Main Area and Open Discussion > General Software Discussion
False Positive on Software (Generic.Dx) by McAfee Today: McAfee Response and Fix
vlastimil:
Sorry for the late post, I just got to this thread from the newsletter and it caught my eye, because I was having these problems too. Twice.
First, I was using a VB script in an .msi installer to customize folder icon - to set folder attributes to readonly, because only readonly folders display custom icon (ask microsoft why...). I received complains from users that their AV said that it has detected a malicious script and whether they want to stop it. You can imagine how such a thing affects a first impression of an application. I think it is just outrageous. Not a "potentially malicious script" explaining the situation to the user, but a false and aggressive message. I can understand that when a script in a .doc file tries to access file system, it looks suspicious. But this was a .msi installer, it is supposed to access files. It is really that hard to detect a valid use of a script or are the Norton AV authors that lazy and their law department that good?
Second time, my cursor editor was affected. The animated cursor (.ani) files can contain several frames and if a frame is used multiple times it is not necessary to store it multiple times and instead a vector of frame indices can be used. Well, I took the time to auto-detect duplicate frames to have the smallest .ani files. Unfortunately, there was a exploitable bug in Windows and involving a the vector of frames. Norton AV just considered every .ani cursor with a custom frame vector a virus. A pissed off user gave me lowest rating on download.com because of this false positive and this is just a tip of the iceberg.
So, I have serious issues with AVs, especially with Norton AV. If anyone starts any initiative to improve the situation and force them to be more responsible, I am in. Needless to say I tried to contact them with the first problem, but got no response at all.
Zoomie:
Uh-oh...I had what I thought was a false positive from Antivir when I downloaded the Screamer Radio Menu on my GF's computer over the weekend. I have forgotten exactly what it said now but I think it was Trojan/Spy.Agentxxxx. Antivir had no explanation other than it may have been a trojan. I got it partially ignored by Antivr but Antivir just wouldn't give up. I thought perhaps a corrupted file and did it over again - same result so I had to delete it. I downloaded the Menu on my pc this AM and my Antivir does not report anything. Now I'm really confused. Anyone have any suggestions?
mouser:
keep in mind that the virus definitions get updated regularly after people complain about these things, so what is falsely detected one day may be fixed and not alarm the next day.
jinkerz7:
After today's McAfee DAT file update (#5271), it reported that Screenshot Captor contained the MalWarrior trojan. I'm hoping this is just another false-positive. Has anyone else experienced this issue?
I would have taken a screenshot of the actual error, but it had already deleted Screenshot Captor!
mouser:
OK NOW I HAVE TO STRANGLE SOMEONE AT MCAFEE.
Thank you for the report, i will complain to mcafee. again. this is getting damned ridiculous.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version