If you have a computer that is connected to the web then it is essential that you have an antivirus program set up and running full time.
There are so many new dangers that are out there that one has to make sure that they are always safe when they are surfing the internet.
But, occasionally, even the best laid plans can go astray.
This can happen to your antivirus software as well.
There are times when your antivirus software will give out a false positive even though the item that is just scanned is safe.
There are a couple of reasons that this happens – some are legitimate mistakes, while others are fake scans that are done on purpose.
In this article I will go over both types:
Hash Number Confusion And Code Behaviour
When your antivirus software gives out a false positive on a piece of software a lot of times this happens because of how antivirus software works in general.
The software has a database of what it calls signatures that is stored on your computer.
These are the same signatures that you get when you (hopefully) download an update of the software every day.
There are always new threats that are out there so these signatures must always be updated.
The signature itself is nothing more than a hash number of a certain piece of code that the virus may have.
When the scanner sees this code, it reports it as a piece of malware and tries to get rid of it.
Sometimes legitimate code will have this same hash and the antivirus will report a false positive.
Other times it is the behaviour that a certain piece of code has.
Some antivirus software that is out on the market will not only track the signature of the code, but the behaviour of the code as well.
There are certain behaviours that the code might exhibit that will set the alarms off on the antivirus software.
Even though the software may have your permission to do what it is doing, the antivirus may still activate anyway.
This is another way that legitimate software may be labeled bad as well.
One last way that your antivirus program can report a false positive is that it is on the lookout for certain keyword in the title of the software.
Some antivirus software will report a virus on any piece of software that is labeled a keygen.
There have been so many reported instances of viruses being in software like this that they just skip the middle man and do not bother to scan it – they just automatically see it as being guilty.
There are unconfirmed reports that some antivirus companies take payola when it comes to reports as well.
This means that if they scan a crack or keygen to a big company’s software then they will automatically say that the software is bad because they are paid to do so. Allegedly. Perhaps.
So these are the reasons why your antivirus program will at times give out a false positive.
Even so, it is still better to trust your antivirus software than not.