I'd say Mr Right is kinda right here, though he's also a bit wrong.

It's good to be overly cautious, but with being overly cautious comes also the false positive.
The only way to fix false positives is to alter the scanning rules, which may in fact make it less safe. That's the problem isn't it.
The closest way to ensure no security is dropped but the caution is continued is if Avira started keeping a list of "checked and really clean" files and hash values for whitelisting. And that would be really horrendous on performance. Anti-virus is such already

Well, that doesn't sound too threatening xD...

Certainly not threatening to me lol

Especially considering the GOG installer doesn't even run on those systems.

Did you try uploading one of the files to Virustotal or something to see if any other vendors flag it as being infected?

Avira flagged an old, legitimate installer on an old pc I now use mostly for older games as malware recently for me, I'm 99% sure it's clean as well (it's from 2004 and completely untouched since then! I have an OCD thing about keeping old installers) but the lab results for the false positive test confirmed it as malware.

I wonder if they're increasing their heuristic detection levels as a result of their slightly lacking performance in the AV comparitives test? but then why would the lab itself not recognize false positives? if indeed it was in my case of course. Regardless it set me into full on tinfoil hat mode for the time being.

I never even thought of that.

http://www.virustotal.com/file-scan/report.html?id=0e57739ef030e80f74a3cdff7e83c96788c868b9d12c0a456f282bffa3d8aca4-1305023058 22/42 detections
http://www.virustotal.com/file-scan/report.html?id=fe7a01590fe90fcb58fbedfe1cee5db823d6dcc292e9cb82ae8f36379e53ebc3-1305023370 6/42 detections
http://www.virustotal.com/file-scan/report.html?id=be0db1033728d8fd87256fdd232df331e65f04a352c6290eb488f9fb603ba28e-1305023878 15/42 detections

So it's not just my virus scanner. Clearly GOG aren't trying to hijack our bank accounts but it's a pain that the scanners don't recognise the files are legit.

Yes, some of us aren't poor and like their money being safe. Before you go off on a tangent on how "you never get viruses/adware/malware with your free scanner".... how would you know? The virus scanner can only detect what it knows of.

"pros" ;p Most 'pros' I know will gladly recommend Apple before recommending Microsoft products.

And we're talking about security here! :)

We're talking about religious wars here.
And I'd recommend MSE as well. Not the biggest MS fan either, but their policies have gotten better this last decade.

However at the same time I'd like to ask people to stop using Symantec's products. They often cause more problems than they solve, and I've had several occasions where uninstalling an expired product from Symantec has proven more trouble than untangling malware from a windows system without breaking anything.

Also Bullguard, the full paid version is bugging me, mainly because of it's firewall though. Nice touch with a firewall. I just wish it'd also actually read the rules I put into it rather than decide it knows better and ignore any custom rules I input.

For anti-virus it's hard to say that one is leaps and bounds better. Most anti-virus software works on a dictionary of known virii to identify known viruses. These are never better than the latest incarnation of a virus which will have plenty of time to spread before getting caught, dissected and added to the database.
Then there's heuristics, guessing based on behaviour, but what the actual behaviour itself is a guess from the AV's point of view. Here some AV software might be better than others, but be too aggressive and you flag legit files as virus, and be too lenient and you miss the actual malware. But a lot of the older hacks to pull more resources out of a computer and make it do stuff is likely getting flagged as suspicious.

And until someone does something in a new way to infect your computer, there's no way it can even guess it's going to be a virus, so no safety there either.

I don't like Apple but I can still recommend a Mac to anyone who knows exactly what they want their computer to do, and know it does that out of the box.
Once you need to get somewhat advanced, like adding a windows shared printer on our network for instance, it gets a whole lot more complicated very fast indeed. And just because it works on one point release of OS X doesn't mean it'll act the same way on the next.
But for home users who need it for nothing more than most home users do, and don't expect windows software to run it, it's a nice piece of kit. It's a bit on the pricey side for what you get, but you do get software made for idiots. And Nature has proudly risen to the challenge and produced bigger idiots.

(Edited in disclaimer: I'm not saying all Mac users are idiots. I'm just saying that the OS has been designed so even idiots have a chance of operating it on a user level. And with streamlined hardware, hardware troubleshooting and drivers are a problem left for windows users too. I've still encountered multiple users who can't figure out what they're doing even on their precious Mac)

Actually independent reviews on AV's haven't rated MSE better than Avira premium and as a whole, Avira was ranked much better in 2010.

Just my thoughts: the OP's title is misleading and rude.

It's insulting for a digital games distributor, especially one as respected as GOG, to be accused of spreading malware.

You've listed valid reasons in your post, but your thread title is an inappropriate attention grab. Perhaps you should reword it to something along the lines of, "Rayman client has malware"

I do not seek to get into an argument, but your thread title is frankly ill-chosen.

Personally, I find all passive anti-virus applications to be a near complete waste of time. There was a time when I would swear by them, but I have found that common sense works better than any of them 99.99% of the time, plus without one, my computer runs amazingly fast. I just keep my machine fully up-to-date and behind a decent firewall, only download files from trusted sources, never open e-mail attachments unless I am expecting them and If I need it, I have a manual virus scanner that I can run on individual files or my whole system as required. I would never recommend that everyone should go A-V free (my own mother's computer would be a paper weight without it), but if you are already reasonably computer savvy, they are pretty much a waste of resources.
Topic titles can't be changed once posted, except possibly by GOG staff.

A lot of the security for Macs is simply that virus and malware programmers, to this day, code primarily for Windows and Microsoft products. Linux, for example, can have HUGE security holes in it depending on your setup, but most viruses won't function "properly" in Linux so it doesn't really matter. Macs don't have huge security holes, but they don't get targeted with most of the really nasty stuff either.

So while a Mac or Linux machine is definitely safer, it's not necessarily more secure. For all of the very valid criticisms against Microsoft, I have been very pleasantly surprised by their security support and updates, and MSE in particular.

Secondly, ANY security software can (and will) detect malware EVERYWHERE if the heuristics are set too high. This often leads to people turning down or turning off the advanced heuristics entirely, which completely defeats the purpose of having security software in the first place. In my view, it's Avira's responsibility to make sure that their malware detection is accurate, not GOG's. "Better safe than sorry" doesn't work nearly as well as reaching the correct conclusion.

Linux is safer because most the viruses being writen for Linux-based distributions and OSes require certain packages and runtime environments to be installed for them to work, and because of that, no matter how awesome the virus may be, it will only be able to infect certain distributions / setups.

The Mac uses security through obscurity. And this is NOT security. It may be until the holes are discovered (but seeing how the OS and Safary fall the first every year at pwn2own), but after that, all hell could break lose. 'Could', because Mac aren't being targeted much yet.

I like that Windows is being attacked so much, it just makes the OS's protection even better with every Patch Tuesday.

That's not quite enough anymore.

The most common methods of infection involve malicious banner ads, usually Flash-based (since Adobe has a history of being very slow at fixing security vulnerabilities). Get a few going in the ad networks, let them percolate through some 50 billion websites, and you'll have people getting infected just by visiting MSN. Not even Google is immune.

That said, keeping things fully up to date is a good idea, so long as you're doing it properly. Mind you, keeping up on OS, browser, and plugin updates isn't an easy thing to do on your own. I like to use Secunia PSI for that purpose -- it's completely free, and can even automatically install some updates when it notices that you need them.