Quick Heal Next Gen - Comprehensive Virus Defence | << | >> |
Heuristic Analysis is the technique of scanning a file
for suspicious code and algorithms. However, it is very
difficult to determine what code is suspicious. The code
that might be innocent in one program (for example, FORMAT.COM)
might be suspicious in a virus-infected file. For this reason
it is necessary for heuristic analyzers to calculate how
suspicious a file appears. Typically, a scoring system is
implemented, and any file which has enough suspicious elements
(enough high score) is flagged as being a possible virus.
Suspicious elements could include undocumented DOS
functions, anti-Debug techniques to avoid disassembly,
existence of an executable file search mask
(*.COM, *.EXE) etc.)
Heuristic Engine can only point a needle of suspicion towards a file for a possible viral infection and is not a conclusive proof.
Heuristic engine also does not have any detail on either the file or the virus. Hence, it is not possible for it to recover files from such cases.
Advice:
If you are sure that a virus has not infected the file and
you are still getting a heuristic warning, just ignore
the message. Also add the file to the exclusion list to
avoid further warning on that file.