6 Replies Latest reply on Dec 18, 2011 1:26 AM by Hayton

    Help please. To remove Generic!Artemis

      A recent scan detected an unwanted programme but mcafee was unable to completely remove it .
      It's a Generic!Artemis virus and or Generic!Artemis.) trojen or both, and is currently residing in c:\windows\system32\ma\MTK63G.exe. It does not appear to affecting my computer but I have just renewed my mcafee for 2 years and I don't want it there. Any help would be appreciated
        • 1. RE: Help please. To remove Generic!Artemis
          Hello,

          Send the file(s) to the lab.
          http://vil.nai.com/vil/submit-sample.aspx

          Then do this:

          Download Malwarebytes ' Anti-Malware from Here or Here Double-click on mbam-setup.exe to install the application.

          * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
          * If an update is found, it will download and install the latest version.
          * Once the program has loaded, select Perform Full Scan, then click Scan.
          * The scan may take some time to finish, so please be patient.
          * When the scan is complete, click OK, then Show Results to view the results.
          * Make sure that everything is checked, and click Remove Selected.
          * When disinfection is completed, a log will open in Notepad and you may be prompted to restart (see Extra Note below).
          * The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
          * Copy & paste the entire report into your next reply.

          Extra Note:
          If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
          • 2. Log attached
            Thanks for your quick reply.Please find log below which looks promising.Malwarebytes' Anti-Malware 1.31
            Database version: 1494
            Windows 5.1.2600 Service Pack 3

            12/12/2008 21:00:09
            mbam-log-2008-12-12 (21-00-09).txt

            Scan type: Full Scan (C:\|D:\|)
            Objects scanned: 114915
            Time elapsed: 31 minute(s), 32 second(s)

            Memory Processes Infected: 0
            Memory Modules Infected: 0
            Registry Keys Infected: 6
            Registry Values Infected: 0
            Registry Data Items Infected: 0
            Folders Infected: 0
            Files Infected: 1

            Memory Processes Infected:
            (No malicious items detected)

            Memory Modules Infected:
            (No malicious items detected)

            Registry Keys Infected:
            HKEY_CURRENT_USER\SOFTWARE\{5222008a-dd62-49c7-a735-7bd18ecc7350} (Rogue.VirusRemover) -> Quarantined and deleted successfully.
            HKEY_LOCAL_MACHINE\SOFTWARE\{5222008a-dd62-49c7-a735-7bd18ecc7350} (Rogue.VirusRemover) -> Quarantined and deleted successfully.
            HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{af2e62b6- f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
            HKEY_CURRENT_USER\SOFTWARE\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully.
            HKEY_LOCAL_MACHINE\SOFTWARE\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully.
            HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> Quarantined and deleted successfully.

            Registry Values Infected:
            (No malicious items detected)

            Registry Data Items Infected:
            (No malicious items detected)

            Folders Infected:
            (No malicious items detected)

            Files Infected:
            C:\WINDOWS\system32\ma1\MTK63G.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
            • 3. Job done!!
              Just run another scan and all is well . Thank you very much for your help , you're a star.
              • 4. RE: Job done!!
                Glad we could help.
                • 5. Re: Help please. To remove Generic!Artemis

                  Has this virus been dealt with appropriately so I won't have to worry about it?   Thanks.

                   

                  __________________________________________

                  George Alarcon

                   

                  Email address and url removed for security and online safety reasons - Hayton

                   

                  Message was edited by: Hayton on 18/12/11 07:24:13 GMT
                  • 6. Re: Help please. To remove Generic!Artemis
                    Hayton

                    This is a very old thread. I doubt whether after three years you will get a reply, and you're asking similar vague questions elsewhere, so I'm locking this thread.