I'm trying to download files for a game from Steam (the official Steam store) but everytime I attempt to do so, McAfee swoops in and decides to quarantine one of the executable files because it believes it to be a "trojan", thus rendering the game useless as it simply will not run without it. I reiterate that I trust this file: it's from a reputable source and I see no reason for it to be malicious. I have tried to restore it but each time I do it simply gets quarantined again. I've noticed how there is no way to allocate a file to the "Trusted Items" list which seems a little more than pointless. I've come across other posts on this site where people have the same or similar problem yet everything I've tried to do to resolve the issue so far has been fruitless. I tried emailing email@example.com concerning the problem (N.B. giving the subject of the email as 'False' and then quoting the suspected trojan) but have not yet received a reply (>48hours later). The file was also deemed "too large" to be able to send it to McAfee for analysis. Should I just wait how ever many years It'll take them to update the Home software to allow the user to prevent McAfee from quarantining a file or what?
You can only tell the software to ignore something if it identifies it as a PUP (Possibly Unwanted Programme). The ability to make exceptions generally was taken away from all consumer software many versions ago because too many people were wrecking their machines allowing risky objects into their machines and then blaming the software for the result. Only the Enterprise software allows that now.
There are some steps you can take, however.
Thanks for the response. McAfee seems to identify the file as "Ransom-FCJA!B08D154D0168" which it calls a 'Trojan'. However when I click on it within SecurityCenter it takes me to a McAfee webpage but returns no results identifying what they think it is. I will try to send it to avertlabs but it seems like a lot of effort for something which should be easy to amend.
Try the GetSusp tool - it may work when files are too large for email submission. Don't forget to enter your email in the Preferences to get a response from the lab. You'll have to turn off protection and reinstate the file first of course..
I sent them the file by email and got an immediate (and I presume automated) response but I'm not sure what to do now because they said instantly "The file submitted is malware that can be detected with current DAT files. It is recommended that you update your DAT and engine files and scan your computer again." I'm not sure what that means.
That's excellent, it means they've got it and will analyze it. It may be a while before you hear the final verdict and if they still regard it as malicious then respond with FAE in the header. That script is merely a standard response so ignore it.