AVAST reaches 200 million user milestone

Let me clarify that part...

What I meant was an unrecognized executable which has no reputation tracks, never been heard by most people, and you got it from a strange website. True, many executables like that are not malicious.

But there are malicious examples as well. To put that in the context, I used that kind of executable in my posts above. It's unknown, but it's also truly malicious. Not an assumption, but the fact that it's corrupting Windows system files after the user executed it.

 

I believe most users won't allow it in that case, making it unlikely to vote into a false negative. Even if the majority allowed it, Avast can analyze the file like a false positive submission before modifying its detection.

Now if it was truly unknown, the system may be exploited. But that depends on how it works and the amount of weight put in votes compared to other data.

I'm curious if you have seen a false negative scenario with Emsisoft Mamutu or something similar.

 

No. Because I always disable it.

Well actually, I've seen such case in non-computing scenarios. People tend to follow what most do, even for the wrong actions. But since it's OT I'm not going to go further. I'm just criticizing the usefulness of users votes. IMO it's better to let the AV vendors to manage the database. The users shouldn't be involved in malware detection process. That's all.