Overblog
Editer l'article Suivre ce blog Administration + Créer mon blog
27 juillet 2014 7 27 /07 /juillet /2014 21:57

According to Webroot SecureAnywhere, cloud-based antimalware, Easy Drive Data Recovery is malicious:

 

AV False positives, part 1 - SecureAnywhere

According to VirusTotal, this file is not malware:

https://www.virustotal.com/en/file/74ab0b9068ef46db6f3acb04c17963fa8e99f23ee0d603559faca4fd720c1c8f/analysis/1406491025/

If you scan whole disk drives without confirming action for every file that gets detected, you may get in trouble... at least, I would recommend to choose "quarantine" as default action.

AV False positives, part 1 - SecureAnywhere

-----------------------------------------------------------------------------------------------------

Now, according to SecureAnywhere, Portable LibreOffice (Framakey version) also contains malware:

AV False positives, part 1 - SecureAnywhere

Well, according to VirusTotal, those files are not really malicious...

  • passwordcontainer.uno.dll is in fact packed, 2 detections out of 53

https://www.virustotal.com/en/file/4ae9daed6ef23e760df5fa9624671311be148c3c9c3fc46d0950180e090385dc/analysis/1406491597/

AV False positives, part 1 - SecureAnywhere
AV False positives, part 1 - SecureAnywhere
AV False positives, part 1 - SecureAnywhere
AV False positives, part 1 - SecureAnywhere

All of those results were with a (quite) old version of Portable LibreOffice, pas per the file properties:

AV False positives, part 1 - SecureAnywhere

Now, here is what SecureAnywhere says regarding the latest available version of Portable LibreOffice (from here: http://framakey.org/Portables/LibreOfficePortable): still 2 detections!

AV False positives, part 1 - SecureAnywhere

According to VT,

  • wininst-6.0.exe: 5 detections

File is UPX packed...

AV False positives, part 1 - SecureAnywhere
  • python.exe: same as before, 3 detections on VT.

File is UPX packed..

Partager cet article

Repost0

commentaires