8 Replies Latest reply on Aug 2, 2014 4:32 PM by exbrit

    Trojan: Artemis 2E6D2E2F3DE7 moved to quarantined

    mohit2313

      Hi Guys,

       

      I was downloading a file and my McAfee antivirus detected a Trojan name Artemis 2E6D2E2F3DE7 and moved it to quarantined. Using help option in McAfee antivirus user interface i learned how to delete files from quarantined. Now when i have already deleted this quarantined Trojan i just want to know that is their any other thing which i need to follow to make sure that this or any other Trojan will not effecting the security of my computer.

       

      Please also answer

      • What is  Artemis 2E6D2E2F3DE7 and how it effects my computer? 
      • Is this Trojan is completely deleted from my system and it will not cause any issues in future because i am still able to see this Trojan in my logs?
      • What should i do to avoid these type of Trojan attacks?

       

      Thanks

        • 1. Re: Trojan: Artemis 2E6D2E2F3DE7 moved to quarantined
          catdaddy

          Hi mohi2313,

                   Welcome to the McAfee Communities. What particular program are you attempting to access,which causes a detection? If it is continuously being detected after you deleted and removed from your Quarantined Items, then there must be something suspicious/unknown in regards to the File or program.

           

                    If you feel that it could be a False detection, please read the following advice What To Do When McAfee Detects Software As An Infection - How to Submit To McAfee Labs & Appeal

           

                     You may be interested in reading this informative article  How you get tricked into installing Potentially Unwanted Programs

           

                     Wishing you all the very best,

                      Catdaddy

                      McAfee Moderator

          • 2. Re: Trojan: Artemis 2E6D2E2F3DE7 moved to quarantined
            k3tg

            Whatever you were downloading this detection may have been part of a bundled download, an example being a toolbar or such. What exactly the Artemis 2E6D2E2F3DE7 is I do not know and I do not know how McAfee operates with respect to assigning the number of the detection is or subsequent quarantine of the detection.

             

            If you know the download is a legitimate download from a legitimate site and want to permit the download to work in your computer then you need to look at What To Do When McAfee Detects Software As An Infection - How to Submit To McAfee Labs & Appeal

             

            If you do not know what it is and require some additional assistance to remove the trojan or infection then you may want to look at some Anti-Spyware/Malware & Hijacker Tools

             

            McAfee has designed their software to provide this information in the logs to alert the customers of what actions the software has taken to protect their systems. I do not know how long the logs will retain the information but I would assume it may be for a long period of time for reference.

             

            Best advice I have to prevent future issues is to be careful where you surf the internet, read the fine print of any downloads you choose to download and read the EULA license agreements for any bundled downloads. Another example of bundled downloads is Java as sometimes they may also want to bring in Security Scan but you already have McAfee providing that for you.

             

            Keep your Windows up to date with Microsoft updates and always keep Real Time Scanning turned on and allow McAfee to update automatically to avoid future problems.

             

            I hope this information answers your concerns

             

            Tom K3TG

            • 3. Re: Trojan: Artemis 2E6D2E2F3DE7 moved to quarantined
              catdaddy

              This may be more appropriate if moved to Malware Discussion/Artemis to get better attention.

              • 5. Re: Trojan: Artemis 2E6D2E2F3DE7 moved to quarantined
                axcel3

                ARTEMIS! (all variants) is an AD Supported cross web browser plugin for IE & Firefox/Chrome and is distributed through various programs during installation. This potentially unwanted program is also bundled within the custom installer on many download sites (EX: CNET, Brothersoft or Softonic).

                 

                What it can do (because it is a Browser Extension) is modify Default or Custom Settings of the browser, including the Home Page, Search Settings and in some cases will modify the Browser Load Time Threshold (How long it takes to see you browser pop open and load the page).

                 

                It can also disable the Browsers Content Security Policy in order to allow for Cross Site Scripting Attacks.

                 

                One of the programs that I personally have found "bundles" this in is WILDTANGENT; which is an "engine" that runs a variety of games.

                Unfortunately, with WILDTANGENT; the install of ARTEMIS! is "silent"; so you have no idea that it was installed: Until of course you run a good AV Program, like McAfee.

                • 6. Re: Trojan: Artemis 2E6D2E2F3DE7 moved to quarantined
                  exbrit

                  axcel3 wrote:

                   

                  ARTEMIS! (all variants) is an AD Supported cross web browser plugin for IE & Firefox/Chrome and is distributed through various programs during installation. This potentially unwanted program is also bundled within the custom installer on many download sites (EX: CNET, Brothersoft or Softonic).

                   

                  What it can do (because it is a Browser Extension) is modify Default or Custom Settings of the browser, including the Home Page, Search Settings and in some cases will modify the Browser Load Time Threshold (How long it takes to see you browser pop open and load the page).

                   

                  It can also disable the Browsers Content Security Policy in order to allow for Cross Site Scripting Attacks.

                   

                  One of the programs that I personally have found "bundles" this in is WILDTANGENT; which is an "engine" that runs a variety of games.

                  Unfortunately, with WILDTANGENT; the install of ARTEMIS! is "silent"; so you have no idea that it was installed: Until of course you run a good AV Program, like McAfee.

                  Incorrect, it is not a Browser Extension or Plugin.   Artemis is a generic name given by McAfee Labs to detections of unknowns by the antivirus component of your software.  The number that follows identifies it to the labs as to whatever group it belongs to and only they know what it is.  It can be an infection, a PUP or even a false alarm, in  fact it could be anything that isn't yet known.   Within a few days they analyze any samples submitted and come to a decision as to exactly what it is.

                  Any infection can attack a system and cause what you describe.

                  • 7. Re: Trojan: Artemis 2E6D2E2F3DE7 moved to quarantined
                    axcel3

                    Ok, allow me to clarify my post as I screwed up . The Item(s) Called ARTEMIS! by McAfee are what are described in most cases. Some are excisable from a given program or specialty installer, others like the one in WILDTANGENT (as far as I have found) aren't. I would "correct" my prior post to clarify what I screwed up in the explanation, but the ability to edit it is gone.

                     

                    Any time I have used a Specialty Downloader from various sites or back in the day when I ran WILDTANGENT, after using the Specialty Installers or installing WILDTANGENT, and then running McAfee I would find the ARTEMIS! detection.

                    And Of course Specialty Installers and WILDTANGET use browser plugins to operate, which can cause strange browser behavior; which can compromise a computers security.

                     

                    I wasn't knocking McAfee, nor saying McAfee was any problem: I screwed up how I said what I said. My Apologies.