0 Replies Latest reply on Sep 27, 2010 8:58 AM by kire98

    False Positive??



      I had a detection this weekend on a PC.  It detected TDSS.c, but it was located in the Site Advisor directory.  Is this a false positive?  Below is the alert.


      Subject: Malware detected and handled

      Importance: Low


      ePolicy Orchestrator Notification


      Response Name: Malware detected and handled Event Type Name: Threat Defined at: My Organization System Location: GlobalRoot\Directory\Workstations\FMT

      Description: Sends an e-mail notification when "Malware detected and handled" events are received.


      Time: 09/26/10 03:17:35 UTC

      Number of events: 1

      Username: SYSTEM

      Hostname: XXXXX

      Source IPV4 addresses: XXXXXXXX


      Threat Names: TDSS.c

      File Name: c:\Program Files\McAfee\SiteAdvisor Enterprise\RepairCache\Data1.cab\MCSACINS.DLL

      Action Taken: deleted

      Detecting Product Names: VirusScan Enterprise