Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Artemis!0369AFFB46AA

Reply
Thread Tools

Artemis!0369AFFB46AA

 
 
Nick B II
Guest
Posts: n/a
 
      05-14-2010
McAffee says I have it. Sometimes. Other times it tells me there are
no threats on my system.

What is this, and how do I know whether I actually have it?

Nick
 
Reply With Quote
 
 
 
 
David H. Lipman
Guest
Posts: n/a
 
      05-14-2010
From: "Nick B II" <(E-Mail Removed)>

| McAffee says I have it. Sometimes. Other times it tells me there are
| no threats on my system.

| What is this, and how do I know whether I actually have it?

| Nick

Heuristic detection. But you supplied insufficient information. You posted
"Artemis!0369AFFB46AA" but should ALSO be in the body of the post as well as WHAT was
indentified as being detected as "Artemis!0369AFFB46AA".

Log snippet(s) would help.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


 
Reply With Quote
 
 
 
 
Regis
Guest
Posts: n/a
 
      05-14-2010
Nick B II <(E-Mail Removed)> writes:

> McAffee says I have it. Sometimes. Other times it tells me there are
> no threats on my system.
>
> What is this, and how do I know whether I actually have it?


Artemis is McAfee's heuristic detection engine. It's the "we don't
have a signature for this file, but it looks kinda suspicious
behaviorally, and we're still trying to figure out how suspicious it
is." Artemis also uses an internet facing database from mcafee that
grades it as an iffy file, and whether your mcafee client blocks it
depends on your heuristic detection level setting.

If you're interested in tinkering, you can restore the file from
quarantine with access protection disabled, and upload the file to
virustotal.com to see what other vendors think of the same file.

But doing that without managing to own yourself is not without
potential risk.


 
Reply With Quote
 
David H. Lipman
Guest
Posts: n/a
 
      05-15-2010
From: "Regis" <(E-Mail Removed)>

| Nick B II <(E-Mail Removed)> writes:

>> McAffee says I have it. Sometimes. Other times it tells me there are
>> no threats on my system.


>> What is this, and how do I know whether I actually have it?


| Artemis is McAfee's heuristic detection engine. It's the "we don't
| have a signature for this file, but it looks kinda suspicious
| behaviorally, and we're still trying to figure out how suspicious it
| is." Artemis also uses an internet facing database from mcafee that
| grades it as an iffy file, and whether your mcafee client blocks it
| depends on your heuristic detection level setting.

| If you're interested in tinkering, you can restore the file from
| quarantine with access protection disabled, and upload the file to
| virustotal.com to see what other vendors think of the same file.

| But doing that without managing to own yourself is not without
| potential risk.


You are "assuming" it is a file and it is worth restoring from quarantine. Theere is
insufficient information from this post to make such a statement. It could have been a
heuristic detection on Internet content in his browser cache. Thus it would be
unwarranted to restore from quarantine even if it was a False Positive declaration.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


 
Reply With Quote
 
Regis
Guest
Posts: n/a
 
      05-15-2010
"David H. Lipman" <DLipman~nospam~@Verizon.Net> writes:

> From: "Regis" <(E-Mail Removed)>
>
> | Nick B II <(E-Mail Removed)> writes:
>
>>> McAffee says I have it. Sometimes. Other times it tells me there are
>>> no threats on my system.

>
>>> What is this, and how do I know whether I actually have it?

>
> | Artemis is McAfee's heuristic detection engine. It's the "we don't
> | have a signature for this file, but it looks kinda suspicious
> | behaviorally, and we're still trying to figure out how suspicious it
> | is." Artemis also uses an internet facing database from mcafee that
> | grades it as an iffy file, and whether your mcafee client blocks it
> | depends on your heuristic detection level setting.
>
> | If you're interested in tinkering, you can restore the file from
> | quarantine with access protection disabled, and upload the file to
> | virustotal.com to see what other vendors think of the same file.
>
> | But doing that without managing to own yourself is not without
> | potential risk.
>
>
> You are "assuming" it is a file and it is worth restoring from quarantine. Theere is
> insufficient information from this post to make such a statement. It could have been a
> heuristic detection on Internet content in his browser cache. Thus it would be
> unwarranted to restore from quarantine even if it was a False Positive declaration.


I may be assuming, but at least I'm not an... nah, I won't go there.
LOL.

Yes, it's entirely possible the file isn't worth a worry or isn't a
threat, but then that's why one might preface an option with "if
you're interested in tinkering."

Restoring it and handling it safely to submit it to multiple engines
remains a good path to answer the original poster's first question
which was: "what is this?"

And probably more useful than peppering him with a litany of "your
question is worthy of me, specify the following" cruft.





 
Reply With Quote
 
David H. Lipman
Guest
Posts: n/a
 
      05-15-2010
From: "Regis" <(E-Mail Removed)>


| I may be assuming, but at least I'm not an... nah, I won't go there.
| LOL.

| Yes, it's entirely possible the file isn't worth a worry or isn't a
| threat, but then that's why one might preface an option with "if
| you're interested in tinkering."

| Restoring it and handling it safely to submit it to multiple engines
| remains a good path to answer the original poster's first question
| which was: "what is this?"

| And probably more useful than peppering him with a litany of "your
| question is worthy of me, specify the following" cruft.


Well your "If you're interested in tinkering" is just plain dumb. You don't tinker with
possibly malicious files and based upon the wording of the OP I can tell he shouldn't be.

The post lacks specific information to answer "What is this, and how do I know whether I
actually have it?". It is question on an unknown etity. That entity must be discerned
and quantified. A heuristic detection on an unknown files does prescribe "tinkering". It
requires obtaining the crucial information to come to a prescription of advice.




--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Advertisments