The Artemis Virus: What It Is and How to Remove It

This Trojan can slip through a computer's cracks if you're not careful

An illustration of the Artemis virus infecting a laptop.

Is your computer is running oddly or are files are missing? You might have a Trojan virus and it could be the infamous Artemis.

The Artemis virus was created to attack Windows operating systems, specifically Windows XP, Vista, Windows 7 and Windows 8. It appears that Windows 10 systems typically only receive false positive alerts for this virus but if you see one from your antivirus provider, you should take the proper steps to clear your system anyway.

What Is the Artemis Virus?

While the terms computer virus and Trojan are not exactly interchangeable, when used together you can think of Artemis in terms of malicious software designed to take over your computer system, usually to extort or steal money from you. Fortunately for those it attacks, the Artemis virus is more interested in simply disrupting your computer's activities than in taking your money.

How Does the Artemis Virus Work?

This virus primarily works by restricting what you can do with your own computer. For example, it might prevent you from accessing or making changes to files, or stop you from installing or deleting software. It also contains browser hijacker features, so your web browsing might be interrupted by constant redirects to sites you don't want to see or even an abundance of annoying pop up ads and banners.

For the most part, once lodged onto your computer, this Trojan copies itself to your system and Windows directories, specifically to (but not limited to):

  • %SysDir%\srvrest.exe
  • %WinDir%\dirsys.exe

It also typically adds these registry keys to your system:

  • HKEY_USERS\S-1-(Varies)\ Software\Microsoft\Windows\CurrentVersion\Policies\System

These registry keys in your system tell the Trojan to execute every time Windows starts up. From there, Artemis disables Task Manager, Folder Options, Registry and command prompts with the addition of other values to registry keys. Additional parts of your operating system can be impacted as well.

How Do I Know I Have the Artemis Virus?

You might see warnings for this when running your antivirus program, get blocked from installing games on sites like Steam, or notice constant website redirects. Users who have the Artemis virus have also reported clicking noises or altered page loading times when browsing the internet.

More seriously, you might not be able to install new programs on your computer or remove others once Artemis takes over. If you're not sure you have Artemis, scan your system with a virus scanner.

How Did I Get This Trojan?

You probably obtained Artemis by clicking an email attachment or a link from an unsecure website, pop up ad or banner ad. This particular virus can also be obtained by downloading software from freeware or pirated software sites. In other words, you did something you thought was harmless and Artemis seized the opportunity to freeload on your system.

How Do I Get Rid Of The Artemis Virus?

The biggest problem with Artemis is that it will reinstall itself over and over again if you don't properly delete its core files. That makes it tough to get rid of, but it can be done.

Because removing Artemis involves meddling with system files and registries, you can easily damage your system even more if you're not extremely careful. For that reason, we highly recommend using professional antivirus and malware removal software to eliminate Artemis.

  1. The simplest way to get rid of Artemis is to use reliable antivirus software as well as a malware removal tool. 

    It might take several hours to complete the process, depending on your computer, but your antivirus program will typically offer you options on how best to remove malicious files like Artemis.

    Malware like Artemis can also be deleted via a malware removal tool. There are many different software tools out there but each have the same goal—making it easy to detect malware and delete it.

  2. Remove suspicious add-ons and extensions from your browser if you're seeing odd activities when using the internet. The process varies a little for removing extensions from Safari and disabling extensions in Chrome. And in Chrome, you also have the option to use the Chrome Cleanup Tool.

  3. You can also use System Restore to return to an earlier point on your system before you were infected with the virus. Make sure you select a date when you know you didn't have the virus on your PC. 

  4. As a last resort, you can also reformat and reinstall your computer. It's the best guarantee that you've completely deleted the infected files, but it can take a long time to do and requires a certain amount of knowledge when it comes to knowing how to get your computer set up correctly. 

Before you completely wipe and reinstall your operating system, remember that any files not already backed up will be lost. However, it's important to note that any of those files could be infected with this Trojan and thus re-infect your system when you restore it. If you try to back up files after infection so you don't lose them in a reinstall, you run the risk of simply letting Artemis loose again.

How Do I Avoid Getting a Computer Virus?

There are a few key ways in which you can lower your chances of being re-infected with Artemis (or any other malicious program).

  • Stay up-to-date with your antivirus software and malware protection. Hackers are always creating new ways to thwart antivirus programs so new virus definitions are released regularly to keep your PC informed on what to look for with the latest virus and malware-based threats. 
  • Be careful when downloading new programs. Always know the legitimacy of the source of the programs and apps you download. Even reputable sites will bundle in extra add-ons that you don't require such as Artemis. 
  • Block PUPs. In your antivirus software, turn on the option to detect Potentially Unwanted Programs. That helps you avoid accidentally installing add-ons that you don't want; Artemis is classified as a PUP by most antivirus programs so a reliable antivirus could have blocked it for you.
  • Stick to well known websites. Artemis and other malware can infect your computer through the suspicious websites you might accidentally enter. Clicking on the 'wrong' link can lead to you downloading a program you never wanted. Be wary of websites such as torrenting sites. 
  • Don't click on pop up ads. Resist the urge to click on pop up ads of all kinds. If a site inundates you with pop-up advertisements, leave the site immediately.