 7

Possible False Positive - Artemis!C8AD600E509C (Trojan)

5/19/2010 10:48:32 AM  Engine version                          = 5400.1158
5/19/2010 10:48:32 AM  AntiVirus   DAT version                 = 5987.0
5/19/2010 10:48:32 AM  Number of detection signatures in EXTRA.DAT = None
5/19/2010 10:48:32 AM  Names of detection signatures in EXTRA.DAT  = None
5/19/2010 2:09:27 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe C:\3.1.0.8 OS Create\-2 OS\2.3.0.11 OS\Program Files\Simple DNS Plus\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:09:40 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe C:\3.1.0.8 OS Create\3.1.0.7 OS\Program Files\Simple DNS Plus\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:15:32 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe C:\ROB\-2 DIBS\2.3.0.11\2.3.0.11 OS\Program Files\Simple DNS Plus\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:15:47 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe C:\ROB\-3 DIBS\3.1.0.7\3.1.0.7 OS\Program Files\Simple DNS Plus\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:16:53 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe C:\ROB\OS\-2 DIBS\2.3.0.13a OS\Program Files\Simple DNS Plus\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:17:14 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe C:\ROB\OS\-3 DIBs\3.1.0.9a OS\Program Files\Simple DNS Plus\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:18:59 PM Deleted  TCP0069\fcms C:\WINDOWS\Explorer.EXE C:\ROB\OS\-2 DIBS\2.3.0.13a OS.zip\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:20:53 PM Deleted  TCP0069\fcms C:\WINDOWS\Explorer.EXE C:\ROB\OS\-2 DIBS\2.3.0.12 OS.zip\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:27:06 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe D:\FCMS\DIB_OS\PSW_3.1.0.1 OS\Program Files\Simple DNS Plus\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:41:35 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe D:\Hochan\2.3.0.10 OS\Program Files\Simple DNS Plus\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:44:54 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe D:\OS\-2\2.3.0.12 OS\2.3.0.12 OS\Program Files\Simple DNS Plus\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:46:29 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe D:\OS\-2\2.3.0.12 OS\3.1.0.8 OS\Program Files\Simple DNS Plus\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:49:52 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe D:\System Volume Information\_restore{32649328-DB17-45D5-968B-75130E2AE1EA}\RP451\A0119642.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:49:52 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe D:\System Volume Information\_restore{32649328-DB17-45D5-968B-75130E2AE1EA}\RP451\A0119643.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:49:53 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe D:\System Volume Information\_restore{32649328-DB17-45D5-968B-75130E2AE1EA}\RP451\A0119644.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 2:49:53 PM Deleted  NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe D:\System Volume Information\_restore{32649328-DB17-45D5-968B-75130E2AE1EA}\RP451\A0119645.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 3:01:08 PM Deleted  TCP0069\fcms C:\WINDOWS\Explorer.EXE C:\ROB\OS\-2 DIBS\2.3.0.12 OS.zip\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 3:02:49 PM Deleted  TCP0069\fcms C:\WINDOWS\Explorer.EXE C:\Rajesh\OS\2.3.0.12 OS\2.3.0.12 OS.zip\sdnsmain.exe Artemis!C8AD600E509C (Trojan)
5/19/2010 3:31:45 PM Deleted  TCP0069\fcms C:\WINDOWS\Explorer.EXE C:\Rajesh\OS\2.3.0.12 OS.zip\sdnsmain.exe Artemis!C8AD600E509C (Trojan)

0 Kudos
2 Replies
nownitin
Level 12

Re: Possible False Positive - Artemis!C8AD600E509C (Trojan)

Hi,

McAfee Labs researchers have examined the file in question and no malware was found.

McAfee(R) Artemis technology provides real-time protection that secures enterprises and consumers from threats as they strike and much quicker than traditional signatures can be deployed. As Artemis is updated in real-time there is no requirement to wait for a full DAT update nor to use an EXTRA.DAT intermediate solution. Simply wait approximately 30 minutes and this false will no longer exist or trigger on your system. Depending on the network settings you have or the caching involved between your system and ours it may take slightly longer for this false alarm to be resolved.

0 Kudos
SamSwift
Level 12

Re: Possible False Positive - Artemis!C8AD600E509C (Trojan)

Marking as assumed answered. Please let us know if the issue is not resolved.

Thanks,

Sam

0 Kudos