|
On 12/07/2012 23.13, Florian Weimer wrote:
Uploading false positives to Virustotal is not a good idea because it triggers all kinds of automated actions, most of them geared towards branding the file as malware.
I didn't know that; are you sure it works that way? I've often used it to check files and I often got a negative result. Sometimes it was a false positive by a single antivirus only.
If virustotal has such an impact, I guess it should be possible to contact them and have it marked as "good", but contacting McAfee and Symantec is probably more important. Especially because it's not a signature-based alert, but a heuristic one (which seems to go against the Flame theory).
An important question is why heuristic engines do flag that executable. -- Enrico