•
• Infected?

We're your place for tech questions. Join 87596 others, and join the conversation. Ask questions. Find answers. Share your ideas and opinions. Browse our community. You'll find experts who enjoy helping others. Who explain technical issues in a non-technical way that anyone can understand. Create an account today (it's 100% free)!

Create an Account Login to Account

# Artemis!1498db62cea7c [Solved]

52 replies to this topic

### #16 oldman960

oldman960

Forum God

• Classroom Teacher
• 14,608 posts

Posted 07 April 2013 - 03:17 PM

Hi tortoise,

You have 2 antivirus programs installed. This will not give you more protection but rather less as the 2 will conflict and may cause system slow downs or lockups. Microsoft Security Essentials is pretty good. I suggest you keep it and uninstall Lavasoft Ad-Aware.

You have a very old vulnerable version of java installed.

Click on the Start button > Control Panel

• click on the Uninstall a program option under the Programs category.
• If you are using the Classic View of the Control Panel, then you would double-click on the Programs and Features icon instead.
Uninstall the following program

Java™ 6 Update 7

You can get the newest versions of Java from HERE.

Accept the licencing agreement amd scroll down to the bottom of the list. The file you want is jre-7u17-windows-i586.exe .

Next, openOTL.exe
• Under the Custom Scans/Fixes box at the bottom, paste in the following
• Do Not copy the word CODE
• please note the fix starts with the :
:Services

:OTL
O4 - HKCU..\Run: [PIXELA] C:\Users\Linda\AppData\Local\PIXELA\ewdamxaw.dll ()

:Files
C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\L
C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U
C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}
c:\users\Linda\AppData\Local\{9109D45C-21E4-4367-A342-E2B2A824641C}\{216697C5-A77C-43A2-868D-285E6492C602}
c:\users\Linda\AppData\Local\{9109D45C-21E4-4367-A342-E2B2A824641C}

:Commands
[emptytemp]
[createrestorepoint]

Then click the Run Fix button at the top
• Let the program run unhindered
Please post the OTL fix log.

Next

Double Click mbam-setup.exe to install the application.
• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

• OTL fix log
• MBAM log
How's the computer?

### #17 tortoise

tortoise

Authentic Member

• Authentic Member
• 30 posts

Posted 07 April 2013 - 06:07 PM

### #18 oldman960

oldman960

Forum God

• Classroom Teacher
• 14,608 posts

Posted 08 April 2013 - 02:51 AM

Hi tortoise,

The OTL fix log can be found at C:\_OTL\MovedFiles It will have a file name consisting of numbers that reflect the date and time stamp the fix was ran. It will be something similar to 04072013_111009.log . Please copy and paste the contents into your next reply.

The computer still doing ok?

### #19 tortoise

tortoise

Authentic Member

• Authentic Member
• 30 posts

Posted 08 April 2013 - 08:13 AM

### #20 oldman960

oldman960

Forum God

• Classroom Teacher
• 14,608 posts

Posted 08 April 2013 - 08:45 AM

Hi tortoise, How's the computer?

### #21 tortoise

tortoise

Authentic Member

• Authentic Member
• 30 posts

Posted 08 April 2013 - 09:54 AM

It seems to be running less hot. When I first came online, I had the ad noise running in the background. but it stopped after the ad finished and I haven't had it play since. Malwarebytes is stopping svchost .exe every 10 seconds so when the 14 days is up, it will 1000 pages in the log. lol

### #22 oldman960

oldman960

Forum God

• Classroom Teacher
• 14,608 posts

Posted 08 April 2013 - 11:24 AM

Hi tortoise,

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

• Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

• Click the Start Scan button.

• If a suspicious object is detected, the default action will be Skip, click on Continue.

• If malicious objects are found, they will show in the Scan results and offer three (3) options.
• Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

• Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

### #23 tortoise

tortoise

Authentic Member

• Authentic Member
• 30 posts

Posted 08 April 2013 - 12:40 PM

### #24 oldman960

oldman960

Forum God

• Classroom Teacher
• 14,608 posts

Posted 08 April 2013 - 04:16 PM

Hi tortoise, How is the computer? Is MBAM still blocking svchost?

### #25 tortoise

tortoise

Authentic Member

• Authentic Member
• 30 posts

Posted 08 April 2013 - 06:01 PM

No, it has stopped. It was annoying with the box always popping up but now it is gone, I miss it. LOL So far the computer is doing good.

Edited by tortoise, 08 April 2013 - 06:03 PM.

### #26 oldman960

oldman960

Forum God

• Classroom Teacher
• 14,608 posts

Posted 08 April 2013 - 06:26 PM

Hi tortoise,

Looks like there were 2 or 3 of these nasties.

Your system has been infected by one or more Rootkits/Backdoor Trojans.

This may allow hackers to remotely control your computer, steal critical system information and Download and Execute files

I strongly suggest you do the following immediately:
• From a known clean computer, change *all* your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.
• DO NOT change passwords or do any transactions while using the infected computer until it has been cleaned.

Thanks

### #27 tortoise

tortoise

Authentic Member

• Authentic Member
• 30 posts

Posted 08 April 2013 - 07:20 PM

Edited by tortoise, 08 April 2013 - 07:24 PM.

### #28 tortoise

tortoise

Authentic Member

• Authentic Member
• 30 posts

Posted 08 April 2013 - 08:04 PM

### #29 oldman960

oldman960

Forum God

• Classroom Teacher
• 14,608 posts

Posted 09 April 2013 - 05:19 AM

Hi tortoise, Try disabling Ad-Aware before you uninstall it.

### #30 tortoise

tortoise

Authentic Member

• Authentic Member
• 30 posts

Posted 09 April 2013 - 07:58 AM

It worked but I also got rid of Mcafee too. I think Xfinity downloaded it on my desk with I signed up.

### Similar Topics: Artemis!1498db62cea7c [Solved]     x

#### 0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users