Required Reading - Home User Assistance Malware Troubleshooting

Version 10

    So that we can better assist you with your malware issue, please read this document and follow Steps 1-3 before you post.

     

    Step 1: Ensure Windows and McAfee are up to date

    Run Windows Update, and also update on your McAfee software. SecurityCenter must be green and show that protection is enabled. If it is red, please post what item shows not protected.

     

    Step 2: Run Scan and Stinger in Safe Mode With Networking Support

    1. Restart your computer and press F8 repeatedly while booting up. You'll see a boot screen with choices.
    2. Using your cursor keys, select Safe Mode With Networking Support. Your PC will boot in a low resolution state and most processes will not be run.
    3. Go to My Computer (in XP) or Computer ( in Vista / 2007),
    4. Right-click the hard drive and select Scan from the drop-down menu. You'll notice an extra taskbar icon. If you hover over it, it will display a progress report.
    5. After the scan completes, make a note of anything it detected.
    6. Download our free Stinger tool and save it to your Desktop.
    7. Run Stinger.

     

    If you're still having problems, try, the following:

     

    Run the Stinger again, but this time click Preferences and change "On virus detection" to Report Only, set the "Heuristics" level to VERY HIGH, and disable the option to Scan inside compressed files.

    stinger-settings.jpg

     

    Post to Home User Assistance what (if anything) the Safe Mode scan reported, and also paste in the Stinger report.

     

     

    Some of the most common malware we see is referred to as FakeAlert. It looks like valid security software. Please read the articles below for more information on FakeAlert and other Rogue applications:

     

    Step 3: Submit a sample to McAfee Labs

    If you know which file is infected, please upload it using any of the methods described here: How to submit a sample to McAfee Labs.

     

    There is always a gap in protection between when a new threat hits the Internet and a security vendor such as McAfee becomes aware of the threat and and combats it. McAfee uses Artemis technology to narrow that gap, but if we miss something, we must receive a sample of it. It could be a new variant that hasn't been discovered yet. If we have a DAT for it, the automated system will send you that DAT. If we don't yet, your sample will be assigned to a McAfee Labs Engineer for investigation.

     

    Step 4: Remove the Virus:

    Self Virus Removal

    McAfee provides many free tools to assist you. In addition to our Threat Library: http://www.mcafee.com/us/mcafee-labs/threat-intelligence.aspx, where you can find information on thousands of viruses and malware, you can download diagnostic tools here: http://www.mcafee.com/us/downloads/free-tools/index.aspx.

     

    There are also many free tools on the Internet. McAfee urges caution in their use and assumes no liability for problems encountered with them.

     

    Community Support

    Our volunteer moderators and employee advocates are happy to assist you within our best efforts here in the community. Please perform the initial steps 1-3 above and post the reports they generate in your initial thread. That way hopefully, we can get right to the troubleshooting.

     

    McAfee Assisted Virus Removal

    McAfee provides a fee-based Virus Removal Service. Using McAfee remote technology, the Virus Removal specialist can take control of your computer and perform the cleaning while you watch, which can be accessed here:

    http://service.mcafee.com/SpecializedServiceHome.aspx?lc=1033&sg=VR

    If no virus is detected, the fee will be refunded to you.