Is Your Antivirus/antimalware Flagging Major Geeks Downloads: Read This Before Posting

Good golly - I have been down this road too many times, but I guess until antivirus gets better, we will continue.

Let's start by saying, your antivirus software is backward-looking. It tries, but really can't know something is a virus until after it is a virus. To combat this, they use several preemptive strategies. None of which is perfect. But the reality is - in the antivirus world - if it is new, it is probably a virus.

The file you are speaking of is a small open-source author. It is possible he used an open-source DLL file that does something like "scan for files on C:" or "open internet connection silently," that was used by a virus author in the past. The DLL is safe, but gets flagged over and over because it was used in a bad manner in the past.

Or the file does something that is suspicious behavior, so they flag it to be 'safe', like read WIFI passwords or something like that. It is safe, it is not a virus, but it COULD be used by a bad actor --- so it is a virus. This is like saying you could hang yourself with your shoelace, so shoelaces are illegal. Kinda silly, huh? Large companies like Adobe or Microsoft don't have this problem because they are permanently whitelisted. They can write software with a shoe laces in a noose wrapped around your neck -- but it will fly though.

The other thing is that it could just be new and unknown to the antiviral program. This is the case for my FileOrganizerThing.
https://www.majorgeeks.com/files/details/majorgeeks_file_organizer_thing.html

I wrote it. I know what it does. It does exactly what I say it does, but because some antivirus companies haven't seen it before. It is a virus. And unless one of you files a ticket with them saying it isn't a virus -- it is a virus.

Even if we write all the copies and they whitelist the software, the next version will be detected, nd you have to do it again.... and again... and again.

The OTHER thing is some of these guys share their definitions, then rename them. So if I detect something as gen malware.1 TimW may pay me for that information, I'll pass the hash - but he remains it Valiant.Nasty.Thing.24

And this is how you see what you are seeing.

Actually, if you want to see more on false positives, check here. You may be surprised. https://www.av-comparatives.org/tests/false-alarm-test-march-2025/

False positives are a pain in the ass, but I don't blame the companies for them too much. It's like the flu shot; they have to take a best guess, and sometimes they are wrong. But I understand that they are trying to protect their customer.

Like once my Credit Card number was detected as a virus because the number partially matched a hash of a known virus.

Once my photography was detected as a virus -- that was funny.



And the worst - once an antiviral company detected my ntuser.dat as a virus and deleted it..... yeah, you read that right.

Anyhow, I have written quite a bit on the topic; feel free to read. But the point is that antiviral apps and Virus Total are guides, not the truth, when dealing with small, new, or niche products.

We have been dealing with this sort of thing at MajorGeeks for over 25 years. We have tested tens of thousands of files, as humans. We use multiple tools for testing and evaluation with our users in mind. That is how we have established ourselves as one of the most trusted download portals on the planet. (That and all these super helpful Geeks in the forum solving problems. #ThanksGeeks!). If you don't trust it, cool - move on. But please don't show up with a 3 out of 72 virus total report, yelling "gotcha!" and picking fights with people who have dedicated a significant portion of their lives to tech and helping people with tech. That's not gonna fly here. We are about learning and helping.

Bottom line: We dig out fresh new software. If you download fresh new software, you WILL run into false positives and warnings because antiviral programs do a bad job of handling that sort of file.