I have a feeling this is VSE or other, not Home and Home Office Products...I will move it if you indicate what product this is.
1 of 1 people found this helpful
Hi Ex_brit, yes I think your right I noticed after I had submitted.
The product is Mcafee Virus scan for Sun Sparc Version 220.127.116.119
AV Engine Version 5400.1158
Was trying to find whether anybody else has the same problem almost 100% sure it is a false positive and was after confirmation and whether I need to report to Mcafee.
Please move as appropriate appreciated.
Moved it to VirusScan Other for better attention. Someone will come along from the Business Community with more knowledge than I soon hopefully.
We noticed a huge number of false positives after testing 6282. Our system runs AIX 5.3. No response yet from McAfee.
We have hit the same issue. A lot of *.exe files are showing as infected. We compared one file to a version a couple of years old (burned to DVD on Dec 2007), and they appear to be identical. The virus scanner says the old version has the virus as well, which I find dubious. I have tried Microsoft Security Essentials scan and it did not find any issues, although it may not detect this particular trojan. Also scanned with Norton, and no issues there either. We are running Redhat Linux uvscan 18.104.22.1689, dat file 6284 created March 13, 2011. This is our first scan with this dat file.
Ran a McAfee VirusScan Enterprise 8.5.0i, Dat 6284.0000, March 13, 2011 against the same files, from Window's XP OS, and found no issues. Same DAT file, different engine, and OS, inconsistent results.
Thanks Everyone I think this is a false positive, Not sure the way forward but will try and report to Mcafee to see if I can find out why?
These files are downloadable by the public so our customer is pretty concerned.
EX-brit Thank your move has confirmed what I was thinking.
I have the same problem and now more than 500 of my files have been renamed.
What's the status of this isseu. This is very annoying !
I've pinged McAfee Labs about these reports to be sure they are aware and they are already looking into it.
If anyone's willing to link a verbose scan report to this thread that shows these detections i think it'll help the McAfee Labs peeps.
e.g. (the file base64-1.3.tar.gz is from 2003 and has not been changed since)
root@xxxx werner]# /usr/local/uvscan/uvscan -r --summary --noboot --secure --ignore-links base64-1.3.tar.gz --verbose
McAfee VirusScan Command Line for Linux32 Version: 22.214.171.1246
Copyright (C) 2010 McAfee, Inc.
(408) 988-3832 LICENSED COPY - September 03 2010
AV Engine version: 5400.1158 for Linux32.
Dat set version: 6285 created Mar 14 2011
Scanning for 656989 viruses, trojans and variants.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/COPYING ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/INSTALL ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/Makefile.in ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/README ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/b64.gif ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/base64.1 ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/base64.c ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/base64.exe ... Found the PWS-SpyEye!env.a trojan !!!
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/base64.pdf ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/base64.w ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/config.h.in ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/configure ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/configure.in ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/getopt.c ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/getopt.h ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/index.html ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/install-sh ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/rfc1341.html ... is OK.
/home/werner/base64-1.3.tar.gz/base64-1.3.tar/rfc1341.txt ... is OK.
/home/werner/base64-1.3.tar.gz ... is OK.
Summary Report on /home/werner/base64-1.3.tar.gz
Total files:................... 1
Not Scanned:................... 0
Possibly Infected:............. 1