McAfee False Positive
Results 1 to 4 of 4

Thread: McAfee False Positive

  1. #1
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192

    Unhappy McAfee False Positive

    Ooops!

    IT admins across the globe are letting out a collective groan after servers and PCs running McAfee VirusScan were brought down when the anti-virus program attack their core system files. In some cases, this caused the machines to display the dreaded blue screen of death.
    Article here:

    http://www.theregister.co.uk/2009/07...sitive_glitch/

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  2. #2
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Ouch.

    Sounds familar to when Panda detected windll in vista machines as malware
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  3. #3
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    Sounds familar to when Panda detected windll in vista machines as malware
    I think most of the major AV suppliers have had similar experiences in the past few years.

    I know that there is a lot more pressure to respond rapidly to malware updates these days but this does suggest a degree of sloppiness both on the part of the vendors and the users?

    Attacking some obscure or obsolete application is one thing, but screwing up the operating system is quite different. It doesn't take long to install on a reference machine and see if the OS and common applications still work

    If the AV brings down the OS, then it sounds as if it was set to either delete or quarantine suspect files.

    I wouldn't run an AV if it didn't have the option to "ask" rather than act

    Incidentally, I noticed that the free version of Avira has the option to set the scan "paranoia" level. It warns you that if you set it to "high" you may well get false positives. I thought that was a nice little touch.

    I also like the Malwarebytes' automatic rescanning of the quarantine folder to see if anything in there has now be reclassified as OK.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  4. #4
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    I also like the Malwarebytes' automatic rescanning of the quarantine folder to see if anything in there has now be reclassified as OK.
    Thats a nice touch...
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

Similar Threads

  1. Any Help Would Be Appreciated - hijackthis log
    By CONWAYPOET in forum Spyware / Adware
    Replies: 4
    Last Post: August 16th, 2006, 02:39 AM
  2. Real or false positive?
    By Falcon21 in forum Spyware / Adware
    Replies: 10
    Last Post: May 11th, 2005, 07:31 AM
  3. MS-SQL_NullPacket false positive ??
    By elmurado in forum Newbie Security Questions
    Replies: 3
    Last Post: October 26th, 2004, 10:55 AM
  4. A look into IDS/Snort Whole thing by QoD
    By qod in forum The Security Tutorials Forum
    Replies: 6
    Last Post: February 27th, 2004, 02:03 AM
  5. A look into IDS/Snort part 1 of 3
    By qod in forum The Security Tutorials Forum
    Replies: 18
    Last Post: January 5th, 2004, 01:30 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides