I am a complete newbie at posting on here so please forgive me in advance if I don't provide all the info needed, as I'm not even sure what that is. Anyway, my problems started 2 days ago. I was on a "safe" site that I visit on a daily basis when I got a pop-up from McAfee stating something to the effect of that it had detected something regarding outbound connections (again, I apologize, as I know this is totally vague but it has never happened to me before and it occurred very quickly) I was confused to say the least and attempted to click for McAfee to block, however, my computer completely froze and my monitor went black. I could not get the computer to respond at all, so I had to end up unplugging it and then plugging it back in. At this point, I attempted to start the computer in normal mode and Windows crashed again and I recieved a message about a hard drive failure and that System Restore was going to attempt to restore my computer to a point when it was working properly. After that, Windows did begin to run again and I immediately ran a McAfee full system scan. By the way, I am running Verizon Security Suite powered by McAfee on my computer. When the scan was complete, McAfee said that it had found the trojan Artemis!F9A0D701FD2C and quarantined it. I was still nervous so I went to Microsoft.com and ran their free virus scan which came back clean. After that I ran another full system scan with McAfee, which also came back clean. However, yesterday morning I decided to run one more scan to be safe and again, McAfee reported that it had found and quarantined Artemis!44ADE55E2F2D. Afterwards, I went in and deleted both files from quarantine ( I realize now that I should have probably sent them to McAfee). I've been reading a lot of the discussions on here and I'm wondering if these are malicious or false positives and also, how I can make certain that my computer is clean if they are malicious. Thanks, in advance, for any help that you can give.
Thank you for your report !
We've checked the files detected as Artemis!44ADE55E2F2D and Artemis!F9A0D701FD2C and they are now currently detected as "FakeAlert-SysDef.b" and "DNSChanger.cq.a", respectively. The files are indeed malicious and these are accurate detections.
In the future, please feel free to send us a copy of suspicious files to firstname.lastname@example.org for further analysis . The files must be in a password-protected ZIP file (password - infected), not greater than 3 MB of size.
Please make sure your both Engine and DAT files are up to date. For FakeAlert variants, you can also refer to https://community.mcafee.com/thread/36896 for downloading our standalone scan tool – FakeAlert Stinger.
Hope this helps.
Thank you so much for your reply and also for taking the time out to research those items for me! Since the time that I wrote that message, I have been running full system scans daily and also, added Hitman Pro to my computer and every scan has come back clean. Should I take that as a sign that the trojans were removed? Also, how do I make sure that my engine and dat files are up to date? I have my Mcafee system set to automatically update itself daily and when I ran a manual update check, it said that everything was up to date. Is that enough or is there something else that I'm supposed to be doing?
Thanks again for all of your help!!
Updating the dat files daily is best practice to keep your system clean, also you should update your operating system and other software used such as adobe reader etc regularly. This will prevent your machine to open up to known vulnerabilities.
Apart from that you may try getsusp tool time to time. It collects possible malicious file (not necessarily malicious) from the system and can be send to mcafee labs for analysis.
getsusp tool here <https://community.mcafee.com/message/148081#148081>
Thanks Nitin for picking up on this !
@beachinit - you're welcome ! You can certainly follow the suggestions provided by Nitin for better prevention of malware.
I do not know what's the AV product version you are using, but you may check for your DAT and Engine versions/updates by right-clicking on the McAfee icon (Taskbar) and select "About". There you will be able to confirm if your DATs and Engine are up to date.
Feel free to download our standalone scan tool - FakeAlert Stinger (https://community.mcafee.com/thread/36896) - whenever you need to search for possible new variants of FakeAlert.