Dafuq McAfee?

[Travis Retriever]

So After I did my virus scans and stuff, I figured I'd back up my computer's HDD.  After it was stuck at 12% for a while, it jumps to 50% ish, and I get a warning from McAfee antivirus saying that it's found a trojan by the name of:      Artemis!7C45228EE906
Quarantined from:
Yeah, it left that above field blank.
It then says it was on a shared folder on my computer's network (dafuq?  I don't recall sharing any folders around this network) wherein it asks to for full access as it can't remove the Trojan otherwise...well, gee, would be easier if they gave me a file name or at least a folder name/location what have you so I'm not groping in the dark.  After searching around my computer for this, Artemis thingie, then clicking on it with it on brought me to McAfee's site where it searched for it and had zero results...okay.
Finally, I try Google and everytime it only gives me one result:  https://www.virustotal.com/en/file/9fe31ae7e4ae516ba68405166338a1b4ef69da420f6f8082b127e4783b9a779a/analysis/
So I check out the file name they listed:  img2nets.exe
Okay, *now* we're onto something.  The file in question?  It's some file created in 2004 used by a program called Minitab14 I once used in a Statistics class.  I do a Google Search of the file name, and no talk at all of viruses or trojans, etc. Though judging by the sight I linked above on virustotal.com it does look like it was a recent update to McAfee.

So did McAfee make a mistake?  If not, what the hell is going on?

[dallen68]

Here you go:

http://smallbusiness.chron.com/erase-artemis-virus-50865.html

[Travis Retriever]

So I just tried that.  I started in safe mode, and went the places he said to.  In the first two's cases, the \tmp folder didn't exist nor did the \tmp\u folder.  The third one did, but when I searched for .exe nothing had random numbers on it.  And I've already done 2 full system scans today.

[dallen68]

So I just tried that.  I started in safe mode, and went the places he said to.  In the first two's cases, the \tmp folder didn't exist nor did the \tmp\u folder.  The third one did, but when I searched for .exe nothing had random numbers on it.  And I've already done 2 full system scans today.

Then it's a false positive, which McAfee says does happen periodically.

[MrBogosity]

They're pretty much all bad about false positives lately. They're trying to be preemptive and stopping new viruses from spreading around before they can deliver the updates, but there are just so dang many of them I think it's time for a rethink. People are going to start going, "Ah, it's just another false positive," making the whole thing useless.

[Travis Retriever]

They're pretty much all bad about false positives lately. They're trying to be preemptive and stopping new viruses from spreading around before they can deliver the updates, but there are just so dang many of them I think it's time for a rethink. People are going to start going, "Ah, it's just another false positive," making the whole thing useless.

Yeah. To be sure I downloaded Malwarebytes and Spybot Search and Destroy.  I ran the updates on them, and let them scan overnight.  When I got back up MWB found 2 things and Spybot S&D found 55 things (though it also included things like cookies and history too).  So far my computer hasn't exploded yet, so there I go.

And yeah, I wouldn't be surprised if Norton/McAfee have a broken model too; just like MS.

[Travis Retriever]

People are going to start going, "Ah, it's just another false positive," making the whole thing useless.

If John Cheese is to be believed in his articles about fixing computers, it sounds like some people have already started.  I know I have myself to an extent.
After getting fed up with the software that lets me download YouTube videos, I searched around and found out that you can add "ss' before the word "youtube" in the video's URL and it will take you to a place you can download it without hassle via a site called save.net.  But for some reason both my(and Hawkeye's) anti-virus labeling it as an attack site.  Yet I've used it safely for months without a single problem.

* For example, take this video by Shane:  https://www.youtube.com/watch?v=Tp5VyklK4Nw  and I can download it like so: https://www.ssyoutube.com/watch?v=Tp5VyklK4Nw

[Travis Retriever]

So an update, after trying to backup my files again, the same shit happened.  Apparently it happens whenever Windows Backup gets to the 32 bit (x86) program files for Minitab14 (it has the name of the file that it seems to think is a Trojan according to my research).  McAfee flips the fuck out thinking it's a trojan, and the non of the rest of the files--other programs, music, videos, school documents, etc-- are not backed up.  I figured I'd try disabling it via Windows Task Manager, but it gives me bullshit of "Access Denied"  Fuck you McAfee.

I also tried disabling the autoscan/real time scan feature thing for the time being.  Ugh.  Gods, I hope that works.

[tnu]

I myself have a habit of never assuming false positive  as I am absolutely paranoid of my Computor's Security.

[dallen68]

I'd like you to try launching minitab.

What I want you to do is tell me if you see this:

1. "The file minitab14_reg_asm_lic_1_0_62.dll is missing."
2. "minitab14_reg_asm_lic_1_0_62.dll Not Found."
3. "Cannot find minitab14_reg_asm_lic_1_0_62.dll."
4. "Cannot start minitab14_reg_asm_lic_1_0_62.dll Module. A required component is missing: minitab14_reg_asm_lic_1_0_62.dll. Please install the application again."
5. "This application failed to start because minitab14_reg_asm_lic_1_0_62.dll was not found. Re-installing the application may fix this problem."

[MrBogosity]

If John Cheese is to be believed in his articles about fixing computers, it sounds like some people have already started.  I know I have myself to an extent.
After getting fed up with the software that lets me download YouTube videos, I searched around and found out that you can add "ss' before the word "youtube" in the video's URL and it will take you to a place you can download it without hassle via a site called save.net.  But for some reason both my(and Hawkeye's) anti-virus labeling it as an attack site.  Yet I've used it safely for months without a single problem.

I just checked it out: the reason you're getting a warning is because the SSL certificate was issued to savefrom.net but the url is ssyoutube.com. So your browser or antivirus thinks the connection might have been hijacked by someone else. If you know that the people behind savefrom.net are the same people who do ssyoutube.com, then you should be able to make an exception.

[Travis Retriever]

I just checked it out: the reason you're getting a warning is because the SSL certificate was issued to savefrom.net but the url is ssyoutube.com. So your browser or antivirus thinks the connection might have been hijacked by someone else. If you know that the people behind savefrom.net are the same people who do ssyoutube.com, then you should be able to make an exception.

Which is what I *did* do months ago when I found out that trick to download youtube videos without installing some suspicious piece of software on my system.