McAfee AVDCDE-BA-CA User Guide - Page 76

Removing Infections From Your System Submitting a virus sample If you have a suspicious file that you believe contains a virus, or experience a system condition that might result from an infection-but VirusScan software has not detected a virus-McAfee recommends that you send a sample to its anti-virus research team for analysis. When you do so, be sure to start your system in the apparently infected state-don't start your system from a clean floppy disk. Several methods exist for capturing virus samples and submitting them. The next sections discuss methods suited to particular conditions. Using the SendVirus utility to submit a file sample Because the majority of later-generation viruses tend to infect document and executable files, VirusScan software comes with SENDVIR.EXE, a utility that makes it easy to submit an infected file sample to McAfee researchers for analysis. To submit a sample file, follow these steps: 1. If you must connect to your network or Internet Service Provider (ISP) to send e-mail, do so first. If you are continuously connected to your network or ISP, skip this step and go to Step 2. 2. Locate the file SENDVIR.EXE in your VirusScan program directory. If you installed your VirusScan software with default Setup options, you'll find the file here: C:\Program Files\Network Associates\VirusScan 3. Double-click the file to display the first AVERT Labs Response Center wizard panel (Figure 3-12). Figure 3-12. First SENDVIR.EXE panel 76 McAfee VirusScan Anti-Virus Software