Helping people with computers... one answer at a time.

Malware and virus detectors can show false positives for good products. Both software manufacturers and consumers need to know why and how this happens.

I'm the manufacturer of a computer software product. We're doing business for the last six years with excellent support from people all over the world to date.

I used ESET's Smart Security and Antivirus and full scanned my PC. I was greatly shocked to see the setup program of my product in the list of infected files. So I asked my colleague to check out things from his PC, he had the same experience. What could it be? How can I save the image of my product by reporting the false positive?

In this excerpt from Answercast #6, I discuss the problems encountered by one software manufacturer when their product starts showing as malware in security sweeps. It's unfortunate, but this can and does happen.

Is it really malware?

False positives happen. It's really unfortunate. Antivirus, virus, and malware detection is kind of a black art.

There are some pretty advanced calculations or algorithms being used to scan for thousands and thousands (and thousands!) of different viruses without taking forever; pretty advanced algorithms performing this scanning in something 'approaching' a reasonable amount of time.

The downside is that occasionally the patterns that appear as malware can appear in other software - that is not actually malware. That's what you are experiencing. So there are two things you need to do. One, as a product vendor, you need to make sure that it's easy for your customers and the public to find out information about this problem.

Be transparent about the problem

In other words, have a FAQ; have a customer support page, that says "Yes, our product is currently showing a false positive from this antivirus software. If you got it from a reputable place (I'm assuming you have only reputable places that you could then list), that product is not infected and this is what's known as a false positive. If you got the product from somewhere else, get it from a reputable place."

Unfortunately, one of the things that can happen is bad guys can take a product, such as yours, add malware to it and then offer it as a download.

Contact ESET

The other thing you need to do, of course, is to contact this antivirus security software vendor and let them know that your product is good; that their product is kicking a false positive on your product, and that they need to address this in their package.

Getting through to them can at times be difficult, but most of them (I think ESET falls into this category) try to be responsible. It is not that uncommon for this to happen and they have to be responsible and take action. Not only do they have to detect all of the malware that they can, but also not falsely accuse valid software of being malware.

So get in touch with ESET as soon as you can and let them know this is going on.

Next - What processor do I need for a 17 inch laptop?

Article C5168 - April 4, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

1 Comment
just me
April 8, 2012 9:14 AM

it can happen to anyone

including MS,
I have the win3.1 calculator update
which I got from the MSDownload site

and it was flagged, so I sent a copy of it to the vendor and also pointed them to the MSDownload site where I got it,

they verified that it was being flagged falsely

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.