Glossary Entry: False Positive
Quick Definition
Antivirus programs, like any other program, are just lists of instructions. In order to explain to a program what malware is, the developers of the antivirus provide their program with a list of known malicious programs and a guideline to aid in finding new ones before they cause trouble. The list is usually pretty specific and defines exactly what to look for, much like a warrant.
The problem is, the guideline half of the instructions is much more vague and leaves the antivirus to make a guess about the programs it inspects. Sometimes, this results in the antivirus deciding that something harmless is a new type of malware. This case of mistaken identity is known as a false positive: it tests positive for being something harmful according to a broadly worded checklist, but ultimately is harmless.
The problem is, the guideline half of the instructions is much more vague and leaves the antivirus to make a guess about the programs it inspects. Sometimes, this results in the antivirus deciding that something harmless is a new type of malware. This case of mistaken identity is known as a false positive: it tests positive for being something harmful according to a broadly worded checklist, but ultimately is harmless.