Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


False Positive


Aliases:


False Positive

Malware
Other
W32

Summary

A legitimate file was inadvertently detected as 'infected', 'malicious' or 'suspicious'(also known as a False Positive or a False Alarm).



Disinfection & Removal


Exclusion Instructions

If you are certain that the file detected is a legitimate application file, you may choose to exclude it from future scans by the antivirus product:

Image: Excluding items from scanning (click the image for a larger view)

Detailed instructions for F-Secure security products are available in the Documentation section of our website.


Send A Sample

Alternatively, you may choose to send a sample of the suspect file for further analysis via our Sample Analysis System (SAS), specifying that you are submitting a false positive. Any additional information such as the origin of the file, scanning report file, and false positive detection name will help to resolve the issue more quickly.



Technical Details

False positives sometimes occur if a program contains code or behavioral routines sufficiently similar to known malware to be deemed a security risk, particularly if the program uses file compression or protection utilities known to be associated with malware, or is spread through a site or distribution mechanism known to be associated with malware.


Latest False Positive Notices

  • Trojan:js/kilim.o: First released in database update 2014-02-13_03 on 1841hrs UTC on 13th February 2014, this detection unintentionally triggered on a number of legitimate files. This detection was removed in the following database update; it was subsequently modified and the issue resolved with the 2014-02-13_05 database update, released 2137hrs UTC on the same day.
  • Gen:variant.barys.835: This generic signature unintentionally triggered on a recently released computer game. This issue was resolved with the 2014-01-15_01 database update released at 0250hrs UTC on 15th January 2014.
  • Trojan.Generic.10038776: This generic signature unintentionally triggered on a legitimate application. This issue was resolved with the 2013-11-26_07 database update released at 2244hrs UTC on 26th November 2013.
  • Gen:variant.symmi.29630: This generic signature unintentionally triggered on Exchange Database (.EDB) files. This issue was resolved with the 2013-09-26_07 database update released at 1440hrs UTC on 26th September 2013.
  • Gen:Variant.Strictor.21514: This generic signature unintentionally triggered on an Adobe Help program. This issue was resolved with the 2013-02-03_08 database update, released on 3 February 2013 at 17:30hrs UTC.






Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.