AV-Comparatives

All this time that you are on this forum, you demonstrated all your arrogance...

If you be more sympathy and stop that type of things...

 

RejZoR-Boy, please behave yourself, i'm somehow disappointed to see such postings from you.

 

So, what is 'false positive'?
If it is written 'Trojan.DL.Zlob' and it is actually not, then yes, it is a false positive.

But, what if the message is 'posssible virus' or 'suspicious file'?

Obviously, in this case it depends on how did developers understand 'possible'. If it is like Panda online scanner that deletes everything, or like NOD32 that doesn't have any special action for 'possibility'(which, according to elementary logic means that there is other possiblity too - not a virus), then it is clearly a false positive.
On the other hand, if there is appropriate action, then it is not a false positive, because it is not a positive in the first place, it is, as written, possibility.

I certainly want to know, if anything is packed with 'strange packer', but I also want to be able to take appropriate action, if I just packed it myself - and I do not want to submit my file to anybody, and certainly not wait a week until they improve detection.

Simply doing wrong, certainly does not. But being not able to differentiate between 'infected' and 'probably infected' certainly does tell something about the person.
It applies to users, as well as developers and reviewers. And grinding axe on those who can, will not help.

 

cerBer, a false positive is identifying a file/resource as a threat that is not a threat.

On the doing something wrong thing - everyone will make a mistake once in a while - goodness knows I do, and I consider myself an "expert user" - but I'm most definitely not immune from making mistakes - I wish I were!

 

cerBer,

Actually, failure to differentiate those nuances tells me precious little with certainty. It could be tied to lack of experience, knowledge of the nuances of a second or third language, lack of context, or a host of other things that don't even touch on the capabilities of an individual.

As for axe grinding, I generally don't.

Regards,

Blue

 

Well after reading the testing methodology, I am still satisfied with nod32

 

False positives are annoying but that's why you should never just "delete" a suspected file, unless you're 100% sure. Just Quarantine it. If the system needs it, put it on the exclusions list (most AVs have it) and stick it where it belongs.

 

I didn't mean you are grinding axe, and apologize if it could be understood like that - it must be third language problem, I will try to be more careful.

But still, none of what you said really applies to SW company, selling its product, nor reviewers that publish their tests. They should be clear about what they do, what is written and how to understand that.

And I still insist that there are very different levels of 'false positive'.

 

No problem and no need to apologize since no offense was taken. I was just making an observation that I try to be balanced.

I have absolute agreement with you here. Of course, documentation is the least exciting part of most jobs, unfortunately.

Again, I do agree with this and I also agree with an implied follow-up that users should be prepared to deal with them in some measure. One unfortunate reality is that many users are not equipped to adequately deal with this situation, hence the importance to minimize false positives.

One point to appreciate is that false positives can be a real problem in the mass market. McAfee discovered this earlier in the year, see here, with the damage was compounded by many users having their default action set to autoclean.

Blue

 

If antivir was that bad regarding False positives how do they achieve vb100 award.

 

The VB false positive test set isn't that large. Andreas Marx (AV-Test) has a much better one I think.

And why should I care about "false positives" in cracks, cracked programs or keygens? You shouldn't use that stuff anyway.

 

Agree with that. And if these are the only FPs it's more then beautiful.