[notpcliterate]

[attachment=69:Virus.pdf]McAfee scanned my computer and has detected 2 Artemis trojan viruses on my D drive which is my recovery drive. It has also detected 1 pup on there. Can anyone tell me how to get rid of them. McAfee will only quarantine them. I do not understand how I got them since I do not play games of any type and they are showing in my D drive under game setups. Thanks for any help on the removal of Artemis virus. I have attached a PDF of the screen print showing the information.

[coastie65]

Hi, Ok, download and up www.SUPERantispyware.com & www.malwarebytes.org . Both of these are free and very good. Remove anything that they find. coastie

This post has been edited by coastie65: 09 September 2009 - 03:58 PM

[notpcliterate]

coastie65, on 09 September 2009 - 03:57 PM, said:

Hi, Ok, download and up www.SUPERantispyware.com & www.malwarebytes.org . Both of these are free and very good. Remove anything that they find. coastie

I downloaded both and they did get the spyware/adware but they did not take care of the virus. They are still there when McAfee did the scan again.

[coastie65]

OK. Here is something for you to look at: http://www.informati...oval-tools.html

[Flashorn]

notpcliterate, on 10 September 2009 - 05:27 AM, said:

coastie65, on 09 September 2009 - 03:57 PM, said:

Hi, Ok, download and up www.SUPERantispyware.com & www.malwarebytes.org . Both of these are free and very good. Remove anything that they find. coastie

I downloaded both and they did get the spyware/adware but they did not take care of the virus. They are still there when McAfee did the scan again.

Hey notpc !!


Download Dr.WebCureIt : http://www.freedrweb.com/cureit/ . There's no install so, just double click on the .exe and run it. IF it finds something
have Dr.Web delete it (cure it) then, run the Full scan.

IF it finds nothing then, it's a False Positive. It has been documented as such with McAfee users.

BTW , shouldn't this topic be moved to the Antivirus & Security Software forum ??


FLASHORN.

This post has been edited by Flashorn: 11 September 2009 - 04:41 AM

[notpcliterate]

Flashorn, on 11 September 2009 - 04:39 AM, said:

notpcliterate, on 10 September 2009 - 05:27 AM, said:

coastie65, on 09 September 2009 - 03:57 PM, said:

Hi, Ok, download and up www.SUPERantispyware.com & www.malwarebytes.org . Both of these are free and very good. Remove anything that they find. coastie

I downloaded both and they did get the spyware/adware but they did not take care of the virus. They are still there when McAfee did the scan again.

Hey notpc !!


Download Dr.WebCureIt : http://www.freedrweb.com/cureit/ . There's no install so, just double click on the .exe and run it. IF it finds something
have Dr.Web delete it (cure it) then, run the Full scan.

IF it finds nothing then, it's a False Positive. It has been documented as such with McAfee users.

BTW , shouldn't this topic be moved to the Antivirus & Security Software forum ??


FLASHORN.

Flashorn,

Thanks for the reply, I will try it later today and yes it probably should be moved but that is why I chose my name. Sorry - I don't know how to move it. I will let you know what happens. notpcliterate

This post has been edited by notpcliterate: 11 September 2009 - 08:43 AM

[notpcliterate]

notpcliterate, on 11 September 2009 - 08:41 AM, said:

Flashorn, on 11 September 2009 - 04:39 AM, said:

notpcliterate, on 10 September 2009 - 05:27 AM, said:

coastie65, on 09 September 2009 - 03:57 PM, said:

Hi, Ok, download and up www.SUPERantispyware.com & www.malwarebytes.org . Both of these are free and very good. Remove anything that they find. coastie

I downloaded both and they did get the spyware/adware but they did not take care of the virus. They are still there when McAfee did the scan again.

Hey notpc !!


Download Dr.WebCureIt : http://www.freedrweb.com/cureit/ . There's no install so, just double click on the .exe and run it. IF it finds something
have Dr.Web delete it (cure it) then, run the Full scan.

IF it finds nothing then, it's a False Positive. It has been documented as such with McAfee users.

BTW , shouldn't this topic be moved to the Antivirus & Security Software forum ??


FLASHORN.

Flashorn,

Thanks for the reply, I will try it later today and yes it probably should be moved but that is why I chose my name. Sorry - I don't know how to move it. I will let you know what happens. notpcliterate

Flash,
Thanks a bunch!! It took both viruses off. It left the pup on there with the virus name and McAfee will not let me completely remove it. So I "assume" that this is okay. Please let me know if it is not. I have not been on here in a while, do I need to do anything to show you as best answer? Thanks again!

[coastie65]

Hi. In all likelyhood pup is in the system restore files. Turn then off reboot and turn them back on again. This is if it is being shown being in "System Volume Information". coastie

This post has been edited by coastie65: 12 September 2009 - 12:24 PM
Reason for edit: added content

[Flashorn]

Hey notpc !!

