OneCare Antivirus and Anti-Spyware Topics

*Submitting virus samples to Microsoft
*Running OneCare in Safe Mode

Submitting virus samples to Microsoft

Windows Live OneCare detects a file as infected, but the customer is 100% sure that the file is NOT infected = False Positive
Windows Live OneCare does NOT detect a file that is infected, or has been identified as infected by a third party tool = False Negative.

Microsoft will work to analyze and add the file to the signatures, but you will not be contacted by anyone from Microsoft when you follow this process. You should not contact support to follow up on these submissions except if help is needed to manually remove the virus in the interim, until the Windows Live OneCare signatures are updated.

The 2 articles that describe this process are as follows:

False Positive: http://support.microsoft.com/kb/921159/en-us
False Negative: http://support.microsoft.com/kb/921161/en-us

Running OneCare in Safe Mode

Windows Live OneCare can be run at a command prompt in Safe Mode.

Restart into Safe Mode (or SM w/Command Prompt) and go to the OneCare folder:

c:\program files\microsoft windows onecare live\

Then run the SafeModeAvScanner.EXE with /? and you will see the command line options that are available