When you should not trust antivirus
Sometimes we've got messages from our users saying something like this: "my antivirus says that your software is infected by some trojan"... and so on. I'm sure that similar messages received by many other companies, including Skype, WhatsApp and others. Any software can become victim of "false positive"
detection. Yes, in computer industry we also have such term. In this article I will tell you how to check if the file is really infected or your antivirus just play a commercial game with you.
First, do not trust us. Sure, we will say that we have no trojan and viruses. What else we can say? You blame us, we will keep silent yet. Also, we are sure that you think that your antivirus is holy virgin. We think so, because you write to us, not to manufacturer of your antivirus. That's simple.
So how to understand who's lying? You can check suspected file using 70+ other antiviruses and see if a warning is right or wrong. Internet have only one site (till now) that aggregates over 70 databases of world-known antiviruses and lets you check a file using all antiviruses with a single click. Here is a link to that site:
Just upload suspected file and see the results. If most antiviruses say that the file is infected, than, probably it's the true. If just one or two, probably, it's a false positive detection. And your antivirus is lier.
To prove my words I suggest you to search Google and you will see many people complaining about false positive virus detections in Skype, OneDrive and other apps. These apps from Microsoft, we are sure they have no viruses, but sometimes your holy antivirus is wrong.
Why this happens? Why false positive? Because antivirus can "suspect" virus by some part of code. In most cases, usually, its not a virus, but it looks like a virus. I think it's stupid idea to do like that... It's like you come to doctor and he says "I suspect flu, but I'm not sure, lets cure you from flu". Will you trust such doctor? Thats why I recommend to disable option for heuristic analysis in your antivirus (logic that tries to guess if file dangerous or not). Antivirus have no right to "guess", antivirus must know to be sure. Otherwise, they can manipulate you (see below how they do it).
Also, visit web site of your antivirus. Somewhere at the bottom, or in contact form you will find a link saying "report false positive". What does it mean? They do know that they make mistakes and ask you to help them fix an issue... Sorry, but holy antivirus does not exists.
During recent 18 years of my work in this business, I noticed few companies that use "false positive" warnings very often. Not because they care about your security, I think they want to keep you stressed. Stress sells more! First, you see how many "danger" around and how their product "protects" you. To push you buy their license. But all these warnings are fake, and if I prove it, they will reply: "sorry, its a false positive".
Be carefull, dont trust anyone,
Head of development office