I am a software Author, based in the UK
WHERE .. definitively.. do I submit a false positive - and get a timely response.
I have spent 8 days going via consumer support and Trustedsources.com to get my URL whitelisted (they stuffed it up the first time) - and now have waited another 4 for a reply from virus_research@avertlabs.com
Today I submitted to datasubmission@mcafee.com and virus_research@mcafee.com - neither or which yielded any sort of reply or confirmation.
I cannot submit a false positive from within TotalProtection .. which is a glaring and stupid oversight - putting the process well beyond the reach of most consumers.
The McAfee experience has been - *by far* the very worst of all the vendors - and with their huge market share, and backending many 3rd party products and services - they can cause enormous damage to a legitimate small business - In fact ... as a direct result of McAfee's ineptitude I could well go under. I have lost customers, damaged my reputation, wasted hundreds of pounds on Adwords and lost all momentum there, my main target market is the UK - where Mcaffee bundle their antivirus product with BT Internet - thereby excluding millions of my potential customers.
I have hundreds of existing customers who can't accept my updates - some of whom have uninstalled their McAfee products in frustration - even when they restore items for quarantine - they are immediately re-quarantined. Most of my customers are not technical enough to start creating exclusions or firewall rules - amongst those that have tried - only frustration and failure has been reported. McAfe doesn't automatically prompt for firewall access life it should - it just outright blocks my connection with no prompt or warning.
EVERY other major vendor Microsoft, Avast, AVG, Kaspersky, Malwarebytes and even Norton had this cleared within 24 hours - yet here I am 10 days later still fighting to find even where to submit my program to McAfee - The McAfee site and KB's are full of contradictions and out of date (10 year old) links URLs and addresses.
The URL in question is http://cloud.quicksnooker.com/qsLaunch3.exe
It is already whitelsited - and, given that it is an executable I naively thought that might involve actually checking the file - but apparently not !
The FALSE detections - on VirusTotal are :-
MCAfee - Artemis!D5A408E12CF2
and
McAfee-GW-Edition BehavesLike.Win32.VBObfus.cc
I understand that to an AI my *installer* might look like a Trojan - but these automated decisions need to be checked by actual people quickly after the 'death sentence' has been pronounced.
Saturdays Email - In case anyone here actually cares:-
I have now been sent full circle by consumer support who have referred me back to sites@mcafee.com
from where I get an autoreply (at least that's SOMETHING) stating :-
Please note, there is no set turn-around time for requests submitted to this email address. For quicker turn-around, please submit URLs through Trusted Source Ticketing System with your comment at the following link. Requests submitted through your registered account will be processed within 3-5 business days while some requests may take longer.
I ALREADY SUBMITTED AT TRUSTED SOURCE 10 DAYS AGO - AND AGAIN (WHEN THEY SCREWED IT UP0 5 DAYS AFTER THAT
THIS IS NOT THE RIGHT DEPARTMENT - THE RIGHT DEPARTMENT DOES NOT RESPOND
I AM LOSING REVENUE AND LONGSTANDING CUSTOMERS EVERY DAY - SO ARE YOU, NOT THAT YOU CARE - SEE TRUSTPILOT
PLEASE ESCALATE THIS TICKET 2653387759
Right .. progress .. and some actual customer service .. Charlie .. has got back to me and my URL is now marked 'safe to visit' and my .exe's MD5 is marked as clean in their DB
Still comes up bad on VirusTotal but I am advised to wait 2 hours .. which I will do.
Hello,
I understand your frustration and I see you came across lots of roadblocks.
I see from VirusTotal that most of the detections come from vendors which base their software only on behavioral analysis as Cyren for example. They do not care if your software shows a pony picture or encrypts your data - they just see "malicious" actions and block it.
Regarding mentioned links, I see both are with Minimal risk reputation and the executable is not detected by McAfee:
QuickSnooker.com
In McAfee's defence ive always found them to have quite a quick response to tickets raised in their https://www.trustedsource.org/en/home/
Best of luck going forward, ill check out the site
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA