Prev: Another Crock Of Fuvg Spyware Program
Next: Both Avira and Malwarebytes claiming GamersGate patches areTrojans
From: Wile E. Coyote on 27 Nov 2009 23:26
kristlebawl wrote:

> There are NO viruses or trojans in the download. Its likely your
> anti-virus program having what is called a "false positive". It may have
> found something in the heuristic search, which is not always 100%
> accurate. The games iare delivered from developers and publishers, so
> the risk of having an infected download is minimal.
>

Yes, but both Avira and Malwarebytes claim files are Trojans when they
are not far too often and make me waste my time making sure they are
false positives. I once set Avira to it's most secure mode and when it
scanned my external HDD loaded with game patches, mods, nocd cracks etc.
it cliamed about 150 files were Trojans and of course it wasn't correct
about even one of the files. Perhaps that helps explain why some people
choose to use their own safe hex methods instead of relying on such
obviously flawed amti-malware software.
From: David H. Lipman on 28 Nov 2009 07:48
From: "Wile E. Coyote" <coyote(a)ACME.invalid>

| kristlebawl wrote:

>> There are NO viruses or trojans in the download. Its likely your
>> anti-virus program having what is called a "false positive". It may have
>> found something in the heuristic search, which is not always 100%
>> accurate. The games iare delivered from developers and publishers, so
>> the risk of having an infected download is minimal.


| Yes, but both Avira and Malwarebytes claim files are Trojans when they
| are not far too often and make me waste my time making sure they are
| false positives. I once set Avira to it's most secure mode and when it
| scanned my external HDD loaded with game patches, mods, nocd cracks etc.
| it cliamed about 150 files were Trojans and of course it wasn't correct
| about even one of the files. Perhaps that helps explain why some people
| choose to use their own safe hex methods instead of relying on such
| obviously flawed amti-malware software.

I assume "it's most secure mode" is meant to be its highest heuristic detection mode.

Assuming this...
The highest heuristic detection mode doesn't equate to "it's most secure mode". That's
would be a misperception on your part.

*ALL* anti malware suffer from False Postives to one degree or another.. Heuristics is a
way to catch malware that direct signatures fail to detect. As you increase the hueristic
level you increase the propensity to have False Positives.

If you don't like False Positices, dial back or disable heuristic scanning.

It is also presumptuaous tho say because of the above factor, anti malware is flawed. On
the contrary, your presumption is flawed.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


From: Wile E. Coyote on 28 Nov 2009 19:59
David H. Lipman wrote:

> It is also presumptuaous tho say because of the above factor, anti malware is flawed. On
> the contrary, your presumption is flawed.
>

No it isn't because it is set back to default heuristics mode already
and I am a betting man that if I installed Avast it would not give me
the same false positive so that would make both Avira and Malwarebytes
flawed in their detection ability. I have not installed Avast so have no
idea if it will detect those same two game patches as Trojans but from
past experience of using Avast I am betting it won't. Up to the challenge?

You may think this is a minor inconvenience to the customer but I am
sure you are aware that there have been many customers in the past who
are neophytes and have had their computer rendered useless because they
let the AV prog delete or quarantine the file that was a false positive
because they didn't check to make sure it was a false positive first. To
make AV progs better and less flawed all of them should warn the user of
the potential that the detected virus is possibly a false positive and
to get a second opinion before allowing the AV prog to delete or
quarantine the file. Another flaw is the fact that some AV progs are set
to default to quarantine the file with no user interaction needed unless
they change the setting first. Many noobs never even look at the
settings so quarantine or delete should never be the default setting.
The fact you are not willing to consider constructive criticism is a
flaw so back off jack.


From: John Mason Jr on 28 Nov 2009 21:44
Wile E. Coyote wrote:
> David H. Lipman wrote:
>
>> It is also presumptuaous tho say because of the above factor, anti
>> malware is flawed. On the contrary, your presumption is flawed.
>>
>
> No it isn't because it is set back to default heuristics mode already
> and I am a betting man that if I installed Avast it would not give me
> the same false positive so that would make both Avira and Malwarebytes
> flawed in their detection ability. I have not installed Avast so have no
> idea if it will detect those same two game patches as Trojans but from
> past experience of using Avast I am betting it won't. Up to the challenge?
>
> You may think this is a minor inconvenience to the customer but I am
> sure you are aware that there have been many customers in the past who
> are neophytes and have had their computer rendered useless because they
> let the AV prog delete or quarantine the file that was a false positive
> because they didn't check to make sure it was a false positive first. To
> make AV progs better and less flawed all of them should warn the user of
> the potential that the detected virus is possibly a false positive and
> to get a second opinion before allowing the AV prog to delete or
> quarantine the file. Another flaw is the fact that some AV progs are set
> to default to quarantine the file with no user interaction needed unless
> they change the setting first. Many noobs never even look at the
> settings so quarantine or delete should never be the default setting.
> The fact you are not willing to consider constructive criticism is a
> flaw so back off jack.
>
>


Well the right thing to do is report the false positive, to the
developers so they can fix it.

I doubt there are any antivirus or antimalware product that has not had
a false positive.

John
From: Wile E. Coyote on 30 Nov 2009 02:04
Maximus the Mad wrote:

> I'll take that bet(you lost already)!

Prove it. Scan the two files I mentioned and report what Avast finds. If
you don't then you have won no bet. I am still betting Avast doesn't
give false positive on those same two files. The files are the two game
patches to Takeda3. They should be available via The Patches Scrolls too
and not just on the GamersGate site so you don't need to join GamerGate
and buy the game to download them. I contacted GamersGate about it and
was told the files are just renamed files but exactly the same as the
files available publicly. Here's what I am betting, Avira and
Malwarebytes flagged those two files just because they have the word
"Gate" in them and no other reason. That's how dumb these progs really
are and is why I would never pay a penny for them.

> Quarrantine not delete should be the default setting for every AV
> product IMO.

If it quarantines a needed system file and you reboot your PC then you
are hosed. I think thye should just warn the user by default and if they
want to quarantine by default then make that purely a user option.

Not long ago AVG hosed thousands of noobs computers for doing exactly
what you suggest. Look it up.


> and that would be Mr.jack to you.

Ok, Mr. Jack. :)
 |  Next  |  Last
Pages: 1 2 3 4 5 6 7
Prev: Another Crock Of Fuvg Spyware Program
Next: Both Avira and Malwarebytes claiming GamersGate patches areTrojans