1. Manuals
  2. Brands
  3. McAfee Manuals
  4. Software
  5. VIRUSSCAN 4.5 -
  6. Administrator's manual

Understanding False Detections - McAfee VIRUSSCAN 4.5 Administrator's Manual

Hide thumbs
Table of Contents

Advertisement

Removing Infections From Your System

Understanding false detections

A false detection occurs when VirusScan software sends a virus alert message
or makes a log file entry that identifies a virus where none actually exists. You
are more likely to see false detections if you have anti-virus software from
more than one vendor installed on your computer, because some anti-virus
software stores the code signatures it uses for detection unprotected in
memory.
The safest course to take when you see an alert message or log entry is to treat
it as a genuine virus threat, and to take the appropriate steps to remove the
virus from your system. If, however, you believe that a VirusScan component
has generated a false detection—it has, for example, flagged as infected a file
that you have used safely for years—verify that you are not seeing one of these
situations before you call Network Associates technical support:
• You have more than one anti-virus program running. If so, VirusScan
components might detect unprotected code signatures that another
program uses and report them as viruses. To avoid this problem, configure
your computer to run only one anti-virus program, then shut the computer
down and turn off the power. Wait a few seconds before you start the
computer again so that the system can clear the other program's code
signature strings from memory.
• You have a BIOS chip with anti-virus features. Some BIOS chips provide
anti-virus features that can trigger false detections when VirusScan
software runs. Consult the user's guide for your computer to learn about
how its anti-virus features work and how to disable them if necessary.
• You have an older Hewlett-Packard or Zenith PC. Some older models
from these manufacturers modify the boot sectors on their hard disks each
time they start up. VirusScan components might detect these modifications
as viruses, when they are not. Consult the user's guide for your computer
to learn whether it uses self-modifying boot code. To solve the problem,
use the VirusScan Command Line scanner to add validation information to
the startup files themselves. This method does not save information about
the boot sector or the master boot record.
• You have copy-protected software. Depending on the type of copy
protection used, VirusScan components might detect a virus in the boot
sector or the master boot record on some floppy disks or other media.
If none of these situations apply, contact Network Associates technical
support or send e-mail to virus_research@nai.com with a detailed explanation
of the problem you encountered.
76
McAfee VirusScan Anti-Virus Software

Advertisement

Table of Contents
loading

Related Manuals for McAfee VIRUSSCAN 4.5

Related Content for McAfee VIRUSSCAN 4.5

Table of Contents