I have been submitting a false positive to Mcafee for the past few weeks and getting only an automated reply saying "Automated analysis was not able to determine that this file is malware. This file is being sent for further processing and the DAT files will potentially be updated if detection of this sample is warranted."
That's it and never the DAT file got updated nor a response.
Was it an Artemis detection by any chance? If so publish the number here and maybe they will spot it if I add it to the header. Normally a fix is done within 3 - 14 days, but it all depends on what it was I suppose.
You could also simply send an email to firstname.lastname@example.org with the header "False Artemis!........" (minus the "" and fill in the number).
The other way of getting a response would be to reinstate whatever software is quarantined (maybe you'll have to temporarily disable antivirus) and use GetSusp to obtain a response....but make sure you enter your email address in preferences to get any kind of response.
Toronto ▪ Canada
Volunteer Moderator - Consumer Products
I CAN'T HELP PRIVATELY - PLEASE POST IN THE FORUMS
Use Advanced Search To Find Answers
If I am not mistaken, I contacted a McAfee Labs Technician/Engineer to expediate the process. The Analysis ID # was given as well...
As my Fellow Moderator Ex_Brit asked, is the Detection being discussed a (New) one? Or one you have previously brought to our attention? Does this by chance have any affiliation to (NSIS) files and the program itself?
Should it be the latter, I concur with what others have suggested. The Author of the Program itself should submit to McAfee Labs, to better achieve results. This has been a Topic of Discussion in numerous of threads, if indeed this is the case.
Wishing you all the very Best,
McAfee Volunteer Moderator
Wow thanks guys for the replies, This is a new detection and not the old one I posted and isn't an Artemis either. This is detected as BehavesLike.Win32.Trojan.nh
This program use NSIS and my previous program used it too and it got white listed so I hope this will too. 9208586 is the analysis ID
As you can see, this has been discussed in length. As far back as October 8th/2014 or earlier. Please read the comments in the thread. Since you have submitted your last Detection, Lets see what transpires after being analyzed.
It seems that the way the (NSIS) Program acts during the Installation process, that it resembles Malware-like behavior. Possibly due to the Un-packer and how it proceeds. This is only my (Personal) opinion, as I am not a McAfee Labs Technician.
Greater minds than mine, have given their take on the issue.
I still suggest that (NSIS) should take it upon themselves to submit it,s Program to help alleviate the Detection issues.
All the best,
McAfee Volunteer Moderator
Thank you for your detailed responses. I believe that keep submitting each and every file that use nsis will get those particular programs white listed. That is what I am doing at the moment. Thank you again