First off, hello everyone. I hope your day is going well.
Second, I have a bit of a problem and I just cannot find a way to fix it. I've tried looking for the answer and I haven't found any, so I'm hoping I can find an answer here. The other day, McAfee quarantined a file as I was downloading a program, I did not think much of it because I figured I could always get that file back out if I actually needed it or I could just delete it later if it actually posed a threat. I was multi-tasking so I did not get to actually installing the program until today and it turns out, I need that file. So, I opened McAfee and went to the navigation pane, scrolled down to Quarantined and Trusted Items and clicked it, I clicked the expand button on the Quarantined Items and waited.... And waited. And waited. I'm actually still waiting as I write this out. It is not loading.
Looking online, I found the file location for the quarantine items and was able to find the file, yay! Except, not yay because it is in a zip file and I apparently cannot extract it without a password. I turned off Access on McAfee, I still can't extract it without a password. I tried my passwords, no dice. I tried no password, zilch.
I am running Windows 10 on a Samsung laptop, it's around 2 years old. I am also the ONLY user and administrator on this computer.
I really need this file, Please help.
Solved! Go to Solution.
Thank you for that password! It worked. And then McAfee quarantined the file again.
It was not an Artemis infection. It said RDN/Generic.dx!d2v. Which confuses me because there's only one file in that folder that it keeps quarantining and it's not that one.
Yeah, it is worrisome to me too, especially considering that there was only one file - Although, now it's two files- in there. It shouldn't take so long to open with so few files in there, should it?
EDIT: I did look up RDN/Generic.dx!d2v, it says it's a Trojan, but it's not actually in the folder so I'm not sure where it would be.
Follow that link on what to do to prevent it being detected for at least a while and using GetSusp to submit it to the labs automatically. If you enter your email into GetSusp preferences they will notify you of the outcome eventually.
VirusTotal shows that many major anti-virus and anti-malware applications detect it, ESET even calls it a coin miner variant here: https://www.virustotal.com/en/file/12f4f5766652372796628816a10a08a0b912178d73815c8cd65263b73577e577/...
Thank you for your help Ex_Brit. And thank you for taking the time to actually look up the file as well. I think what happened was that because it was a patch file type, a lot of AVs read it as a virus. However, everyone else who has downloaded the program and had the same problem, said that once they got it to work, there was no issue, it was a false positive. I was able to get it to work though, by turning off Real Time Scanning (dangerous, I know, but it was legitimately the only way I could get it to stay in the folder) and using the password you gave me to put it back in the folder, I ran it, finished the installation and turned Real Time Scanning back on, it took the file out again, but the program works now, so it's no skin off my back.
Again thank you so much for your help, I really appreciate it, I don't think I would have been able to get it to work without your assistance!