6 Replies Latest reply on May 5, 2010 5:30 AM by SamSwift

    A simple workaround?

      Recently, the Real Time Scan has erroneously quarantined as Trojans a number of NetObject Fusion files siteStyle.xsl that have been installed for years. This disables an important function of NOF. (I found one other person reporting exactly the same problem on the NOF community board.) Have tried the McAfee live chat three times to find out how to exclude the file from being quarantined but got what seemed like scripted (automated?) answers that did not help. Any help would be appreciated...

        • 1. Re: A simple workaround?
          exbrit

          With the home product it isn't possible to prevent objects being quarantined unless they are labelled as PUP's (Possibly Unwanted Programs), a feature we have been asking them to enhance for years now.

           

          Until then follow the guidelines I laid out here: http://community.mcafee.com/thread/2016

          • 2. Re: A simple workaround?

            Peter, thanks for the reply. The erroneous detection name is "JS/Exploit-Script (Trojan)" the file name is "siteStyle.xsl" When I try to send it to McAfee from the restore tab, I get this error msg "This item could not be sent due to a network problem." As per your instruction, I've sent an email to to avertlabs.com--hope this'll help.

             

            Being able to exclude items is a crucial function--surprising that the software does not support it. Did you indicate that the business virsion has it? I see a lot of false-positive incidents on this forum.

            • 3. Re: A simple workaround?
              exbrit

              That submission from within the interface uses a protocol that some ISP's, mine included, block, so the email method is best.

               

              File exclusion has been on our shopping list for years but they keep omitting it from the interface.  It used to be part of the home product years ago and still is part of VirusScan Enterprise.

              • 4. Re: A simple workaround?

                Thanks Peter. Guess now I have to wait for Avert Labs to update the signature file. (Or turn off McAfee.)

                 

                How would I know that they've updated the signatures?

                • 5. Re: A simple workaround?
                  exbrit

                  Did you email them the actual file, zipped and password-protected?  If so they normally auto-reply immediately followed by a human response within 24 - 48 hours.

                   

                  Also there's a chance that one of their staff will spot this thread and act upon it quickly.

                  • 6. Re: A simple workaround?
                    SamSwift

                    Marking as assumed answered due to age of post