cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 9
‎02-11-2020 11:04 PM

FALSE POSITIVE DiagPlugin

Hello.

Your antivirus McAfee Endpoint Security 10.7 incorrectly detects our product as a malware or adware or PUP - see screenshot in attachment.

Product name: McAfee Endpoint Security 
Antivirus version: 10.7
Virus definitions is up to date (12.02.2020, 14:00, UTC+8)

Link to download our software:
https://help.kontur.ru/files/DiagPlugin_user.000629.exe

VirusTotal reports (file and URL are clean):

https://www.virustotal.com/gui/url/e50ec67a8154a288a4f602dfaea6300551d8a91f08633253a03a06b93bb8d8a0/...

https://www.virustotal.com/gui/file/fd8f9806ef3e71f489e3e66450c84c39334d1ac64d31c54d48f566652572db94...

Please fix false positive in your antivirus.

--
With respect, Andrew
Software developer

McAfee Endpoint Security
McAfee
McAfee Endpoint Security
McAfee Enterprise Products
View in Store
McAfee Endpoint Security
McAfee
McAfee Endpoint Security
McAfee Enterprise Products
View in Store
0 Kudos
Reply
8 Replies
londonsec
Level 10
Report Inappropriate Content
Message 2 of 9
‎02-13-2020 02:06 PM

Re: FALSE POSITIVE DiagPlugin

You need to work with McAfee development and research in order to have your product status changed.  If your technology performs any malicious actions, or actions which could be interpreted as malicious...then you need to justify and validate these actions with McAfee's teams.

Submitting a request through the community portal is not the way to get this done. 

"The electric light did not come from the continuous improvements of candles." - Oren Harari
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 3 of 9
‎02-13-2020 07:16 PM

Re: FALSE POSITIVE DiagPlugin

Okay, how I can contact with McAfee development and research?

1) McAfee do not answer me via email;
2) I do not have a GrantNumber to access support.mcafee.com, because I am a software developer, but not an user of McAfee's products;
3) I do not know other ways to contact with McAfee.

Please tell me the proven way to contact with McAfee.

--
With respect, Andrew
Software developer

0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 4 of 9
‎02-28-2020 08:51 AM

Re: FALSE POSITIVE DiagPlugin

Useless forum...

0 Kudos
Reply
AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 9
‎02-28-2020 11:16 AM

Re: FALSE POSITIVE DiagPlugin

Hi @Former Member,

Firstly, My very sincere apologies for the delay in response on this. It is very rare and unusual for us to miss posts from our Customers for such a long period of time but this has happened and I sincerely apologize for the same.

Having said that, I shall look into this issue for you. Kindly please bear with me while I investigate this.

Note: If you wish to contact Technical Support, and you are not a customer of McAfee, please feel free to contact out customer care and collect a  temporary Grant# using which you can create a support request for addressing these FP issues.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
0 Kudos
Reply
AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 9
‎02-28-2020 11:23 AM

Re: FALSE POSITIVE DiagPlugin

Hi @Former Member,

Thank you for your time. Firstly, Looking into the screengrab attached, it looks like Russian and I am afraid I do not understand the same. Is there any way you can translate this for me please?

Also, I looked into this File Hash and I do not see a detection currently for the same. Also, it is important to note that I do not see a history for this detection as well!

So I expect the translation of the words in that image might just help us here.

Meanwhile, I am still looking into the URL classification for you. Please bear with me for few more minutes on the same.

 

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
0 Kudos
Reply
AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 9
‎02-28-2020 11:28 AM

Re: FALSE POSITIVE DiagPlugin

Hi @Former Member,

Thank you for your time. I have looked into the URL part as well and the URL seems to be classified as "Business" and is show to have "Minimal risk".

I suppose this issue you are facing could have come up due to a misconfiguration of the product. Please let me know if you can translate the detection information on screengrab based on which we can progress further on this for you!

Note: trustedsource.org is the link we use to verify how a URL is categorized for our product!

Looking forward to your kind response.

Once again, My very sincere apologies for the delay from our end.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 8 of 9
‎02-28-2020 12:55 PM

Re: FALSE POSITIVE DiagPlugin

I translated my first screenshot - in attach you can find approximate translation.

Thank you for help with categorizing the URL of my file.

And I did not know that I could get a temporary Grant#, because this problem was on a computer of our customer, and we can not install all antiviruses only to have ability to send False Positive to all antivirus companies. But since you say so, I'll try to do it.

Thank you.

Reply
AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 9 of 9
‎02-28-2020 06:40 PM

Re: FALSE POSITIVE DiagPlugin

Hi @Former Member,

Thank you for giving us another opportunity to assist you. I just tried downloading this file on a test machine with Endpoint Security installed and I am unable to replicate the issue. 

You do not have to really install the product and test it, however if you can replicate the issue or if the customer can, we will be glad to work with them form our end and assist them on the same.

I can confirm that the download goes through fine without nay issues via Google Chrome and Firefox and the File is not being marked malicious at all! Thank you for your patience and help in translation of the statement. I am suspecting they may have a configuration issue.

Once again apologies you had to wait for our response for 2 weeks. We will stay more alert to your posts in the future.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com for Enterprise

Legal   |   Privacy   |   Copyright © 2021 Musarubra US LLC