A false positive, also known as a false detection or false alarm, occurs when an antivirus program detects a known virus string in an uninfected file. The file, while not infected with an actual virus, does contain a string of characters that matches a string from an actual virus.
A false positive can also occur when a program performs an action, which appears to the antivirus program to be a virus-like activity.
Norton AntiVirus and Symantec AntiVirus Corporate Edition use Bloodhound heuristics to detect virus-like activity.
Examples of such activity can include, but are not limited to, writing to the master boot record of the hard disk, making changes to a system file, or running a custom macro in a program such as Microsoft Word.
False detections, once confirmed, are usually corrected as soon as possible
Norton AntiVirus and Symantec AntiVirus Corporate Edition use Bloodhound heuristics to detect virus-like activity.
Examples of such activity can include, but are not limited to, writing to the master boot record of the hard disk, making changes to a system file, or running a custom macro in a program such as Microsoft Word.
False detections, once confirmed, are usually corrected as soon as possible
No comments:
Post a Comment