Good , I'm glad that it worked. Now, for some reason , I can't access the PDF that you posted. It is some kind of bug from the new forum format so, IF it's possible ,
could you please copy & paste the content of that PDF in your next reply.

Also, if you could copy & paste the content of the Log from MalwareBytes' it might help in identifying the course of action that is next needed.

As for the right answer , I really don't know. Am not too familiar with this new format as we have only been on it for a couple of weeks. I don't tend to worry too
much about that . As long as my advice has helped, well, that's enough for me LOL !

BTW , notpc, what platform are we talking about here (XP , VIsta). I was going to ask you latter to clean out the Old Restore Points but, I can see as I am writing
that our good friend coastie has already mentioned it. But, make sure to Create a new one after you have cleaned out that cache. You could also clean out the
Temps folder .

You can do both at the same time by going to Start > Accessories > System Tools > Disk Cleanup. Click on that and follow and accept the prompts. When you get
the pop-up with the amount of MB that needs to be deleted , click on the other tab. The second tab named "More Options" from which you will see two "cleanup"
buttons . Click on the second one (bottom) . Follow the prompts and all old restore points Except the one you just made, will be deleted.

Now re-scan with Dr.Web BUT, get a new version and delete the old as they are updated everyday , sometimes twice a day.

Post back after you have done the work and tell us how it goes.


FLASHORN.

[notpcliterate]

Hi Coastie,
It is on the system restore drive (D) and so were the viruses. However, sorry but I have no idea what the rest of what you said means. I have rebooted but how do I turn them off and what is the system Volume Info? Sorry but computers are not my thing.

coastie65, on 12 September 2009 - 12:19 PM, said:

Hi. In all likelyhood pup is in the system restore files. Turn then off reboot and turn them back on again. This is if it is being shown being in "System Volume Information". coastie

[notpcliterate]

Flashhorn
I am running Vista here is the Malware log but for some reason I cannot copy and paste the pdf file on here for some reason. I can copy it into Word but it will not let me attach it - any suggestions. Malware did not find the viruses but the drweb did.

Malwarebytes' Anti-Malware 1.40
Database version: 2769
Windows 6.0.6001 Service Pack 1

9/10/2009 6:49:58 AM
mbam-log-2009-09-10 (06-49-58).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 307929
Time elapsed: 1 hour(s), 29 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


I will work on the restore points and the rescan but it took over 9 hours for the scan to work so it will be tomorrow before I can post again after the scan. I will wait a while to start the scan in case there is anything else that you and Coastie think of I need to know (besides how to work on a computer ) Thanks for all the help. notpc

Flashorn, on 12 September 2009 - 12:49 PM, said:

Hey notpc !!

Good , I'm glad that it worked. Now, for some reason , I can't access the PDF that you posted. It is some kind of bug from the new forum format so, IF it's possible ,
could you please copy & paste the content of that PDF in your next reply.

Also, if you could copy & paste the content of the Log from MalwareBytes' it might help in identifying the course of action that is next needed.

As for the right answer , I really don't know. Am not too familiar with this new format as we have only been on it for a couple of weeks. I don't tend to worry too
much about that . As long as my advice has helped, well, that's enough for me LOL !

BTW , notpc, what platform are we talking about here (XP , VIsta). I was going to ask you latter to clean out the Old Restore Points but, I can see as I am writing
that our good friend coastie has already mentioned it. But, make sure to Create a new one after you have cleaned out that cache. You could also clean out the
Temps folder .

You can do both at the same time by going to Start > Accessories > System Tools > Disk Cleanup. Click on that and follow and accept the prompts. When you get
the pop-up with the amount of MB that needs to be deleted , click on the other tab. The second tab named "More Options" from which you will see two "cleanup"
buttons . Click on the second one (bottom) . Follow the prompts and all old restore points Except the one you just made, will be deleted.

Now re-scan with Dr.Web BUT, get a new version and delete the old as they are updated everyday , sometimes twice a day.

Post back after you have done the work and tell us how it goes.


FLASHORN.

[Flashorn]

notpcliterate, on 12 September 2009 - 02:08 PM, said:

Flashhorn
I am running Vista here is the Malware log but for some reason I cannot copy and paste the pdf file on here for some reason. I can copy it into Word but it will not let me attach it - any suggestions. Malware did not find the viruses but the drweb did.

Malwarebytes' Anti-Malware 1.40
Database version: 2769
Windows 6.0.6001 Service Pack 1

9/10/2009 6:49:58 AM
mbam-log-2009-09-10 (06-49-58).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 307929
Time elapsed: 1 hour(s), 29 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


I will work on the restore points and the rescan but it took over 9 hours for the scan to work so it will be tomorrow before I can post again after the scan. I will wait a while to start the scan in case there is anything else that you and Coastie think of I need to know (besides how to work on a computer ) Thanks for all the help. notpc

Flashorn, on 12 September 2009 - 12:49 PM, said:

Hey notpc !!

