Although I am from the Consumer side of the Equation, may I ask if your detection is due to (NSIS Installers)? For there has been lengthy discussions related to this detection.
All the Best,
Thank you for your replies.
My application is portable and does not need to be installed so I guess my answer would be "no" to the NSIS installers
I did email the file inside a password protected zip file and now I wonder how long it will take them to let me know if they whitelisted it and more important, will I have to re-submit my file every time I will release a new version.
I did submit this form as well: Detection Dispute Submission | McAfee Labs but there was no place where I could actually attach the file itself so I didn't understand the logic behind this form.
So after fixing the previous false positive, now it gives me a new one: BehavesLike.Win32.Sality.wc
They reply back but never on my question regarding future versions and the need to keep to re-sending them the executable whenever a new version is released.
People starts to complain about false positive and how can I explain them that this is a false positive and they shouldn't be worried? It's a mess.
I wonder if mcafee people even read this forum or just other users with no formal reply actually read these posts.
stockdiv - McAfee/Intel staff are very rarely here as they are busy dealing with detections that are submitted as CD has explained above. We can bring outstanding/delayed results to their attention and that is all we can do here.
Best consult with experts on how to code the applications so they aren't detected at every upgrade.
I use virus total in order to check my own application (I'm the developer) for viruses and everything is clean except mcafee GW edition. I'll be glad to know what is causing my app to wake GW edition up from its sleep while all other engines are OK with it but they are not here to answer this very question.
Well you said you tried this form I believe? Detection Dispute Submission | McAfee Labs
Note that it says there that they will get back to you and it is at that stage, I would imagine, that they may ask for samples.
I already sent a sample and they whitelisted it from being a certain false positive but now it detects my exe as a new false positive so again I sent a sample. I hope you understand this is not a good method if I need to chase them every time I release a new version and moreover, when their engine suddenly decides that my exe is false positive without me doing anything.