We are facing some false positive issues in the software we develop. Here is a link to download a sample installer and also individual content:
Downloads removed until McAfee deems them safe.
We think this could have been caused by the use of an EXE protector/packer/antidebug/anti-tampering
Unfortunately we can't stop using it for security reasons but we digitally sign all the installers and files, so we hope you can whitelist our digital signature, since this is causing many reputation issues to our company and negatively affecting to our relation with customers.
Here you have links to the report of both files on VirusTotal:
We have reported the problem to McAfee several times by email as suggested in the website, but we got no response. The problem persists and I believe that there should be a solution to this.
Thank you very much in advance.
If you should need any further details or contact information, please do not hesitate to contact me.
Solved! Go to Solution.
Did you Zip it and password protect it using the password infected ? Also you can follow these instructions. Detection Dispute Submission | McAfee Labs It seems your downloads are under 10mbs so that should not be any problem.
I can attempt to send those Hashes to McAfee Labs on your behalf, and escalate it.
If you sent them correctly zipped and password protected you would have gotten an immediate reply with an analysis id for each file sent.
So some thing is amiss with the sending. In case cd has not sent the hash/virustotal details off to the labs I will as well. If he already has all the better.
I work closely with the McAfee Labs engineers. I have escalated your software submission on your behalf. Generally we have a protocol of 3 buisness days to allow them to Analyze/Process. Hopefully we will hear something back in short order. Your escalated Ticket number is as follows Ticket #: AM001267 - False Artemis
Hope this helped....
I still am wondering why the zipped file failed to be read. Several things are required
1. Zip format not any other compressed file format
2. Password protect the file when zipped with infected as password.
3. File when zipped less than 10mb.
4 I prefer 1 zip a file though you might be able to do more.
if no immediate reply with an analysis id number post here and post the VT details of a VT scan and we can escalate.