1 2 Previous Next 15 Replies Latest reply on Oct 20, 2015 12:15 PM by exbrit

    Artemis A490F943077F + suspicious incoming network connection blocked

    hashim

      I just brought a laptop saturday which come with mcAfee livesafe internet security 30 days trial,while i was importing some files from my External hard drive McAfee notis me that two artemis was found one in poweriso named ArtemisA490F943077F and the other one in sony vegas craked dont remember the name. McAfee ask me to restart my pc but i accidently press restart later and i was dowloarding google chrome which take like 15min after that i restart my pc and mcafee says am safe just to make sure i ran a quick scan found nothing so i was worry about it.

       

      Yesterday i was checking my security report : overview say :You're secure and down says Viruses and other threats removed or quarantined: 2 and potentially malicious incoming connection blocked : 323 i wasn't paying attention about the potentially malicious incoming connection blocked.

      So i open my quarantined item and delete the 2 artemis and than run a full scan and everthing was secured so i opened security report again overview was same so i click on total activity : treats detected trojans 3 so i search  on internet and found out it was just my history so i close everything and continue to use my laptop normal i was wondering about anything .

       

       

      Today i woke up and stared questioning myself why was it saying 3 trojans but in overview it says viruses and other threats removed or quarantined and why it's says my pc is safe? .

      i've open security report : total activity again , the trojans was still 3 and under firewall It's says programs allowed :74 and incoming connections blocked 471.

       

       

      so i opened Security history it was full with suspicious incoming network connection blocked with different source ip address date from 17/10/15 the days which the artemis was found that scared the crap out of me .

       

       

      I want to ask some question sorry 4 my bad english am from mauritius .

       

       

      1st: Why in Security report Overview its says am secure and under highlights: viruses and other threats removed: 2 but in Total Activity under threats detected it's says trojans : 3 ?

       

       

      2nd: Does that mean i have a trojans left on my computer?

       

       

      3rd: Under firewell what is incoming connection blocked : 471 and it becoming more after every 3hr?

       

       

      4th: Why my security history is full of suspicicous incoming network connection blocked and what is that ? is a virus who is causing that or something else?

       

       

      5th: On this pc am sign in steam and google chrome does that will affect my account must i sign out of all the account.

       

       

      What do i do now ? plz help me am being paranoid i think .

       

       

      And btw to create this mcAfee community account i use my yahoo mail which i haven't use for 2 month . So to check it is still working before creating this account. I was trying to enter my yahoo put it was saying my password was wrong i know the password was good so i click on forget password to recover this account via sending a code on mobile bla bla... Everything was ok  their was nothing suspicious on my email no spam or anything . let just says my email was hack and i use my mobile to recover this account with a new password can the hacker get my phone

       

       

      PLZ do answer my question and help me Thaks you

        • 1. Re: Artemis A490F943077F + suspicious incoming network connection blocked
          exbrit

          First of all don't panic, Artemis is the name the software gives to any unknown entity that it is suspicious of.   It may be harmless.

          See: What To Do When McAfee Detects Software As An Infection - How to Submit To McAfee Labs & Appeal

           

          1.  You are secure but it found possible threats

          2.  I doubt it. but as a precaution I suggest the use of GetSusp and then maybe a scan using MalwareBytes Free, see the last link below.

          3.  We all get 100's of those, it is merely a record of what your Firewall is blocking.

          4.  See above.

           

          Toronto ▪ Canada
          Volunteer Moderator - Consumer Products
          I CAN'T HELP PRIVATELY - PLEASE POST IN THE FORUMS
          Use Advanced Search To Find Answers

          Consumer Technical Support (alter Country @ top right as needed)

          Intel True Key/PasswordBox Support (alter country at top right as needed)

          Consumer Customer Service (Accounts, Billing, Registration, etc.)
          Anti-Spyware/Malware/Hijacker Tools

          • 2. Re: Artemis A490F943077F + suspicious incoming network connection blocked
            hashim

            It's an update to the post i've post this morning.

            So i've run another scan only on drive C and found 1 Artemis Then I've opened Security History Then go to Viruses and other threats dectected I found out In total their where 4 Artemis on my pc and all come from my external hard drive  i think.

             

            1st one ; From sony vegas pro crack my friend send me name:Artemis B932EC254B99.

            2nd one and 3rd one has the same but different location one from poweriso-64.exe on the external hard drive i think and the other one from appdata OCsetupahalp.dll name:Artemis A490F943077F.

            4th and last one. Artemis 3B1F20A1A107 from Plants vs zombie .

            But in security report it says viruses and other threats removed or quarantined 3 so thier is still one on the computer. how do i know and how do i remove it ?

             

            Btw is Artemis dangerous and can it travel through  email ?

