I'm not sure if others encountered this, but does anyone encountered an alert where .xar files are tagged as X97F/Yagnuul.gen by McAfee?
Here's what I have on McAfee EPO:
Threat Target File Path: C:\Documents and Settings\<username>\Application Data\Microsoft\Excel\~ar53A2.xar\Workbook
Event Category: Malware detected
Event ID: 1025
Threat Severity: Alert
Threat Name: X97F/Yagnuul.gen
Threat Type: Virus
Action Taken: Cleaned
Threat Handled: true
Analyzer Detection Method: OAS
So, I believe tat .xar files are Microsoft Excel files which are generated when Excel do an AutoSave or AutoRecover.
Thank you for your time
Better collect those files and submit to McAfee for review. IF you are sure on these files submit as false detection.