Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


False Positive


Aliases:


False Positive

Malware
Other
W32

Summary

A legitimate file was inadvertently detected as 'infected', 'malicious' or 'suspicious'(also known as a False Positive or a False Alarm).



Disinfection & Removal


Exclusion Instructions

If you are certain that the file detected is a legitimate application file, you may choose to exclude it from future scans by the antivirus product:

Image: Excluding items from scanning (click the image for a larger view)

Detailed instructions for F-Secure security products are available in the Documentation section of our website.


Send A Sample

Alternatively, you may choose to send a sample of the suspect file for further analysis via our Sample Analysis System (SAS), specifying that you are submitting a false positive. Any additional information such as the origin of the file, scanning report file, and false positive detection name will help to resolve the issue more quickly.



Technical Details

False positives sometimes occur if a program contains code or behavioral routines sufficiently similar to known malware to be deemed a security risk, particularly if the program uses file compression or protection utilities known to be associated with malware, or is spread through a site or distribution mechanism known to be associated with malware.


Latest False Positive Notices

  • Win95.cih.299: This file signature was unintentionally triggered during download of the 2014-07-18_06 database update. This issue was resolved with the 2014-07-19_02 database update released at 1550hrs UTC on 19th July 2014.
  • Trojan:W32/Febipos: This detection, which was released only to Beta program users at 0409hrs UTC on 8th July 2014, unintentionally triggered on a number of legitimate files. The detection was removed and this issue was resolved with the 2014-07-08_03 database update released to Beta program users at 0809hrs UTC of the same day.
  • Trojan:js/kilim.o: First released in database update 2014-02-13_03 on 1841hrs UTC on 13th February 2014, this detection unintentionally triggered on a number of legitimate files. This detection was removed in the following database update; it was subsequently modified and the issue resolved with the 2014-02-13_05 database update, released 2137hrs UTC on the same day.
  • Gen:variant.barys.835: This generic signature unintentionally triggered on a recently released computer game. This issue was resolved with the 2014-01-15_01 database update released at 0250hrs UTC on 15th January 2014.






Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.