False NEGATIVES in CCAV 1.2 onwards (Draft)

Valkyrie, which is used by CCAV is capable of verdicting files as trusted. Because it actually runs the files and checks what they do , AS WELL AS undertaking static heuristic analysis AND checking against virus signatures, it will almost always be right in such judgements. But very occasionally it may get the verdict wrong.

What should you do if you observe this?

  1. If you have not deliberately infected your machine for test purposes, immediately quarantine the malware.

  2. Double check that the file appears on the ‘Trusted’ list under the ‘Valkyrie Analysis’ heading in the main GUI. File that do not appear here are not verdicted trusted by Valyrie. (They may be being trusted for other reasons, perhaps because the vendor is on the trusted vendor list).

  3. Immediately report the false negative here.