Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

new Mcafee hit on Generic!Artemis; real or not


  • Please log in to reply
3 replies to this topic

#1 RU42

RU42

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 06 March 2009 - 10:28 AM

Greetings All!

Yesterday McAfee updated and then this morning I wake up to a potentially unwanted program. Mcafee lists it as Generic!Artelis. I am wondering if this might be a false positive based on the heuristics scan. McAfee says the problem is:

File Name: C:\System Volume Information\_restore {4e015214-6BB0-4181-B365-456CF1DEC069}\RP110\A0020916.DLL

The location of the infected file is what is making me think this might be a false positive.

Anyone have any ideas? How can I confirm if this is a real problem or not.

Thanks for the help!

RU42

BC AdBot (Login to Remove)

 


#2 rigel

rigel

    FD-BC


  • BC Advisor
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:09:21 PM

Posted 06 March 2009 - 11:23 AM

That file is in your system restore. Let's flush that and then scan again.

Create a New Restore Point[/b] to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok"
  • Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" Tab.
  • Click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith


#3 RU42

RU42
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 06 March 2009 - 06:48 PM

Thanks for the help. I followed the steps and then ran another fulls can and nothing came up this time.

Thank you very very much!

RU

#4 rigel

rigel

    FD-BC


  • BC Advisor
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:09:21 PM

Posted 06 March 2009 - 07:54 PM

You are welcome... Take care!

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users