Question about how Avast team knows if its a False Positive?

I was just wondering how the Avast team can tell when a “False Positive” is really a “False Positive” and not a real Virus?

Reason I ask is because like for example I reported here http://forum.avast.com/index.php?topic=54172.0 what I thought was a “False Positive” and the Avast team agreed with me because they fixed it in the latest update.

But does the Avast team just go by what the user is reporting? Meaning did they just take my word for it and assume I am correct and that’s why they fixed it?

It would suck if the Avast team just took the word from everyone when we report a “False Positive” and fixed it when the files was indeed a real Virus.

Just would like to know how this all works :slight_smile:

I am pretty sure that they don’t just agree with the user, that would not be beneficial…

I imagine that there is testing that is done on the relevant file(s) which they do to verify the actuality of the file being a FP…
Part of this testing is the information that you give when submitting as a FP…

Hi,
yes we test it of course :wink:

Milos

And like you, they have access to other tools like virustotal and jotti to get a second opinion from the rest of the antivirus community.

According to our stats, more than 50% of FP reports on EXE viruses and 70% of FP reports on javascript viruses are bogus and the files are malware, contrary to user’s beliefs. So we must check it.