I might have to ping a technician to answer that question as we are never told how the inner workings of the software function, but I would assume, as a .jar file is like a zipped file, your would have to physically ask the on-demand scanner to scan the file. It would then unpack the compressed file and hopefully would then detect whatever it was.
Sorry I just re-read your post. You did actually do that and it wasn't detected. OK I will ping a technician.
Can you advise what area you are in please?
As Colleague Ex_Brit stated, we are never well-versed, if you will. On the inner workings of the Software. Out of curiosity, you said you Downloaded the latest 'Trial Version' of McAfee LiveSafe. Is your McAfee Security Center v13.6.1529?
For there is a New v14.0.207 being slowly throttled out to Consumers as we speak. Not that it makes a difference in regards to your questions. However, there has been some enhancements to the New Version. What all that includes I am not certain?
Thanks for responding. My McAfee SecurityCenter version is 13.6 (build: 13.6.1347) and the McAfee Anti-virus and Anti-Spyware version is 17.6 (build: 17.6.481). I downloaded this copy earlier this week from McAfee Virus Removal Service - Remove viruses, trojans, malware from your PC | McAfee, the page that is linked from "Free trials" on the McAfee home page. I've just downloaded a fresh copy today and it appears to be the same version.
If you want me to get a tech to post here, I need to know where you are in the world.
Thanks for checking. I'm sorry but I did not understand your question. Here are the steps I've followed so far:
- I downloaded and installed the trial version of McAfee LiveScan from McAfee Virus Removal Service - Remove viruses, trojans, malware from your PC | McAfee
- I downloaded password protected files containing malware from malware-traffic-analysis. net onto my system and unzipped them
- Some JAR files were sanitized (all bad class files were removed except for the clean MANIFEST file) by the real time scan
- A lot of malware JARs were untouched by the real time scan
- I then did a right click scan on the directory containing all JARs containing malware (none of these are password protected, by the way)
- This action caught some others that escaped the real time scan, but it still let some others go undetected
- When I submitted these files to McAfee (virus_research@), I received an automated reply indicating some of the class files in the JAR were already known to be malware
- I waited for a couple of days, thinking these might have been fresh signatures that weren't "live" yet but these aren't being detected even after a week.
At this point, I'm not sure why the scanner is not detecting these samples despite having signatures for them. I've checked the default settings but there isn't any exclusion defined.
Edit: I'm located in the United States.
We are only Customers like you so have no idea why things are happening the way they are. I was asking where you were so as to get local-based tech person to help you here in the forums.
Meanwhile it would help him to have any ID numbers the labs sent to you so if you have any please post them.
I have no idea when he will be available but have emailed him so hope it's soon.
Thanks for getting in touch with a technical person from McAfee. Here are a few report IDs: 9317519, 9317525