1 2 3 Previous Next 79 Replies Latest reply on Sep 17, 2015 7:05 AM by catdaddy Branched to a new discussion.

    Help... Artemis!56C9EF26F88B - ZeroAccess

      Hi, I was wondering if you could help. My computer keeps coming up with the following message:

       

      McAfee detected andatomatically removed a Trojan from your PC. No further action is required.

      Detected:Artemis!56C9EF26F88B (Trojan)

      Quarantined From:C:\windows\assembly\tmp\U\80000032.$

       

      A couple of days ago my firewall stopped working and I could not turn on either the McAfee Firewall and or the Windows firewall, it just kept telling me there was an error. I'm not sure if this message popped up before or after I was having firewall issues. I tried scanning my computer to see if there was a virus stopping the firewall but came up with no results. I ended up uninstalling and reinstalling McAfee to get the firewall working again.

       

      I have done two full scans with McAfee, two full scans using Malwarebytes' Anti-Malware, one full scan using Spybot Search and Destroy, and one full scan using ESET Online Scanner. All of these scans have come back clear.

       

      I am also occaionally now being redirected to other websites in my Firefox brower (sorry I didnt note them down). [EDIT: The site I get sent to is <removed site in case it's malicious> I don't know if these are all related or just bad luck on my part. Is this file dangerous and what do I do to fix this problem?

       

      Message was edited by: lozah on 28/09/11 07:12:29 CDT

       

      Message was edited by: SamSwift - editing subject line on 04/10/11 16:43:37 IST

       

      Message was edited by: SamSwift on 04/10/11 16:44:37 IST
        • 1. Re: Help... Artemis!56C9EF26F88B

          I am having the same problem!

          • 2. Re: Help... Artemis!56C9EF26F88B

            I too am having this same problem.  However, my problems started with Open Cloud Security infecting my computer.  The free Malwarebytes' Anti-Malware removed that.  Since that removal, I have run multiple full scans with the Malwarebytes tool, McAfee, and Spybot Search and Destroy.  All of them come up clean.  The remaining problems are that McAfee occasionally pops up the warning that Artemis!56C9EF26F88B is detected and removed, and my McAfee firewall will not stay up.  Sometimes, right after I reboot, it seems to stay up for a few minutes.  It then gives me a warning that my firewall is down.  When I try to turn it back on, it just tells me that my firewall is down again.  I have not noticed any redirections from my browser, but then I am not using that machine again until I can get the firewall fixed.

            • 3. Re: Help... Artemis!56C9EF26F88B

              Same problem.  Same repeated pop-up of trojan found "Artemis!56C9EF26F88B".

               

              I didn't know my firewall is down until reading these.  It shows as "on" until I click on firewall settings in security center.  There it shows as off.  when I click "turn on" it shows as on for about 1/2 a second and goes back to off.

               

              When I leave the firewall settings, security center shows firewall: on.  And it shows "your computer is secure".  I don't believe either.

              • 4. Re: Help... Artemis!56C9EF26F88B

                I unistalled and reinstalled McAfee and ran a full scan.  It reported a GenericFakeAlert!sc Trojan in C:\Users\<my user name>\AppData\Roaming\Z5sssQJ7dEK8gZh\sysl32.dll.  McAfee reported that the file was quarantined.  I looked in the ...\Roaming directory and found several files with names that started with random letters and ended with OpenCloud Security.ico.  For instance, there was a Z5sssQJ7dEK8gZhOpenCloud Security.ico.  Each of these files also had a corresponding directory with a name starting with the same characters, but they were all empty.  I deleted these files and directories.  Now I'm starting another full scan.

                 

                My firewall still isn't acting right.  The Security Center says that it's on.  The settings show that it's off.  The Security Center also says "Your computer is secure."  I don't believe it either.

                • 5. Re: Help... Artemis!56C9EF26F88B

                  Follow up: I'm now getting notices of ZeroAccess.b!jsp as well.

                  • 6. Re: Help... Artemis!56C9EF26F88B

                    Me too jdl...

                     

                    I am now also getting the following since i first posted this message:

                     

                    Artemis!8EA57E8B69F2

                    C:\windows\assembly\tmp\kwrd.dll

                     

                    ZeroAccess.B!jsp

                    C:\windows\assembly\tmp\U\000000c0.$

                     

                    Generic BackDoor!d2a(Trojan)

                    C:\Windows\assembly\tmp\U\800000c0.$

                     

                     

                    If no one from McAfee or whoever it is that helps people here can comment... even just to say "hold on we're checking into this"... then the only solution I can see is reinstalling windows on my system.. Which I don't really want to do because thats a massive job. But unfortunately I have bills to pay and I can't do that on an infected computer!

                    • 7. Re: Help... Artemis!56C9EF26F88B

                      Wow I didnt know that my firewall was still off too... CRAP!

                      • 8. Re: Help... Artemis!56C9EF26F88B

                        I have run numerous scans using Malwarebytes and Spyware Doctor.  They say my system is clean.  I uninstalled McAfee and installed Zone Alarm to see if I could get any firewall to work.  Zone Alarm seems to work fine, but it will not coexist with McAfee.  I uninstalled Zone Alarm and reinstalled McAfee.  When I run full scans, it says my system is clean.  However, the strange firewall behavior is still there.  Security Center shows that my firewall is on, but if I go to Settings, it says that the firewall is off.  If I click the button to turn it on, it momentarily says that its's on then says that it's off.  Since I don't trust this computer now, I keep the ethernet cable unplugged most of the time.  When I plug it in, McAfee usually pops up a message saying that a Trojan has been quarantined.  Some of the ones that I've seen are Zero Access.b!, Generic BackDoor!d2a, Artemis!56C9EF26F88B and Artemis!8EA57E8B69F2.  All of this happens after full scans have shown no problems.  Wiping the disk clean and starting over might be the only way around this.

                         

                        It seems that we're seeing exactly the same symptoms at this point, but no one else has mentioned OpenCloud Security.  That's where all of my problems started on Friday. 

                        • 9. Re: Help... Artemis!56C9EF26F88B

                          Me too! Come on McAfee! I have the same problems as the others... Should I go back to Norton products???

                          lozah wrote:

                           

                          Me too jdl...

                           

                          I am now also getting the following since i first posted this message:

                           

                          Artemis!8EA57E8B69F2

                          C:\windows\assembly\tmp\kwrd.dll

                           

                          ZeroAccess.B!jsp

                          C:\windows\assembly\tmp\U\000000c0.$

                           

                          Generic BackDoor!d2a(Trojan)

                          C:\Windows\assembly\tmp\U\800000c0.$

                           

                           

                          If no one from McAfee or whoever it is that helps people here can comment... even just to say "hold on we're checking into this"... then the only solution I can see is reinstalling windows on my system.. Which I don't really want to do because thats a massive job. But unfortunately I have bills to pay and I can't do that on an infected computer!

                           

                           

                           

                           

                           

                          Message was edited by: rags on 10/2/11 10:40:46 AM CDT

                           

                          Message was edited by: rags on 10/2/11 11:21:29 AM CDT
                          1 2 3 Previous Next