             

            And Why The Potentially malicious incoming connection blocked keep increasing it is now 876 and same for Suspicious incoming network connection blocked which have different Source IP address  is 876 too.

             

            i have McAfee webAdvisor  and adblock plus on google chrome do you thick that  is the cause of those incoming connection block or it's something else causing that.

             

            What is causing it?

            Am getting worried because before i know all this stuff i was using this laptop  2 sign in my email and google account on google chrome and that is the same account i use on my android tablet and smartphone am being paranoid maybe the virus will hack all my account block my play store acc etc.....

            • 3. Re: Artemis A490F943077F + suspicious incoming network connection blocked
              exbrit

              What's causing it?  Dubious downloads from your friend stored on that drive I would imagine.  Artemis as I explained are unknowns, they could either be dangerous, or harmless, that's why I suggested running those 2 tools.

              Read the instructions I posted in that last link I gave above.

              • 4. Re: Artemis A490F943077F + suspicious incoming network connection blocked
                hashim

                Thanks for answering sorry am zero on IT .

                What is dubious downloads ?

                Yes sorry about that i was scared to do that cause i know nothing on IT

                Yeah forgot to told you that I've delete all the file in quarantine

                • 5. Re: Artemis A490F943077F + suspicious incoming network connection blocked
                  exbrit

                  Dubious = bad or risky or possibly infected....in this case at least.  That's why I suggested scanning.   I would run scan anyway to make sure you are OK.

                  • 6. Re: Artemis A490F943077F + suspicious incoming network connection blocked
                    hashim

                    Hello sir, Today i was going to do these thing you told me GetSusp and MalwareBytes but this morning when my pc has booted up i noticed that on my desktop there were two file named desktop.ini and I found many more instances of desktop.ini in other folders on my computer.


                    I've google it to see what it was some site says if harmless other says it's a virus

                     

                    What is that ?

                    • 7. Re: Artemis A490F943077F + suspicious incoming network connection blocked
                      hashim

                      i've scan my pc with stinger no treat find . I've read on microsoft community how to hide it and i have done it . it is now hide

                      • 8. Re: Artemis A490F943077F + suspicious incoming network connection blocked
                        exbrit

                        So are you OK now?  I'm not sure what you mean by hiding 'it'.

                         

                        Oh you mean hiding the desktop ini yes, those show when you have Windows Explorer set to show system files.

                        I would also scan with MalwareBytes Free if I were you and read my instructions carefuklly on how to keep it free, do NOT accept the trial offer.

                        • 9. Re: Artemis A490F943077F + suspicious incoming network connection blocked
                          hashim

                          I will tell you what i have done today. So i've run a full mcAfee scan no threat found then i've run stinger again no treat found then i've run the free MalwareBytes you told me 24 PUP.Optional.OpenCandy Threat so i press remove all and then it has ask me to restart my device .

                          While restarting my windows was updating i hope that does not interfere with MalwareBytes after that i've run another quick scan with mcAfee and no threat found but on Security Report: Total activity under threats detected: Trojans it still says 4 and virus remove says 3 and these potentially malicious incoming connections blocked are increasing it now reach 1660, am getting stress now.

                           

                          What to i do now?

                          Must i removed all these 24 threats from MalwareBytes quarantined .

                           

                          Just wondering sunday i was using this pc to sign in google chrome and youtube will my account get hack and my mobile + tablet or am just being paranoid and nothing seem unusual on my pc and account but just sometime my touchpad become unresponsive but my keyboard work i've read lot of people get that with this laptop .

                           

                          I run a youtube channel i really need to sign in a lot can i sign in now.

                          And why McAfee and stinger has not find any of these PUP.

                          And in MalwareBytes quarantined All those 24 PUP there were only 2 type one file and the other Registry key,

                           

                          Some information :

                          Malwarebytes Anti-Malware

                          www.malwarebytes.org

                           

                           

                          Scan Date: 20/10/2015

                          Scan Time: 6:06 PM

                          Logfile:

                          Administrator: Yes

                           

                           

                          Version: 2.2.0.1024

                          Malware Database: v2015.10.20.04

                          Rootkit Database: v2015.10.16.01

                          License: Free

                          Malware Protection: Disabled

                          Malicious Website Protection: Disabled

                          Self-protection: Disabled

                           

                           

                          OS: Windows 8.1

                          CPU: x64

                          File System: NTFS

                          User: HASHIM GH

                           

                           

                          Scan Type: Threat Scan

                          Result: Completed

                          Objects Scanned: 311008

                          Time Elapsed: 40 min, 3 sec

                           

                           

                          Memory: Enabled

                          Startup: Enabled

                          Filesystem: Enabled

                          Archives: Enabled

                          Rootkits: Disabled

                          1 2 Previous Next