P Diddie,
I like Ad-Aware. But like every software of this type it has flaws.
Ad-Aware is freeware, but even giants like Symantec screw up. And that is with software that is sold.
Have a look at this page from Macromedia
Norton indicates a virus alert with the Flash Player.
The reason these things happen is that these types of programs are fighting a large group of highly motivated people. Spammers, ad-ware and spy-ware distributors are, like virus writers, always trying to circumvent the measures taken against them.
In the past the detection was signature based, meaning that viruses and such were recognized by tell-tale signs in the virus definistions. The problem with signature recognition is that a computer savvy 5 year old could follow instructions on how to modify the virus enough so that it beats signature detection.
Now we are seeing a shift to heuristic engines. This means that malicious code is identified based on it's functions rather than having been flagged as a virus. Edward Skoudis, vice president of security strategy for Predictive Systems offered this analogy: "A signature-based system would recognize a statement like "How are you?" but it wouldn't recognize equivalents such as "How are you doing?" and "What's up?" Heuristics seeks to recognize such distinctions."
This is a good move that innoculates computers against many viruses but can lead to false positives.
Heuristics-based antivirus or intrusion detection software are always giving false positives. They try to stay one step ahead of the virus writers when in reality they have to react to them. The AV and spyware writers are right to do this. It would be terrible if the AV software would stop recognizing a virus just because it has been slightly altered.
Peter Lindstrom, the director of security strategies for Framingham said that signature-based recognition is like a cop with photos of the suspects. Heuristics is like a cop who has experience and recognizes criminal behavior patterns.
I used to have an extra computer lying around in Brazil so I started testing security systems and software on it. I found that modifying viruses (in some cases coming close to a re-write) was often not enough to beat a Heuristic engine.
Yet at the same time sometimes it was hard to get the AV program to stop recognizing something innocuous as a virus.
In the world of anti-spam, anti-virus and anti-spyware prevention the good guys face an uphill battle. They have to react to the bad guys' moves most of the time. So they try to stay one step ahead.
Often they will be too agressive. Spam filters are notorious for filtering wanted email. AV programs are notorious for false positives (on test computers I get over 100 a day sometimes I have to put a weight on the enter button of the keyboard to get the AV popups to go away without wearing out my finger).
So your question is a tough one. The best anti virus softwares in the world are always screwing up. Be it in failing to identify or identifying false positives.
Spyware and adware are, to me, far less serious. Ad-aware just makes it quick but getting rid of the stuff they flag is elementary.
So it comes down to the balance you think is fair.
Do you want the program to never miss stuff? Or do you want it to give no false positives?
You can't have both. I prefer it to miss stuff ebcause ad-ware is not like a virus. MUCH of what ad-aware tries to remove I do not consider spy-ware.
So to me, I'd prefer less in way of false positives. But false positives are a understandable exchange for what we ask of the program.
Ok, to end this long winded work-break, Ad-aware is a good piece of software in a bad business. Consider it a cop, even a good cop makes mistakes. It's a fine piece of software of a variety that frequently makes mistakes.
Ad-Aware happens to make some silly mistakes (like flagging something as spy-ware just because it has the same name). And on most windows computers ad-aware will make at least one mistake every single time it scans.
Such is life. It's probably the best free program of it's type but it's still not on the level of a commercial AV, and even those guys have yet to eliminate false positives.
Ad-Aware used to have definistions updates, it's through a program called Ref Update. But it seems like that's a dead project. When connecting to the lavasofty server the Ref Update program returns a 404 error.
Other servers still have the definitions but unless they are getting new definitions they are just spreading a false sense of security by allowing you to think you have up-to-date definitions while they might just be old forgotten definitions.
Lemme know if I was able to help. I might have given too much info but the bottom line is that Ad-Aware's flaws are mostly inherent to the job it tries to do.