VirusTotal tackles false positive malware detections plaguing antivirus and software vendors
VirusTotal, a Google-owned online malware scanning service, is creating a whitelist of products from large software vendors to reduce bad detections by antivirus programs.
False positive detections are common in the antivirus industry. They occur when a benign program is wrongfully flagged as malicious due to an overly broad detection signature or algorithm used in an antivirus product.
VirusTotal, which scans suspicious files uploaded by users with products from 48 antivirus vendors, invited large software makers Tuesday to add metadata about their products’ files to a new database maintained by the company.
If a file that’s later uploaded by users to be scanned with VirusTotal is in that database, the scan report will display a “trusted source” alert. If any antivirus products flagged the file as malicious during the scan, their detections will be considered false positives and will not be counted toward the final detection score. Vendors of the products that flagged the file as malware will be notified so that they can correct the error.