cancel
Showing results for 
Search instead for 
Did you mean: 

OAS Artemis detecting onedrive temp as malware

Hello All,

Every 10 min once getting artemis detection from onedrive temp . Please find below the threat details.

Can any one help to find a solution for this.

Threat Target Process Name:Threat Target File Path:Event Category:Event ID:Threat Severity:Threat Name:Threat Type:Action Taken:Threat Handled:Analyzer Detection Method:

 
C:\OneDriveTemp\S-1-5-21-3149822583-482774111-505265295-6991\74b2e040eed7431cbbd8ffc9bc267059-ead6e3da2e524aaf876c4f94ab48d005-adeb9510a7664982ad4279dfdc88864d-198bc39f613b5aa305e78b67c15f1a9c64afe749.temp
Malware detected
1027
Alert
Artemis!5BE6D83A2E95
Trojan
Deleted
True
OAS
Labels (1)
3 Replies
McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: OAS Artemis detecting onedrive temp as malware

@krishna19021995 If you would like assistance investigating these detections to determine if they are false positive or legitimate detections, then please follow the instructions within KB68030 in order to submit the detected files as a sample for analysis. You can then give support a call via the SR # that gets created upon submission in order to discuss the behavior further, if you would like.

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

Re: OAS Artemis detecting onedrive temp as malware

Getting alert from onedrive Temp and its deleted. so, unable to get the sample.

I ran getsusp tool in affected system after that haven't observed detection on it.

 

 

McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: OAS Artemis detecting onedrive temp as malware

@krishna19021995 You should be able to get the file from your configured Quarantine location despite the deletion. This is located, by default, at C:\Quarantine on the detecting system. 
You can submit the .bup file as the sample in the method outlined in the previously linked KB. 

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

Member Rewards
McAfee Community rewards active and helpful members just like you. Click here to take a look at the first community members who received a special reward and were recognized by McAfee leader, Aneel Jaeel, for their participation and trusted knowledge in the community.