[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: Lua x antivirus
- From: Enrico Colombini <erix@...>
- Date: Thu, 12 Jul 2012 23:43:09 +0200
On 12/07/2012 23.13, Florian Weimer wrote:
Uploading false positives to Virustotal is not a good idea because it
triggers all kinds of automated actions, most of them geared towards
branding the file as malware.
I didn't know that; are you sure it works that way? I've often used it
to check files and I often got a negative result. Sometimes it was a
false positive by a single antivirus only.
If virustotal has such an impact, I guess it should be possible to
contact them and have it marked as "good", but contacting McAfee and
Symantec is probably more important. Especially because it's not a
signature-based alert, but a heuristic one (which seems to go against
the Flame theory).
An important question is why heuristic engines do flag that executable.