FALSE POSITIVE DETECTION

[TOBYTOO]

BASIC QUESTIONS ON FALSE POSITIVES. PRO/CON??  BECOMING HARMFUL ??

1) IF A SECURITY SOFTWARE HAS A HIGH DETECTION RATE, BUT ALSO HAS A HIGH FALSE POSITIVE RATE DOES THAT MEAN THAT THE SOFTWARE SHOULD BE AVOIDED AS IT MAY BE HARMFUL AS CERTAIN FILES MAY BE DELETED THAT ARE NEEDED FOR EXISTING SOFTWARE?

----COMPARE THE ABOVE TO A SECURITY SOFTWARE THAT HAS A LOW DETECTION RATE AND ALSO HAS A LOW FALSE POSITIVE RATE. ----WHICH IS BETTER??

2) DOES THE DETECTION OF A FALSE POSITIVE MEAN THAT IT CAN BE HARMFUL TO THE SYSTEM??  IF SO, HOW ??

THANKS FOR YOUR HELP. TOBY

[calcu007]

It has high false positives don't mean that it is harmful to your system.With avast you have the option to chose what to do when a detection appear you don't have to delete the file. If you think that the file is a false alarm then send the file to Avast and they will fix it.

[DavidR]

False positives are really only a problem if you take detections at face value and worse still delete detections. avast is no different to other AVs they all suffer to some degree from FPs. The ability to send detections to the avast chest where they can do no harm and gives options to restore a file if having moved it to the chest it has an adverse impact.

Deletion isn't really a good first option (you have none left), 'first do no harm' don't delete, send virus to the chest and investigate, google the file name, scan with multi engine scanner, etc.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently 32 different scanners.
Or Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. Whichever scanner you use, you can't do this with the file in the chest, you will need to move it out.

[Tarq57]

TOBYTOO,
Detections of FP's by any security software is not damaging to the system. It's what the user then chooses to do with them that have the potential for damage.
I've got quite a few demand scanners on mine, every now and then one of them finds something. A few years ago, when I had zero knowledge, my reaction was almost always to delete it. That's probably how I broke my Windows, and eventually had to reinstall it. Now the reaction is totally opposite.
A fairly good sort of procedure is to treat it with suspicion, investigate where the file is using windows explorer, and examine the properties and associations of it. That can get fairly involved when you're new at the game, so a good first port of call is Google. Search the file name. If Google hasn't heard about it as a malware entry, chances are (1) It's safe, very likely, or (2) you're amongst the first users to be affected by a "zero day exploit", not on anybody's definitions lists yet. Much less likely, but possible.
In either case, moving it to quarantine is always the safe option, unless you know it to be harmless. If you strongly suspect it to be harmful, it is still safe in the quarantine.
If, after investigation, you're sure it's a FP, you can send it to the security vendor that detected it. Chances are, this will already have been done by someone else.

[TOBYTOO]

First of all, Thanks to those that responded to my question(s). I will take your advice. I now know not to delete but just let it go to quarantine if detected and later search to see if it is harmful.

The first question # (1) was asked due to the fact that I was considering A-V software which had been tested and put on the Web the site http://www.av-comparatives.org . This article/web site can be read and printed out for comparison and is kept up to date. 
NOD32 was rated the best, but the one that had the highest detection rate of Backdoors, Trojans and other Malware and third on Worms, Windows, etc. was AVIRA .
AVIRA was not given the highest rate due to the fact that it had a higher rate of false positives.

I am considering AVAST or AVIRA as my primary A-V Security Software. I would appreciate your opinion on
which one of these or what other you think is the most user friendly and most productive for my home pc. I will also have Spyware detection, etc.

Again, thanks in advance for responding, Toby

[DavidR]

There are other things that you need to take into consideration when choosing an AV, detection is only one element (an important one) you need to look at, Antivir doesn't offer the same functions as avast now if what is missing is important to your needs, so when choosing you need to also look at features.

Some AVs only support Outlook and Outlook Express in their email protection or don't offer P2P or web scanning or Instant Messenger cover. There are ways to have one resident AV and another on-demand AV scanner which will bolster overall protection. It used to be possible to have Antivir as an on-demand scanner, but I think that changed with the latest version. BitDefender free is an on-demand option that some use as a backup scanner that or many of the on-line scanners.

[Tarq57]

Another thing to take into consideration when comparing the tests at avcomparatives, is that only the paid (or full) versions are tested. Avast home uses the same engine and features as the pro version, in terms of detection. I understand the detection rates for Avira free/paid might be different, so it's only a partial comparison.
I think the FP rate of Avira can be decreased by reducing the sensitivity of the heuristics.
I've used both (And AVG also) and they're all good, but Avast runs best here, it has given zero problems, ever. The others have given only minor, occasional problems, slow updates, that sort of thing, and the occasional FP.
I would suggest trying them out, for say, a month or two each, and see which one you prefer. (avast will win!)