When a major virus is discovered, and extra detection is required, an EXTRA.DAT file is made available until the normal VirusScan update is released.ĮXTRA.DATs can be downloaded from the the Newly Discovered Threats page, the Recently Updated Threats page, or the Removal Instructions section of the description for the major virus. Summary: This document will explain how to apply an EXTRA.DAT file.Īffected Suites: Affected Products: Affected Operating Systems:ĮXTRA.DAT files contain information that is used by VirusScan to detect new viruses. I have the Home/Home Office edition, and after a lot of hastle managed to get the following advice from McAfee Thanks for the info but the link detailing how to install EXTRA.DLL only applies to the Enterprise edition of McAfee. If you were a complete unknown and LBC was your first release, you'd be waiting a long long time. It means they think you are important enough to the world of software to do so. Mouser, consider yourself lucky that they responded and issued any kind of fix at all. I wish I could have left the original on the site, but McAfee doesn't care about fixing their crap to protect the reputation of an unknown beginning coder. Sad, really, because to this day I feel the original is the better version. What ended up happening is another member of my group created their own version of the utility, an almost clone of the original, and we replaced the one on the site with that one. This kid had no idea what in his code could have set off the false positive so he had no idea how to fix it. I sent a copy of the file to McAfee, along with the source, and never heard from them about it beyond an email confirming that I had sent them the file and that they would look into it. All of them had something in common.they were all McAfee users. There was nothing wrong with it.it was clean.Ībout a week later, people came flooding into the chatroom accusing my group of releasing malware, and this kid in particular. The attitude of the antivirus vendors is that a false positive is better than a false negative, and to a certain degree I would have to agree with them on that, but when a certain particular antivirus has a track record of more false positives than just about any other and it's a big name that is trusted & used by so many, it creates a situation where users believe the alerts and it can ruin a coder's reputation in a single day, especially a young one that hasn't released much yet.Ībout 3 years ago, a kid from my chatroom that was just learning C created a really cool little utility and I released it on my group's site. How possible is it that most antivirus vendors only issue protection from new threats once a week and spend the rest of the week issuing fixes for all the false positives from them? Sometimes I wonder about these daily updates issued by most antivirus vendors. Here are the reports for a file that McAfee started alarming on today: If your antivirus is the only one that detects something then chances are it's probably a false alarm. If you get a virus alert one thing you can do is visit a few of the very cool free websites which will scan the file using a wide variety of different antivirus engines. In cases where a brand new update detects something, it should be a no-brainer that the user should be told a little more about the possibility that it's a false alarm, and given more help and information for how to figure out if the threat is real. I've complained a lot in the past about the failure of antivirus tools to usefully inform users when some new detection is more of a guess than a sure thing. If you ever get a virus alert, you should know that it is very common to get false positives from over-aggressive antivirus tools which aren't very concerned about falsely identifying something as a virus.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |