I have a couple of files, compiled from a source, which are incorrectly detected as a virus bu few antivirus vendors with McAfee amongs them.
I am struggling for a few weeks to contact McAfee and report for a false positive. Tried email, chat support and webimune.com sites. I keep getting reffered to either of those 3 in a loop.
Webimune service seems automated, it simply returns that the files are "current detection".
Email to Avert(r) Labs returns the same.
Chat support refers me to webimune.com.
Email support refers me to chat support.
I've sent similar report to other major antivirus vendors which were detecting those files with the same request and it was straightforward procedure with replies within a day, confirmation it's a false positive and a note that signatures will be updated.
What would be the best procedure with McAfee? Does it really have to be that hard or I just cannot find the proper way?
It's not Arthemis detection...
I did try to resend the files to virus_research (at) avertlabs.com and reply to the auto response noting that it's a false positive but just got yet another auto response with the same scanning result.
I am attaching the files in question as well as their source code, password is 'infected'.
The files are used and in circulation for ages as per this thread:
and suddenly a few months back several antivirus vendors started detecting it.
This affects a few helpful applications which make use of this setup.exe:
I hope someone from McAfee would eventually have a look and take the appropriate action.
I have already followed what's not about Artemis.
1. Submitted the files to firstname.lastname@example.org, replied to the auto response as well
2. Submitted the files to http://vil.nai.com/vil/submit-sample.aspx
3. Sumbitted the files to https://www.webimmune.net/default.asp
4. Had a chat with tech. support who referred me back to http://vil.nai.com/vil/submit-sample.aspx although I explained that had been done
It's just a crazy loop lasting more than 2 weeks already which I am trying to break...Message was edited by: okli on 12/11/10 19:42:30 CST
If you submitted the sample and got an auto-response then it will eventually be followed by the final answer usually within a matter of hours.
If negative simply reply disputing it.
First time I've submitted it was more than a week ago, never received second, 'final' response.
Disputing the auto response led to nothing as well, just yet another auto response, just like the semi-automatic emails from the tech. support where only name is the different part.
on 11/12/10 9:10:24 PM CSTMessage was edited by: okli on 11/12/10 9:10:34 PM CST