1 2 Previous Next 11 Replies Latest reply on Oct 18, 2010 12:33 AM by RalphB

    exclusions

      can you exclude a file or folder in Mcafee?
        • 1. RE: exclusions
          exbrit
          Not from a scan, but if something is detected in error see http://community.mcafee.com/showthread.php?t=228162

          You used to be able to do that but they took away that ability for security reasons a few years ago. It's only available in the corporate products now.

          The only time it is possible is if something is detected as a PUP - possibly unwanted programme and even then not always, depends on the programme.
          • 2. RE: exclusions


            well I have a forum of about 4000 or better & alot using Mcafee & it detects a file that I know for a fact (jotti's) is a false positive (actman.dll) but with out this file the games will not run & what am I to tell the forum members chg AV's?, I'd rather give them a simple answer & FWIW these guys just like their game & some are not computer savy so please give me an easy answer...
            • 3. RE: exclusions
              exbrit
              I've already given you a link to the procedure to follow. All it will take is one submission hopefully. If several people do it then all the better.

              This sort of thing can happen with any protection software, especially nowadays with high security being the buzzword.
              • 4. RE: exclusions


                I'll copy & paste your smart answer to the forum maybe than they'll understand why they should not use Mcafee, I get it for free at comcast but buy another because of poor customer service. FWIW you guys need to include exlusions if you don't recognize the fact that false positives occur & people can't hop threw hoops maybe that's why you standing in the av world is what it is, thanks again have a nice day...
                • 5. RE: exclusions
                  exbrit
                  I, like everyone else here, am an unpaid volunteer and really don't care what you do. Obviously anything involving work isn't one of them.

                  What do you expect us to do here, wave a magic wand?

                  I explained to you quite courteously what to do and you chose to be rude, so be it.
                  • 6. RE: exclusions
                    Please except an applogy from me for whoever it was that posted this. I am also a member of the forum of which he spoke...Strat-Fan-Forum who uses the Strat-o-Matic game. I'm not sure who he is here as his ID isn't the same one he uses on the forum. He was rude and then wonders why he doesn't get help???

                    Let him try the same tactic on the other forum and he'd be booted as it is strictly moderated.

                    I do wonder why McAfee decided to remove the feature allowing exceptions from their program and sites it as a security risk...Norton does allow it so it must not be that much of a risk. I also wonder why it is that only some computers/configurations flag the ACTMAN.DLL file as a trojan. No matter what version of McAfee product you are using shouldn't the same virus .dat file be used if you get updates automatically?

                    Strat-o-Matic even went to the trouble of changing their .dll file when this happened earlier in the year because they didn't want to wait on McAfee to fix the problem. Now with a recent update to their .dat files it has started again. If I'm correct in my assumtions the .dll file would contain code or lines of code that normally would be contained in a virus...so if lines of code in a legitimate file trigger this what or who is responsible...does McAfee fix it because they update all the time or does a game or program maker do a patch?

                    thanks again


                    • 7. RE: exclusions
                      exbrit
                      Hi and thank you for the apology which of course I accept. Pity you had to do it for him/her.

                      I would assume game developers are aware that certain games are caught from time to time by anti-virus softwares and know where to go at a corporate level to get it fixed. However it helps a great deal if people submit their own samples as I have known a patch be issued within 24 hours when I've submitted false positives.

                      About 3 version back VirusScan had that ability (to exclude files or folders), the corporate version still has it. We have begged over and over again for them to re-introduce it and obviously it has been given a very low priority because they do normally listen to us Moderators. We also test new products prior to any public beta so input plenty at that stage.

                      If enough of you submit the same thing Avert labs will have to sit up and listen.

                       

                      How To Submit A Sample From Quarantine

                      You should go to the Restore tab in Security Center and make sure that it is forwarded to the Threat Center (Avert Laboratories) as, if it is harmless, it will then be excluded from the database automatically.


                      To submit the file outside Security Center...

                      First disable VirusScan:

                      To temporarily turn off VirusScan do the following:

                      Double-click the taskbar icon to open Security Center
                      Click Advanced Menu (bottom left)
                      Click Configure (left)
                      Click Computer & Files (top left)
                      You can disable VirusScan in the right-hand module and tell it for how long.

                      Then click the Restore button (left & assuming it was quarantined) & restore the item.

                      Send the file to Avert for analysis:
                      http://vil.nai.com/vil/submit-sample.aspx
                      or
                      https://www.webimmune.net/default.asp

                      or (the easiest way)

                      Email file to: [EMAIL="virus_research@avertlabs.com"]virus_research@avertlabs.com
                      When submitting samples via E-mail all samples must be packaged in a .ZIP file. When creating this .ZIP file, it is important to understand that the .ZIP can be no more than 3 megabytes in size and can contain no more than 30 files. Additionally, any .ZIP file created must be password-protected using the password "infected" (minus the ""). Failure to follow these guidelines will cause your submission to be rejected.

                      If the final email response is not favourable, reply to it, keeping headers intact, and they will investigate further.


                      • 8. RE: exclusions
                        Hi,

                        I did send in the actman.dll file to webimmune. It of course was inconclusive so it was forwarded then to the labs. I am waiting now for thier response.

                        Nobody still has addressed yet why some computers using McAfee flagg this file and some others don't. I'll ask again...do all McAfee products use the same .dat files when scanning? Or do different versions of their products use different .dat files and signitures?

                        thanks again for all your help.

                        • 9. RE: exclusions
                          exbrit
                          As far as I know they all use the same DAT's but some people may have heuristic detection turned on and others may not.

                          It's a bit complicated to go into it in detail, let me see if I can find a sticky post about it, I'm sure I saw one somewhere.

                          I'll post again.
                          1 2 Previous Next