............ Have a nice day............

Saturday, 19 October 2013

What is a Antivirus False Positive?

A false positive, also known as a false detection or false alarm, occurs when an antivirus program detects a known virus string in an uninfected file. The file, while not infected with an actual virus, does contain a string of characters that matches a string from an actual virus.
A false positive can also occur when a program performs an action, which appears to the antivirus program to be a virus-like activity.

Norton AntiVirus and Symantec AntiVirus Corporate Edition use Bloodhound heuristics to detect virus-like activity.

Examples of such activity can include, but are not limited to, writing to the master boot record of the hard disk, making changes to a system file, or running a custom macro in a program such as Microsoft Word.

False detections, once confirmed, are usually corrected as soon as possible

No comments:

Post a Comment