Anyone else getting slammed with these VSE alerts? I notice McAfee has updated this exploit in the 6506 DAT update, and since then, our On Demand Scans have been triggering on what appears to be .lnk files. We believe them to be false positive, just wanted to see if anyone else out there was experiencing the same VSE behavior.
You could upload the suspected LNK file to http://www.virustotal.com and see if any other vendor also detects a threat ... this will get you more info if its a false-positiv or not ...
We did this, and 2 out of 48 AntiViruses have identified this as malicious. eSafe and McAfee. We have found this to be not malicious. We are seeing a high number of these events. I believe whatever changes were made during the update of 6506 DAT released on 21 OCT 2011 are causing these to appear.
It would be interesting to see if anyone else is seeing this behavior.
I am getting slammed with this as well, for me it started with DAT 6505. I have daily on demand scans running and it first began detecting this over the weekend. between the 21st/22nd. I have submitted 2 of the .lnk files to McAfee for further evaluation.
Looks like a scan with DAT 6510 results in nothing being found. I downloaded the latest DAT after submitting to Virus Total again and this time McAfee did not detect anything. I still havent gotten the official response from McAfee but more proof that it was a false positive really isnt needed when the files that scanned positive yesterday do not scan positive today after only updating the DAT.