Hi everyone! I need help in getting rid of this annoying Artemis Trojan from my laptop. I've already done the recommendations that I've read from various forum. I've already used McAfee, Avast, Malwarebytes, Super anit-spyware to remove this virus but it keeps popping up! I need help pls! Anyone??
By the way, the name of the virus is Artemis!56C9EF26F88B. First, it prevented to browse websites. Then a day after, a spam e-mail was sent from my personal yahoo account to all my contacts! I badly needed a help!
You don't give any details of your system, service pack or installed McAfee products so I am guessing at this. Any idea where the detection is being found - a path to it would help?
If it's being detected in something like 'System Volume Information' then disable System Restore, reboot and rescan. If that cures it then re-enable System Restore.
It could also be in something attached to your computer such as a flash drive or external hard drive...just guessing there though.
You say you ran Malwarebytes (free one I hope) - did you try running it in Safe Mode?
I'm using is Sony Vaio, Windows 7. McAfee Virus Scan Version 15. There is no flash drive or external hard drive attached to my laptop.
I have already tried running Malwarebytes (free version) in safe mode but then this virus keeps popping up. It is usually detected in C: Windows/assembly
That folder is apparently (from what I've gleaned off the Internet) part of the .Net framework, where the common .net "assemblies" (to use MS' terms) are stored.
Try this, send an email to mcafee labs with the header False Artemis!56C9EF26F88B to Virus_Research@avertlabs.com and see how they react. (No need for anything in the body).
You mentioned that spam email was sent from your email address - are you sure it actually originated form your machine - if it did it would appear in your sent mail folder.
There is malware out there that can plant itself on anyone's machine who just happens to have your email address in their address book, and the malware spoofs a 'from' email address from their address book and in this case it picked yours.
So it could be anyone you've corresponded with. That is likely the case if none of those anti-malware applications caught anything at all.
By the way, I hope that your Windows 7 has Service Pack 1 installed. If it doesn't there is some help with that here: https://community.mcafee.com/docs/DOC-2205
Also make sure that Windows is totally up to date in all aspects. People sometimes have a habit of hiding various updates and anything for .net or your Windows in general and Internet Explorer must be installed.
I'm not saying that's the case here, just adding that as a precaution.
Regarding the spam e-mai, it didn't appear in my Sent items though. So it is not related to Artemis virus?
I have already sent e-mail to mcafee labs as you suggested. Hopelly they could help me on this
Let's hope it's simply a coincidence.
You could in the meanwhile post a Hijackthis log on a specialist forum such as BleepingComputer who are excellent at troubleshooting this sort of thing. I've listed a few below.
Do not post Hijackthis logs here, we can't help you with those !
Post the logs at a specialist Forum:
Be sure to read all the sticky announcements/instructions at the top of each malware forum!
i have already posted my problem in Bleeping computer. I'm hoping that they would be able to help me.
Thanks for all your replies/recommendations!
Between that and the submission to the labs hopefully something will solve this.
The Artemis!56C9EF26F88B detection has been reclassified as DNSChanger!fa, which will reflect in tomorrow's DATs - version 6489.
I can send you an extra.dat for detection, which can be used until tomorrow when the release DAT will cover the detection. In this case, please send me your email address in a private message and I will be glad to send you the extra file as well as instructions on how to use that.