stephvand Posted March 20, 2006 Posted March 20, 2006 For the past few days, each time I get a payment notification email from Paypal for products purchased through my store, McAfee has been stripping the emails because of an apparent trojan. Anyone else running into this? Here's the text of the email once McAfee is done with it. Googling has turned up nothing, and while I realize that this isn't an osC-specific issue, I could use a hand figuring this out since it'll probably affect a few of us: ANTI-VIRUS DETECTION ALERTThe anti-virus scanner was triggered by this file. The file was not cleaned and has been removed. See your system administrator for further information. Context: '[Message Body]' Detection(s): 'JS/Exploit-Script (trojan)' Copyright ? 1993-2005, Networks Associates Technology, Inc. All Rights Reserved. http://www.mcafeesecurity.com
EthosPaul Posted March 21, 2006 Posted March 21, 2006 We get many payments from Paypal and that is the first I have seen. Googled and found: http://vil.mcafeesecurity.com/vil/content/v_136817.htm http://www.itnews.com.au/newsstory.aspx?CI...30499&CIaAID=11 Hope this helps. Paul ------------
radders Posted March 21, 2006 Posted March 21, 2006 These are genuine emails from Paypal which Mcaffee it treating as infected with a virus. All our emails from Paypal are showing up like that. The fake ones don't. The message though is not quite the one you are getting. It just says it has quarintined the attachment: 'The attachment "Unnamed attachment" is infected with the JS/Exploit-Script Trojan(s). This attachment has been quarantined.'
stephvand Posted March 21, 2006 Author Posted March 21, 2006 So it would seem that we're not the only ones experiencing this...these are definitely legitimate Paypal emails, and it would seem that McAfee is either being overzealous or Paypal is including an exploit with their messages. McAfee has had a problem with false positives due to an error in a DAT released last Friday, which is when I started having this issue - however the DAT has allegedly been corrected and there was no mention made of Paypal in the followup comments. I'll post updates here as I find them - going to try the McAfee forums. These are genuine emails from Paypal which Mcaffee it treating as infected with a virus. All our emails from Paypal are showing up like that. The fake ones don't. The message though is not quite the one you are getting. It just says it has quarintined the attachment: 'The attachment "Unnamed attachment" is infected with the JS/Exploit-Script Trojan(s). This attachment has been quarantined.'
stephvand Posted March 22, 2006 Author Posted March 22, 2006 It looks like this problem will go away as long as the DATs are updated on your mail server as well as on your desktop computer, depending on how your mail is set up. McAfee goofed.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.