Moved to Malware Discussion > Artemis so they can spot it hopefully..
Artemis isn't necessarily a virus, it is the generic name given to an unknown detection.
I give Consumers this to read, it may help: What To Do When McAfee Detects Software As An Infection - How to Submit To McAfee Labs & Appeal
Also try clearing all windows temp and internet temp files .
Also load 1 of the files to www.virustotal.com and see what it says
Artemis is the Generic name which is assigned to a detect which is committed as 'bad' based on the characteristics it displays and is convicted by the GTI (Global Threat Intelligence) cloud system.
The VirusTotal (vendor agnostic) entry can be viewed here https://www.virustotal.com/en/file/ffaf925e502e120e476f511e0a548f2d072d8c0a11aa1 a2edfca177e2852bbf0/analysis/1326975123/
It appears to be a variant of Conficker.
Take a look at the McAfee Conficker detection tool which can be found here Conficker Detection | McAfee Free Tools
Certified McAfee Product Specialist - ePO
Artemis works like this...
It is a global threat intelligence built into your McAfee product. What Artemis does is detect a suspicious file that sends a copy immediately to the lab and if found to have malicious activity it is removed from the device as a malware detection is. The sample is then further evaluated and the detection and cleaning is placed in a near future daily DAT file.
Each sample is given the name Artemis with random numbers behind it. It is a new threat just being detected. IF you are constantly getting this alert then it is possible you have some other threat on your device that is going undetected and most likely continuing to reinfect you. It is in a loop so to speak.
Chances are until you clean your system, you aren't going to get rid of it. Run a full McAfee scan if one has not been done. Clean all cache files, internet temp folders both the content and Low fodlers, Temp folders including the c:\windows\temp check for installed programs that should not be installed, look for suspicious .exe files and send them to avert labs for testing.You can "submit a sample" through the support section on McAfee.com. You must submit it via a password protected ZIP file. Check for suspicious file placed in the user\appdata\Local low and Roaming folder. I often find .exe files laying around in these folder that I send in and 99% of the time they are malware.
Just to provide some clarification here: Artemis/GTI actually only sends a file hash (a unique string calculated from the file contents) to the McAfee cloud, and then uses that to determine whether a file is bad based on existing data, other submissions, etc. The characters after the "Artemis!" are actually part of the file hash, so they're not random.
I would agree with the full scan suggestion, but would also suggest to set the Artemis/GTI level to "Very High" (if it's possible to change that with whichever version of McAfee antivirus software you're using). You can also try running the "Stinger" tool (http://stinger.mcafee.com) which may have better luck detecting and removing any malicious files. Your best bet would be to boot into Windows Safe Mode (Press the "F8" key before Windows starts) and run Stinger from within Safe Mode. You can also try deleting that "C:\WINDOWS\system32\x" file, but you likely won't be able to.
Thanh you for reply,
I have been full scan but i can not clean it. I have found some service and registry key, i have deleted it. So i still get a warning about virus
Try Malwarebytes Free - see the last link in my signature below.
Note the instructions on keeping it free of charge.
Toronto ▪ Canada
Volunteer Moderator - Consumer Products
I CAN'T HELP PRIVATELY - PLEASE POST IN THE FORUMS
Use Advanced Search To Find Answers
The last post is only a suggestion. If this is a large company and many machines are infected and you are using Enterprise products, then maybe you should contact the support desk and ask about professional virus removal services, which are costly of course.
Conficker in particular shouldn't exist in the wild if all machines were totally up to date in all aspects as Windows itself would have prevented it with the monthly Malicious Software Removal Tool scan.