Re: Artemis!0369AFFB46AA

"David H. Lipman" <DLipman~nospam~@Verizon.Net> writes:

From: "Regis" <ordsec@xxxxxxxxx>

| Nick B II <nicholasiii@xxxxxxxxx> writes:

McAffee says I have it. Sometimes. Other times it tells me there are
no threats on my system.

What is this, and how do I know whether I actually have it?

| Artemis is McAfee's heuristic detection engine. It's the "we don't
| have a signature for this file, but it looks kinda suspicious
| behaviorally, and we're still trying to figure out how suspicious it
| is." Artemis also uses an internet facing database from mcafee that
| grades it as an iffy file, and whether your mcafee client blocks it
| depends on your heuristic detection level setting.

| If you're interested in tinkering, you can restore the file from
| quarantine with access protection disabled, and upload the file to
| virustotal.com to see what other vendors think of the same file.

| But doing that without managing to own yourself is not without
| potential risk.


You are "assuming" it is a file and it is worth restoring from quarantine. Theere is
insufficient information from this post to make such a statement. It could have been a
heuristic detection on Internet content in his browser cache. Thus it would be
unwarranted to restore from quarantine even if it was a False Positive declaration.

I may be assuming, but at least I'm not an... nah, I won't go there.
LOL.

Yes, it's entirely possible the file isn't worth a worry or isn't a
threat, but then that's why one might preface an option with "if
you're interested in tinkering."

Restoring it and handling it safely to submit it to multiple engines
remains a good path to answer the original poster's first question
which was: "what is this?"

And probably more useful than peppering him with a litany of "your
question is worthy of me, specify the following" cruft.





.

Relevant Pages

  • Re: Artemis!0369AFFB46AA
    ... | Artemis is McAfee's heuristic detection engine. ... | depends on your heuristic detection level setting. ... You are "assuming" it is a file and it is worth restoring from quarantine. ... unwarranted to restore from quarantine even if it was a False Positive declaration. ...
    (alt.computer.security)
  • Re: Artemis!0369AFFB46AA
    ... no threats on my system. ... Artemis is McAfee's heuristic detection engine. ... grades it as an iffy file, and whether your mcafee client blocks it ...
    (alt.computer.security)