lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On 12/07/2012 23.13, Florian Weimer wrote:
Uploading false positives to Virustotal is not a good idea because it
triggers all kinds of automated actions, most of them geared towards
branding the file as malware.

I didn't know that; are you sure it works that way? I've often used it to check files and I often got a negative result. Sometimes it was a false positive by a single antivirus only.

If virustotal has such an impact, I guess it should be possible to contact them and have it marked as "good", but contacting McAfee and Symantec is probably more important. Especially because it's not a signature-based alert, but a heuristic one (which seems to go against the Flame theory).

An important question is why heuristic engines do flag that executable.

--
  Enrico