McAfee SNS Notice: Special Remediation & Download for the Dat 5958 Issue

IF YOU ARE HAVING ISSUES RELATED TO DAT 5958, TWO IMPORTANT REMEDIATION SOLUTIONS ARE NOW AVAILABLE.

McAfee has TWO solutions to help you remediate any issues you may be experience due to the DAT 5958 issue.

SOLUTION #1 – McAfee SuperDAT Remediation Tool

The McAfee SuperDAT Remediation Tool suppresses the driver causing the DAT 5958 false positive by applying an Extra.dat file in c:\program files\commonfiles\mcafee\engine folder. It then restores the svchost.exe by looking first in %SYSTEM_DIR%\dllcache\svchost.exe, if not present it will attempt a restore from %WINDOWS%\servicepackfiles\i386\svchost.exe, if not present it will attempt a restore from quarantine. After the tool is run, the machine needs to be rebooted.

Recommended Recovery SuperDAT Procedure

1. From a machine that has Internet access, locate and download the Recovery SuperDAT at http://download.nai.com/products/mcafee-avert/tools/SDAT5958_EM.exe and save it to portable media.

2. Take the portable media to each affected machine and run the tool. If you are not able to run the tool on the affected machine, boot in safe mode

3. Execute the Recovery SuperDAT tool

4. Reboot in normal mode

5. Use the product update to update to DAT 5959 or later

SOLUTION #2 – McAfee Bootable ISO Image for Download (NEW)

If you have remote users and need to create your own bootable disk for distribution, you now can download the ISO image (135MB) to create a 5958 Recovery Tool disk.

To obtain a copy of this image, please go to http://my.mcafee.com/forms/2010-0426_DAT5958BootDiskEULA and complete the information requested. McAfee will immediately email you the link to a ZIP package containing the ISO image (135MB). NOTE: McAfee will be tracking download click-throughs for licensing purposes.

ADDITIONAL INFORMATION

How to Burn the McAfee 5958 Recovery Tool ISO to CD or DVD
https://kc.mcafee.com/corporate/index?elq_mid=2418&elq_cid=1978428&page=content&id=KB68831
McAfee 5958 Remediation – Using PXE network booting and WDS
https://kc.mcafee.com/corporate/index?elq_mid=2418&elq_cid=1978428&page=content&id=KB68815
False positive detection of w32/wecorl.a in 5958 DAT (for Corporate/Business users) – VirusScan Enterprise
https://kc.mcafee.com/corporate/index?elq_mid=2418&elq_cid=1978428&page=content&id=KB68780

Fonte: McAfee

Anúncios

Deixe um comentário

Ainda sem comentários.

Comments RSS TrackBack Identifier URI

Deixe uma Resposta

Preencha os seus detalhes abaixo ou clique num ícone para iniciar sessão:

Logótipo da WordPress.com

Está a comentar usando a sua conta WordPress.com Terminar Sessão / Alterar )

Imagem do Twitter

Está a comentar usando a sua conta Twitter Terminar Sessão / Alterar )

Facebook photo

Está a comentar usando a sua conta Facebook Terminar Sessão / Alterar )

Google+ photo

Está a comentar usando a sua conta Google+ Terminar Sessão / Alterar )

Connecting to %s