McAfee detecting "procguard.sys" as trojan

Discussion in 'ProcessGuard' started by eighty88eightkeys, Jan 29, 2006.

Thread Status:
Not open for further replies.
  1. eighty88eightkeys

    eighty88eightkeys Registered Member

    Joined:
    Jan 29, 2006
    Posts:
    1
    I have been using P.G. 3.150 full version for about 10 months now without a hitch. Then, this week McAfee started detecting the file "procguard.sys" as a trojan during typical virus scans. McAfee listed the trojan as
    "New Malware.z". When I do a search nothing comes up.
    Is this just a false positive? Any Ideas would be helpful.
     
  2. :-)

    :-) Guest

    "New Malware.Z" looks like generic/heuristic detection of McAfee. So this is most likely a false positive.
     
  3. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Almost certainly. Whenever you get a false positive it's important to send the file to the vendor so that they can strengthen their detection and prevent other customers from being mislead into thinking they're infected by a clean file.

    Best regards,
    Wayne
     
  4. maggie83

    maggie83 Guest

    I have the same problem. I have been running processguard for several months. Last week Mcafee virusscan said this was a trojan but it could not clean or quarrentine the file. It wants me to delete the file but I think its an error so I won't delete it. I contacted Mcafee and the did not help with the problem.

    C:\windows\system32\drivers\procguard.sys trojan name New Malware.Z
     
  5. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii

    You say McAfee didn't help. Did you send them the file? And ask that they fix the false positive?

    Zip the file, password protect it with something like "infected". Make sure you put the password in the email and then email it to:
    virus_research@nai.com

    It probably won't get fixed immediately so be patient for a bit.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.