cancel
Showing results for 
Search instead for 
Did you mean: 
geewhiz1953
Level 7

Artemis!1BF005160D6C ??? help?

HI

Anyone have any idea about this so called trojan? mcafee pops up every minute or less saying it has quarantined this Artemis trojan, from windows installer. Find it odd, widows keeps trying to redo the same net frame udates  over and over no matter how often it downloads them. exact message is quarantined from c::windows\installer\ f55c44aec-ofbc and it doesnt stay up long enough to get the rest of it...driving me crazy....

Ive scanned with spybot s and d, malwarebytes, found nothing...any help would be appreciated

0 Kudos
2 Replies
Peacekeeper
Level 20

Re: Artemis!1BF005160D6C ??? help?

Can you submit the file asap as per

http://vil.nai.com/vil/submit-sample.aspx

When theyy reply reply back to teh email changing the subject to false +ve and name of detection. In body of teh email say where you got teh file and post the analysis ID here.

I will alert a tech I know that there might be a false +ve with MS updater

The file should be in the quarantined area (navigation then  quarantined and trusted items area)

0 Kudos
showvik
Level 12

Re: Artemis!1BF005160D6C ??? help?

Hi,

We detect this as ZeroAccess.ee with current DATs. Update the product and run a full On Demand Scan to clean the infection. A restart may be necessary to complete the cleaning procedure for the detections occurred during the On Demand Scan.  If the issue still persists, try these McAfee tools in the following order:

Rootkit Remover:

http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-too ls/rootkitremover.aspx

Stinger:

http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-too ls/stinger.aspx

Please ensure that Rootkit scanning is enabled under the Preferences tab for Stinger. You may set the sensitivity level to Very High if you would like it to detect more malware heuristically.

Restart the system.

Update the product to latest DATs(check if the update completes successfully) and perform a full scan to ensure there are no more infections.

Regards,

Showvik

0 Kudos