cancel
Showing results for 
Search instead for 
Did you mean: 
chiron494
Level 7

False Positive On Crystal Security

Jump to solution
0 Kudos
1 Solution

Accepted Solutions
showvik
Level 12

Re: False Positive On Crystal Security

Jump to solution

Hi,

We have suppressed the detction 'Generic.dx!bf3c' on this file. It should no longer be flagged with the next DAT update, 6853.

Regards,

Showvik

0 Kudos
10 Replies
exbrit
Level 21

Re: False Positive On Crystal Security

Jump to solution

Was this detected as an "Artemis" detection by any chance?  If so could you post the detection number so they can check it.

There is also a submission procedure outlined here:  http://www.mcafee.com/us/mcafee-labs/resources/how-to-submit-sample.aspx

0 Kudos
chiron494
Level 7

Re: False Positive On Crystal Security

Jump to solution

I am not a McAfee customer. I just noticed the false detection on virustotal and alerted you to the miscategorization.

0 Kudos
exbrit
Level 21

Re: False Positive On Crystal Security

Jump to solution

Well I moved it to that section but without a sample being submitted it may or may not be destined for the database as on these forums we have no record of what is already submitted to them.

0 Kudos
chiron494
Level 7

Re: False Positive On Crystal Security

Jump to solution

I provided the virustotal link. As a vendor on VirusTotal don't you have access to the files? At least that's the way it works for Comodo.

Either way, here is the download page where the software can be found:

http://www.crystalsecurity.uk.to/download.html

Thanks.

0 Kudos
exbrit
Level 21

Re: False Positive On Crystal Security

Jump to solution

I would imagine the labs do, but we don't.   Perhaps one of their staff will spot this and post.

Thanks for the link.

0 Kudos
Hayton
Level 18

Re: False Positive On Crystal Security

Jump to solution

In the "False Positive" thread you said :

Actually, the newest version they have released is no longer detected by any vendors

That was the 24th. The VirusTotal report you link to was the 30th, and in that one the product scored 6 detections. So there must have been another release?

In that list McAfee isn't showing an Artemis detection but a generic Trojan detection - "Generic.dx!bf3c".

The download can't be rated safe until it's been submitted to the Labs for testing. You can't just assert that it's safe and expect McAfee to wave it through on your say-so.

I've taken a look at your website - a very good one, very useful - but I think you ought to distinguish between established anti-virus companies and small start-ups like CrystalSecurity - Kristal Security, to be more accurate. Kardo Kristal is bright, he's got a good idea which he's developing and it looks promising, he's got the approval of people over at Wilders Security; but Kristal Security is pretty much just him, he's not long out of college and the product is still very much a Beta product. If he's tinkering with it and releasing frequent enhancements then for each release he's going to run into problems with (false-)positives from the major AV players as long as he continues to use whatever it is that's causing the detection problems.

I suggest you submit the download for testing and let the Labs give their verdict.

0 Kudos
chiron494
Level 7

Re: False Positive On Crystal Security

Jump to solution

Right at the beginning of my article I say that this article is not meant to distinguish between good and bad AV vendors. It is only meant to make it as easy as possible to submit malware and false positives to all of them. As a side I did also mention that all of them listed are legitimate, but I was obvious to say that I made no distinction between good and bad protection. That article is by no means meant to act as a review article.

By the way, I spent 45 minutes talking to a McAfee employee via IM, in which I was trying to figure out what the best way to submit false positives was for non-McAfee customers. Finally, we settled on this area of the forum:

https://community.mcafee.com/community/home/virusandspywareprotection/virusscan

Is there a better place I can submit false positives for any type of files?

Thanks.

.

Message was edited by: Ex_Brit at poster's request on 01/10/12 10:36:19 EDT AM
0 Kudos
exbrit
Level 21

Re: False Positive On Crystal Security

Jump to solution

I put together some guidelines here which may help.

0 Kudos
showvik
Level 12

Re: False Positive On Crystal Security

Jump to solution

Hi,

We have suppressed the detction 'Generic.dx!bf3c' on this file. It should no longer be flagged with the next DAT update, 6853.

Regards,

Showvik

0 Kudos