js/exploit packed.c.gen



I see users of McAfee are seeing a lot of complaints by their antivirus about this js/exploit packed.c.gen. One user is reporting that the weather underground site is raising a flag about this virus. I’m seeing indications that this may be a false positive.


According to this page McAffe is aware of some false positives due to the newly added detection of js/exploit packed.c.gen

According to them detection for js/exploit packed.c.gen was added in their 5728 database (released today) and the 5729 update should fix the false positives. So, McAfee users should see the false positive on js/exploit packed.c.gen go away when they get their next antivirus database update.

From what they are reporting the false positive is showing up on sites that are using javascript and obfuscating some of the javascript source (substituting hexadecimal characters instead of plain text for instance.)

   Send article as PDF   

Similar Posts