Symantec’s antivirus products contain a highly sensitive detection technology designed to detect entirely new malware threats without traditional signatures. This technology is aimed at detecting malicious software that has been intentionally mutated or morphed by attackers. You can submit files detected as suspicious to Symantec Security Response for further categorization. For instructions on how to do this, read Submit Virus Samples
What to do in case of suspected erroneous detection (false positive)
In rare cases where a legitimate file is misidentified and subsequently quarantined, your computer may behave abnormally or you may find that one or more applications no longer function as expected. In such rare situations, you should open the Quarantine in your Symantec antivirus product and review the list of files detected as suspicious. If you identify a potential misidentification, restore the file from Quarantine
and allow it to run normally in order to regain the functionality of your computer or application.
Suspected false-positive detections can be reported to Symantec using our false-positive detection reporting page
to contribute to the effectiveness of our product.