How to Submit Virus or Malware Samples to McAfee Labs
When submitting a sample to McAfee Labs for review, you may use one of three delivery methods:
- McAfee ServicePortal/Platinum Portal
This is the preferred method for McAfee Labs to receive submissions from Platinum and Gold Customers. When you use this method we can process and respond to samples more rapidly. You’ll find instructions for using the McAfee ServicePortal/Platinum Portal under McAfee KnowledgeBase ID KB68030.
Download the GetSusp utility to submit samples. McAfee recommends that you use GetSusp as a first tool of choice when you analyze a suspect computer. For full details see KB69385. Even if you do not have a valid Grant Number, GetSusp allows you to submit samples to McAfee.
You may submit samples directly to McAfee Labs by attaching the file(s) in an email to firstname.lastname@example.org. When submitting samples via email, you must archive them in a password-protected Zip file with the password “infected” (all lowercase). For instructions on how to create a Zip file and password protect it, see these articles:
Using Windows File Compression
To help us speed the sample review process, please provide the following information along with your sample:
- A list of all files contained in the sample submission, including a brief description of where or how you found them
- What symptoms cause you to suspect that the sample is malicious
- Whether any security products find a virus (tell us the security vendor, its product name, the version number, and the virus name assigned to the sample)
- Your McAfee product information (product name, engine, and .DAT version)
- Any system details that may be relevant, including operating system and service packs
Finding Samples to Submit
McAfee KnowledgeBase Article KB53094 can assist customers in finding malicious samples on their systems.
What Not to Submit
Please do not send screenshots, anti-virus or HijackThis logs, or prefetch files through McAfee ServicePortal/Platinum Portal or email. Send only the suspected malicious files.