cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

OAS Artemis detecting onedrive temp as malware

Hello All,

Every 10 min once getting artemis detection from onedrive temp . Please find below the threat details.

Can any one help to find a solution for this.

Threat Target Process Name:Threat Target File Path:Event Category:Event ID:Threat Severity:Threat Name:Threat Type:Action Taken:Threat Handled:Analyzer Detection Method:

 
C:\OneDriveTemp\S-1-5-21-3149822583-482774111-505265295-6991\74b2e040eed7431cbbd8ffc9bc267059-ead6e3da2e524aaf876c4f94ab48d005-adeb9510a7664982ad4279dfdc88864d-198bc39f613b5aa305e78b67c15f1a9c64afe749.temp
Malware detected
1027
Alert
Artemis!5BE6D83A2E95
Trojan
Deleted
True
OAS
Labels (1)
3 Replies
jess_arman
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: OAS Artemis detecting onedrive temp as malware

@krishna19021995 If you would like assistance investigating these detections to determine if they are false positive or legitimate detections, then please follow the instructions within KB68030 in order to submit the detected files as a sample for analysis. You can then give support a call via the SR # that gets created upon submission in order to discuss the behavior further, if you would like.

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

Re: OAS Artemis detecting onedrive temp as malware

Getting alert from onedrive Temp and its deleted. so, unable to get the sample.

I ran getsusp tool in affected system after that haven't observed detection on it.

 

 

jess_arman
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: OAS Artemis detecting onedrive temp as malware

@krishna19021995 You should be able to get the file from your configured Quarantine location despite the deletion. This is located, by default, at C:\Quarantine on the detecting system. 
You can submit the .bup file as the sample in the method outlined in the previously linked KB. 

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community