Don’t Forget to Check Your Antivirus False-positives

By | November 2, 2014
Print Friendly, PDF & Email

We were recently bombarded with email from Avast users because suddenly, without warning, Avast detected Cloudeight CalenderPal as being infected with the virus: Win32:Evo-gen. Avast is well-known for its high rate of false-positives. A false-positive is a harmless file detected as a malicious file. If an antivirus cannot differentiate a bad, malicious file from a good, safe file, then one has to wonder if it will detect real viruses when encountered.

First, the suspected virus “Win32:Evo-gen” seems to be everywhere, at least according to Avast – but no other antivirus seems to find it. See https://forum.avast.com/index.php?topic=120219.0 

We have been flooded with emails from folks for the last couple of days asking if we had done something to CalendarPal – we haven’t. We haven’t made any changes to CalendarPal since 2007 – and it continues to work well in all versions of Windows from Windows XP through Windows 10 (technical preview). We don’t know why Avast suddenly started detecting viruses in clean files, but we highly suspect it was due to a bad Avast update. As of today, November 2, 2014, Avast no longer finds any virus in CalendarPal. We haven’t changed CalendarPal – so Avast must have fixed its botched update.

This leads us to a tip for those of you who continue to use Avast (free or paid) antivirus. The first tip is – upgrade your antivirus to Emsisoft if for no other reason than, despite what Avast claims, its anti-malware component is virtually impotent — and it has no PUPs detection at all from what we have seen. We’ve worked on dozens and dozens of Avast-protected computers – and almost always we have removed a plethora of malware and PUPs from these systems.  Emsisoft not only provides superior antivirus protection, it provides antimalware and PUPs detection which Avast is direly lacking. Find out more about Emsisoft here.

The second tip we have for you, regardless of the antivirus you use is this: If  your antivirus detects a virus or Trojan (not a PUP or malware program) in a file or program, double check it before you panic. The fastest, best, safest free way to do this is to use a site called VirusTotal

VirusTotal will check any file from your computer or from a download link with 54 different antivirus programs. It scans most files in a minute or so, so  you don’t have to wait long before you know for sure if your antivirus is detecting a false positive or if you have a real problem.

We know that any antivirus can makes a mistake now and again, but Avast seems to have more trouble with false positives than other security programs. And that should make you wonder about its ability to detect real threats. A rare mistake by an antivirus is understandable but a high rate of false positives should make you wonder.

 

 

6 thoughts on “Don’t Forget to Check Your Antivirus False-positives

  1. Muriel.S

    The saddest thing about this article is that you were actually FLOODED with emails asking if YOU had done anything to Calendar Pal. Why wasn’t Avast, or other AV programs involved FLOODED with emails from your “loyal” supporters asking why, all of a sudden, they were flagging Calendar Pal.. In my opinion, THEY are the ones who operate in a questionable and unethical fashion …. and do it with no remorse or legitimate responses. It is unforgivable that the creators of a SECURITY program don’t seem to think it’s important to PROTECT it’s users.

    These email writers, who obviously subscribe to your newsletter, certainly don’t “hear” what you’ve been preaching about over and over again for YEARS. Yet, you always seem to be put in the position of defending yourself for trying to do the RIGHT and FAIR thing when you advise us. Makes me angry.

    Reply
  2. Ms. D

    I just added VirusTotal to my Favorites List, so that it is handy should I need it. I used to use AVG (free version) until it left a virus through and my computer crashed and burned. After getting a new computer, I used AdAware (paid version) – a program we had used on our computers where I used to work. It always seemed to do a good job, but back in early May of this year, updates would not download – some problem with AdAware’s servers. After trying unsuccessfully to contact AdAware and well over a week without any updates to the program, I deleted it and took TC and EB’s advice and purchased Emsisoft. It was really easy to learn how to use and thus far is doing an excellent job protecting my computer. I know you guys have gotten a lot of guff from some who say you are pushing Emsisoft to line your own pockets, but that is a bunch of baloney if you ask me. I would never have known about Emsisoft had it not been for you guys telling us about it. Nobody twisted my arm to purchase it. I needed a good and trustworthy anti-virus program, and TC and EB have never steered me wrong before. I have learned so many things from you two since running across your web site purely by chance several years ago. What a lucky day that turned out to be. Thanks for all the hard work you do for all of us. You are both appreciated more than you will ever know. 🙂

    Reply
  3. mary billman

    when I scanned a file with VirusTotal, it showed I had 4 red results. Yikes, now what do I do?

    Reply

Leave a Reply to Muriel.S Cancel reply

Your email address will not be published. Required fields are marked *