cancel
Showing results for 
Search instead for 
Did you mean: 
cougarmint
Level 7

Am I Submitting this False Positive Report Correctly?

I am new here to the forum but not to McAfee. I have used McAfee as far back as I can remember and I have been very happy with the program up until the last year. Since some dat update in January, it's been detecting my critically important Chaos Manager program as a False Positive, one named Generic.dx!kfx, which, to me, seems to be one of these Artimis readings. It has been so disruptive I have had to choose between full virus protection and Chaos Manager, and sadly, I had to sacrifice my computer protection. I have been to tech support, sent the samples through both the Avert Web Site and the McAfee program itself to no avail. I even submitted a sample through email, but... I realize now I forgot to zip the infected file and password it.

Long story short, before I submit yet another sample through email, I'd like to make sure I have all my email information correct. That said, this is a copy of my submission email, minus the correctly done zip file. Am I missing anything?

-----Begin Email Copy-----

To whom this may concern --

I wish to report this submission as a False Positive detection by McAfee.

Reply Email Address: <email address removed for security>

Files in Archive: 1
Name of file: cm2setup.exe
Where I found it: Desktop
Symptoms: N/A; False Positive; Artimis Scanner detects Chaos Manager as "Generic.dx!kfx"

Security Products Detecting Sample: McAfee (See below for Product info).

McAfee Products Information:
McAfee Security Center
Version: 9.15
Build: 9.15.179
AffId: 105-260

McAfee Virus Scan
Version: 13.15
Build: 13.15.117
AffId: 105-260
DAT Version: 2028.0000
Engine Version: 5400.1158

Windows System Info:
OS: Windows Vista Home Premium Service Pack 1

Other information: The submitted sample is the full install for Chaos Manager; both this install and its subsequent installed program are being registered as the trojan "Generic.dx!kfx". I have used this software since 2003 and it has never, in any way, harmed any system I've installed it to. Please add it to your backend whitelist.

Thanks,
Molly.

-----End Email Copy-----

0 Kudos
5 Replies
Dinz
Level 16

Re: Am I Submitting this False Positive Report Correctly?

Hi,

Sorry for the inconvenience caused here ; False submissions should be sent via email to virus_research@avertlabs.com (mailto:virus_research@avertlabs.com) in a password protected zip (password needs to be the word 'infected' - without the quotes) - the subject line of the email should contain the word FALSE please.

Regards,

Dinesh K

McAfee Online Community Moderator

0 Kudos
cougarmint
Level 7

Re: Am I Submitting this False Positive Report Correctly?

Okay... so that's the only thing I need left and I already have it prepared. Thanks! I hope they can fix this soon because it has been a hassle.

UPDATE: I have submitted the file (zipped and password protected) and added "FALSE" in the Subject line. I hope this time I did this right and McAfee and Chaos Manager will stop fighting each other. ^_^

Message was edited by: cougarmint. Reason: Added Update. on 7/2/10 4:50:14 AM CDT
0 Kudos
Popps
Level 7

Re: Am I Submitting this False Positive Report Correctly?

Did you ever get a response about chaos manager?  I have the same problem and if McAfee doesn't get it resolved I won't renew my subscription. I simply haven't found another program I like as much as Chaos Manager

0 Kudos
hibbins
Level 7

Re: Am I Submitting this False Positive Report Correctly?

Any update on this?

Just installed Chaos Manager 2 version and McAfee ripped it to shreds saying it is a trojan, exactly as described by Cougarmint.

Already turned my auto-renewal option off.

However, since I still have some months to go, would like to know what's the verdict with this.

0 Kudos
exbrit
Level 21

Re: Am I Submitting this False Positive Report Correctly?

This is an old thread and the information given by Dinz above has changed in the meantime.  The submission address for false finding samples is virus_research@mcafee.com and the files must be zipped and password protected (some zip clients call that encryption) using the password infected and there is more information on false findings and what to do here: https://community.mcafee.com/thread/2016 see the part To send it to the Threat Center outside of Security Center.....


0 Kudos