cancel
Showing results for 
Search instead for 
Did you mean: 
torsteinlg
Level 7

Artemis!6AA25FF36323

Hey!

I while back, I was stupid enough to download a whole pack of variously infected software, and since then my McAfee All Access have kept detecting threats on my computer. On the initial installation of the package, it detected four trojan horses as the installation kept "fighting" with McAfee, trying to install the malware several times while McAfee tried to stop it; i could observe this on my screen as everytime the installation finished, McAfee notified me that a program tried to install a trojan horse which it then removed - and so the malware started all over again.

Apparently, McAfee did not get it all. In total I now have 2 PUP-removals and 7 virus-removals, and I am therefore afraid that there are still infected files around in my system that McAfee has not detected.

I am therefore asking your help to identify the Artemis in the headline, which is the latest virus that was suddenly detected this morning. If any information about the other viruses/PUPs could help on the analysis, please tell me.

Thank you!

Torstein

0 Kudos
7 Replies
Peacekeeper
Level 20

Re: Artemis!6AA25FF36323

Can you post the other detection names?

Scan with the scanners here

McAfee Communities: Anti-Spyware/Malware & Hijacker Tools

especially getsusp remembering to add your email addy to its preferences and stinger as well as Malwarebytes(Install only the free version and not the free pro trial. See what that gives and I will ask a lab tech re that detection.

0 Kudos
torsteinlg
Level 7

Re: Artemis!6AA25FF36323

Yes. Here are the Artemis numbers:

1. 903C06F02D54 (trojan horse). Name: psupport_install[1].exe

2. Same number as above, but with name: assistant_v3.exe

3. 6AA25FF36323 Name: custom.dll

Additionaly, there are these two, both of which classified trojan horses:

1. RDN/Generic Downloader.x!ip Name: agent2[1]exe.

2. Same threat as above, but with name: helper_setup.exe

And these PUPs:

1.PUP-FDX!F8500B7910BF

2. MegaSearchPlugin (I suspect this one is not related to the infected package mentioned in OP)

All of these have given no results in McAfees database or through online searching. Neither was I able to send them to McAfee - repeated attempts all resulted in "Connection with McAfee failed".

Will scan and post results. Thank you!

0 Kudos
vinoo
Level 13

Re: Artemis!6AA25FF36323

Please run GetSusp and post the files log here. I can review and provide guidance right away.

0 Kudos
torsteinlg
Level 7

Re: Artemis!6AA25FF36323

Allright, here they are. Thank you.

0 Kudos
vinoo
Level 13

Re: Artemis!6AA25FF36323

Are these detections still happening?

The GetSusp scan did not report any malware on the system.

0 Kudos
torsteinlg
Level 7

Re: Artemis!6AA25FF36323

Yes, it detects 3 identified suspicious files on every scan. Can you tell me what the report said? Are the files not infected?

0 Kudos
vinoo
Level 13

Re: Artemis!6AA25FF36323

Those files are harmless. I've whitelisted them and a scan in the next hour won't report them anymore.

0 Kudos