cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

FALSE POSITIVE - Analysis ID: 10730800 - please remove

Jump to solution

Hello, This an executable for a ROM track (DVD-ROM) Multimedia DVD that simply auto-execute the multimedia application present in the dvd-rom.

We made the executable and it isn't a virus or malware but actually it is recognized by your antivirus heuristic code as a malware-like.

We hereby declare that this code doesn't contain any malware or virus code and submitted it for your analysis.

The executable will generate a simple BAT file that will change directory and call another executable in the cd-rom executing those commands:

" cd voximago

Vox_Imago_PC.exe "

Actually is needed because the real executable only work in a sub-directory but we need to execute it from the root directory of the cd-rom.

We are requesting to be identified as secure also because we can’t modify the cd-rom already distribuited.

Thankyou very much. Best regards. 

---

McAfee Labs - Beaverton                                                                

Current Scan Engine Version:6000.8403                                                 

Current DAT Version:9099.0000                                                         

Thank you for your submission.                                                         

 

Analysis ID: 10730800

 

File Name            Findings                       Detection                    Type         Extra

--------------------|------------------------------|----------------------------|------------|-----

vox_imago_pc.exe    |current detection             |rdn/generic.grp             |Trojan      |no  

 

current detection [vox_imago_pc.exe]                                                                   

 

   The file submitted is malware that can be detected with current DAT files. It is      

recommended that you update your DAT and engine files and scan your computer again.   

Labels (1)
Tags (1)
1 Solution

Accepted Solutions

Re: FALSE POSITIVE - Analysis ID: 10730800 - please remove

Jump to solution

Have you submitted your false positive to McAfee?  The process is outlined in this KB:  https://service.mcafee.com/webcenter/portal/oracle/webcenter/page/scopedMD/s55728c97_466d_4ddb_952d_...

Following this process will get your information and request to the team that will be able to action this for you.

3 Replies

Re: FALSE POSITIVE - Analysis ID: 10730800 - please remove

Jump to solution

Have you submitted your false positive to McAfee?  The process is outlined in this KB:  https://service.mcafee.com/webcenter/portal/oracle/webcenter/page/scopedMD/s55728c97_466d_4ddb_952d_...

Following this process will get your information and request to the team that will be able to action this for you.

Re: FALSE POSITIVE - Analysis ID: 10730800 - please remove

Jump to solution

Thankyou very much Stephclarice.

Yes absolutely, following this process we had sent the file with details on 12/06/2018 12.52 CET but we've had only automated response. Now with better reading of the link you post I've read that must be added "NOAUTO" tag to the subject for requesting a manual check of the false positive.

I've re-send the file with details, hope this will resolve the situation.

 

Re: FALSE POSITIVE - Analysis ID: 10730800 - please remove

Jump to solution

Today  on VirusTotal Report McAfee now confirm that our executable is Clean (altough I do not have any direct answer from my submission to McAfee) .

But McAfee-GW Edition is still detecting  it with "BehavesLike.Win32.Generic.dh" 

Anybody know how much time is required for the "GW" Edition to clean the false positive?

Thankyou very much,

best regards.