Good , I'm glad that it worked. Now, for some reason , I can't access the PDF that you posted. It is some kind of bug from the new forum format so, IF it's possible ,
could you please copy & paste the content of that PDF in your next reply.

Also, if you could copy & paste the content of the Log from MalwareBytes' it might help in identifying the course of action that is next needed.

As for the right answer , I really don't know. Am not too familiar with this new format as we have only been on it for a couple of weeks. I don't tend to worry too
much about that . As long as my advice has helped, well, that's enough for me LOL !

BTW , notpc, what platform are we talking about here (XP , VIsta). I was going to ask you latter to clean out the Old Restore Points but, I can see as I am writing
that our good friend coastie has already mentioned it. But, make sure to Create a new one after you have cleaned out that cache. You could also clean out the
Temps folder .

You can do both at the same time by going to Start > Accessories > System Tools > Disk Cleanup. Click on that and follow and accept the prompts. When you get
the pop-up with the amount of MB that needs to be deleted , click on the other tab. The second tab named "More Options" from which you will see two "cleanup"
buttons . Click on the second one (bottom) . Follow the prompts and all old restore points Except the one you just made, will be deleted.

Now re-scan with Dr.Web BUT, get a new version and delete the old as they are updated everyday , sometimes twice a day.

Post back after you have done the work and tell us how it goes.


FLASHORN.

Hey notpc !!

That's fine. If you need any in instructions on How to make a restore point then, just ask. It's very simple and doesn't take much time.
Here is a step by step tutorial on the subject : http://articles.tech...11-6159394.html . This will save you
some time. Just don't forget to Create the Restore Point Before you delete all others along with the Temps files.

As for Dr.Web well , yes it is slow but, very comprehensive so, maybe an overnight thing.


FLASHORN.

[smax013]

notpcliterate, on 12 September 2009 - 09:40 AM, said:

I have not been on here in a while, do I need to do anything to show you as best answer? Thanks again!

This forum software does not really have a "Correct" or "Helpful" answer point system.

The closest it has is the "reputation" system. To use it, use the little green "plus" and red "minus" buttons in the bottom right corner of any post (except your own):



Clicking on the little green plus button will increase that post's (and author's) reputation by one point. Clicking on the little red minus will decrease that post's (and the author's) reputation by one point. I believe you can do up to 10 "pluses" and 10 "minuses" each day.

You can see a member's reputation by going to their profile page or looking them up in the member lists. The posts themselves are where the "real" benefit of reputation can come into play...if you mark a particular post with a "plus" and others do so as well, then that will help "show" that post as being the helpful one...and thus, potentially help others see which post (and author) really helped you.

[notpcliterate]

smax - thanks for the info! notpc

smax013, on 13 September 2009 - 07:05 PM, said:

notpcliterate, on 12 September 2009 - 09:40 AM, said:

I have not been on here in a while, do I need to do anything to show you as best answer? Thanks again!

This forum software does not really have a "Correct" or "Helpful" answer point system.

The closest it has is the "reputation" system. To use it, use the little green "plus" and red "minus" buttons in the bottom right corner of any post (except your own):



Clicking on the little green plus button will increase that post's (and author's) reputation by one point. Clicking on the little red minus will decrease that post's (and the author's) reputation by one point. I believe you can do up to 10 "pluses" and 10 "minuses" each day.

You can see a member's reputation by going to their profile page or looking them up in the member lists. The posts themselves are where the "real" benefit of reputation can come into play...if you mark a particular post with a "plus" and others do so as well, then that will help "show" that post as being the helpful one...and thus, potentially help others see which post (and author) really helped you.

[myloginname]

Hey notpc,

System restore are a great way to keep your computer safe, they've saved me before! I recommend you have a checkpoint daily, and it would also be smart to backup your files, about every month or so. This keeps your important files safe. With the actual anti-virus, I think our fellow members here have really covered it all up. You have McAfee, which should do a pretty good job, of finding MOST malware, and also offering real-time protection. Running other scans like Dr.Web every now and then will almost gurantee you a safe computer. Most of us on PCW recommend MalwareBytes anti-malware, plus SuperAnitSpyware, a great 1-2 combo that works great helping any AV suite like McAfee. Also many use CCleaner, and Dr.Web is great. Just use some of these and your computer should be free of viruses.

[notpcliterate]

trying to get my images on here, no luck.

This post has been edited by notpcliterate: 14 September 2009 - 06:13 PM

[smax013]

notpcliterate, on 14 September 2009 - 06:01 PM, said:

trying to get my images on here, no luck.

How specifically are you trying to do it? The "typical" way is you need to upload the image to some place on the Internet, such as a Photobucket account. And then use the img tags with the link to the image file.