McAfee Inc. © 2007
Hardware Support v1.4 User Guide
Page 23
Malware Identification
If you suspect that your system has been compromised by a virus then it is recommended
that you submit the infected file for verification.
Submitting Virus Samples
If you believe that your computers have been infected with a virus, but the virus is not being
detected by a McAfee product, a sample can be submitted for analysis by McAfee’s Avert
response team at the following URL:
http://vil.nai.com/vil/submit-sample.aspx
WebImmune is the preferred method to submit samples to Avert as it provides the fastest
turnaround time on sample reviews, and provides historical information of all samples that
you have submitted. By accessing the WebImmune website and creating a free account you
will be able to upload files directly to Avert's automated systems for review. If the automated
system is unable to determine a threat exists then the issue will be escalated to Avert
Analysts.
http://www.webimmune.net
More information about WebImmune can be found at
https://www.webimmune.net/faqs.asp
This was the first Internet virus security scanner that resides on the web. It is available
24/7/365, and enables you to receive information about your files, including solutions and
real-time fixes, if required.
When you submit a sample to WebImmune, you will get one of four responses:
This is in the current DAT and you should update to the latest DAT files
This is a known threat, not in the current DAT set, and an extra.dat has been created
This is not a known threat and has been escalated to a researcher within Avert
This is a known clean file
Detection of an Infected File
If your file is infected with a virus then it is recommended that you submit a case with
Technical Support and state the WebImmune ID number. McAfee Technical Support and the
Avert team will then work together to assist in identifying suspicious, malicious, or offending
processes through data collection, customer conference calls and information sharing across
support levels and Avert levels.