Discussion in 'General Software' started by -1nf1n1ty-, Dec 10, 2010.
You use two AVs at the same time?
Not exactly. Avast in the background, and MSE for removal.
Replace MSE with Malwarebyte's Anti-Malware. Far superior removal tool!
far inferior rates when it comes to false positives. name any file keygen.exe and see what it does.
MSE is king of the freebies atm.
I've not received any false positives with it. Changed a Word document to keygen.exe and Malwarebytes stated it wasn't a threat.
well maybe they finally fixed that, if so, i may have to revise my opinion.
If the "realtime" scanning is´nt a "must" then ClamWin is a good alternative...
But then again......if you ones have lost data because of virus/malware...then imo, no freeware
AV can replace Kaspersky, ESET Nod or similar god scanners......
One of the few things I gladly pay for is: decent AntiVirus software........
alright i checked out malware bytes again, they have improved somewhat. they still falsely catch out on one of my test files however, so yes, false positives ahoy.
Test file is a Nero keygen that i specifically use to test out AV's, as it IS clean. see screenshots.
23% of their test AV's catch it out as a virus, but look at what its detected as. a keygen? umm, ok. harmful indeed. 'not a virus' 'heuristic' and 'generic' on the other results kinda mean that of that 23%, many actually think its harmless, or its just a generic heuristic algorithm with a high chance of misdetection anyway (false positives)
kaspersky, MSE and most other AVs say its clean, a few low end no names and MBAM say its not.
To me that puts MBAM back in the category of 'just guesses what is, and what isnt a virus' - its better than when i last tested, but its sure not that good either.
people fall into two logic traps with antivirus.
1. my AV never finds a virus, cause my PC is clean! - logic trap, if your AV is crap, how would you know?
2. my AV finds more viruses than the others, so its DEFINITELY better/safer/superior. Umm no, its likely just finding false positives. like how OCCT was falsely seen as a virus for a while, or programs like MSI afterburner got detected as keyloggers, since they listened for certain key combinations to activate profiles. you want your AV to actually catch the viruses, not just catch a few cookies, call them "harmful super dangerous hijack tracking file!" and wag its tail at you.
I've tried a number of things in the past 6 months. Avast, MSE, malwarebytes. Was clean, now I just installed antivir and it's finding stuff I've been carrying around for ages, 45 hits. Makes those other programs look like crap all the sudden.
OH GOD THIS NEEDS A STICKY!
False positives are a good thing. In most cases the virus scanner that is reporting a false positive is doing so because the file exibits behavior that is most commonly seen in viruses. I'd rather a virus scanner pick up on that and warn me about it and let me decide if it is a legit file or a virus than just ignore it. I never understook this logic that if a AV gives the occasional false positive it isn't good. So it is better that it ignores common virus activity, that makes a better AV?
So, yeah, I'm with you here.
how can false positives be a good thing? its your AV proving that its only guessing based on heuristics, and its guessing POORLY.
for every false positive, it might as well be a real virus that it let get past, since it was only 'guessing'
Except that is false logic. It isn't just guessing randomly, it is picking up behaviors that are common to viruses. How is totally ignoring these bahviors better?
its not false logic, but it is imperfect ill give you that.
picking up virus like behaviour is one thing - but calling a keygen a trojan is not 'virus like behaviour' its 'false positives' 'scaremongering' and other fancy words i cbf thinking of at 2:34am
if MBAM actually said "keygen" like one did in that list, thats one thing. or if it reports 'hacking tools' and such like MSE does, thats fine too.
blatantly calling a file that has low or no risk at all to a system a virus, is just scaremongering. its no better than programs that tell you you're infected with malware and security risks just because it found a few cookies.
Ok, I'll agree with that. But that is just coming down to symantics, and I'd still rather have it reported to me and let me decide what it really is.
so you'd rather go through this 20 times everytime your AV does a scan then, I know I sure as hell wouldn't MSE calls it it like it is
Once you confirm it isn't a virus you add it to the exceptions. So it doesn't happen every time the AV does a scan.
thats a fair plan, but fairly time intensive.
also, i can guarantee that you're an exception and the rest of MBAM users would happily delete these non viruses without a second thought.
Chances are if they are downloading keygens and pirated files, they aren't going to delete them if they come up as a virus because they know what they are.
Avira Antivir or Avast!
Separate names with a comma.