cancel
Showing results for 
Search instead for 
Did you mean: 

OneDrive.exe flagged as Trojan by Artemis (Artemis!12730C2F829E)

Jump to solution

GTI (Artemis) keeps flagging 'OneDrive.exe' as a Trojan.  This happens randomly with no specific actions taken to cause VSE to flag the file.  We have artemis sensitivity level set to Medium from our ePO server.  I've placed  the event notification details below.  Has anyone encountered this same issue? 

 

SYSTEM
Detected: 10/15/18 01:02:36 UTC
Received: 10/15/18 01:02:25 UTC
Agent GUID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Event Description: Infected file deleted.
Threat Event ID: 1027
Threat Type: Trojan
Severity: Alert
Threat Name: Artemis!12730C2F829E
Threat Handled: True
Threat Category: Malware detected
Action Taken: deleted
Target File Name: c:\Documents and Settings\XXXXXXXXXXX\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\OneDrive.exe

VirusScan Enterprise 8.8
Engine Version: 5900.7806
DAT Version: 9046.0000
Detection Method: (managed) Nightly Virus Scan (Workstations Only) OS Platform: Workstation OS Type: Windows 10

3 Solutions

Accepted Solutions
McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: OneDrive.exe flagged as Trojan by Artemis (Artemis!12730C2F829E)

Jump to solution

Hi @omar_tx

Please create a malware support case and submit this file as a false positive submission. Our labs team will be able to perform an analysis and mark the file as trusted if it is indeed a false positive.

Requirements for submission can be found here: https://kc.mcafee.com/corporate/index?page=content&id=KB85567

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
Highlighted
McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 3 of 5

Re: OneDrive.exe flagged as Trojan by Artemis (Artemis!12730C2F829E)

Jump to solution

@omar_tx If you expect that you're experiencing a false positive detection, I would adivse that you follow the instructions in KB85567 to work with McAfee Labs on analysis, confirmation, and path to resolution. 

Please keep in mind that if you proceed to submit against automation, you may still need to call Support referencing your case number in order to get the quickest information regarding false positives.

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 5 of 5

Re: OneDrive.exe flagged as Trojan by Artemis (Artemis!12730C2F829E)

Jump to solution

@omar_tx I am not aware of this currently trending within Support calls as a concern. However, this does not mean that you are or aren't the only person potentially experiencing this.

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

4 Replies
McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: OneDrive.exe flagged as Trojan by Artemis (Artemis!12730C2F829E)

Jump to solution

Hi @omar_tx

Please create a malware support case and submit this file as a false positive submission. Our labs team will be able to perform an analysis and mark the file as trusted if it is indeed a false positive.

Requirements for submission can be found here: https://kc.mcafee.com/corporate/index?page=content&id=KB85567

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
Highlighted
McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 3 of 5

Re: OneDrive.exe flagged as Trojan by Artemis (Artemis!12730C2F829E)

Jump to solution

@omar_tx If you expect that you're experiencing a false positive detection, I would adivse that you follow the instructions in KB85567 to work with McAfee Labs on analysis, confirmation, and path to resolution. 

Please keep in mind that if you proceed to submit against automation, you may still need to call Support referencing your case number in order to get the quickest information regarding false positives.

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

Re: OneDrive.exe flagged as Trojan by Artemis (Artemis!12730C2F829E)

Jump to solution
I am planning on doing so but i would like to know if this is not just isolated in our network. I have not seen any posts so far about onedrive.exe being flagged by artemis.
McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 5 of 5

Re: OneDrive.exe flagged as Trojan by Artemis (Artemis!12730C2F829E)

Jump to solution

@omar_tx I am not aware of this currently trending within Support calls as a concern. However, this does not mean that you are or aren't the only person potentially experiencing this.

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator