There are some antiviruses that are actually a malware.
How does antivirus work
How to treat antivirus results
You canβt 100% trust the results of the antivirus. Best approach is use it to estimate the source credibility. Because you will
Quote
You will have problems if you believe everything ClamAV (or indeed any other virus scanner) tells you. No scanner will give you an accurate result every time. The best anyone can hope for, with ANY scanner and ANY profile of data, is probably four out of five, so if youβre seeing thousands of malicious samples every day, and all you do is trust your virus scanners to be right every time, youβll be accepting hundreds of malicious samples daily at least.
My take on it is that the way to use ClamAV is to try to have it give you an estimate of the credibility the data sources rather than to try to whack all the moles, which is usually a fruitless exercise and will inevitably lead to failure.
To look up
- Heuristic analysis
- Rootkit detection
- Sandbox
- Behavioral-based detection
- ML in virus detection
- False alarms