Home > Threat descriptions >

False Positive


Category: Malware

Type: Other

Aliases: False Positive (FP), False Alarm (FA)


Security programs will sometimes unintentionally identify a clean program or file as malicious if its code or behavior is similar to a known harmful program or file. This is known as a False Positive.

See the Technical Details section for a list of the latest known False Positives, and the relevant remedial database updates.


In most cases, a False Positive is fixed in a subsequent database update; updating your F-Secure security program to use the latest database is enough to resolve the issue. You can take the following actions to handle a False Positive:

  • Check for a fix

    To check if your F-Secure security program is using the latest database update, see: Community: How do I know that I have the latest updates?

  • Submit a sample

    After checking, if you still believe the file is incorrectly detected, you can submit a sample of it to F-Secure Labs for re-analysis.

    NOTE If the file was moved to quarantine, you will need to first collect the file from quarantine before you can submit it.

  • Exclusion

    If you are certain that the detected file is a legitimate application or file, you may choose to exclude it from further scanning by the F-Secure security product.

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details

False Positives sometimes occur if a program or file contains code or behavior that is similar to known harmful programs. This is especially likely if the program or file uses compression or protection techniques, or is spread using a distribution method, that are commonly used by harmful programs.

Latest False Positive Notices
  • Trojan.Agent.DHKL:
    (25 October 2018) This detection unintentionally triggered on a Chrome browser extension that makes changes to the browser homepage. This issue was resolved with the 2018-10-25_06 database update released at 1113hrs UTC on 25th October 2018.
  • Suspicious:OSX/PossiblyUnwanted.[variant]!Online:
    (13 Aug 2018) Multiple Cloud-based detections unintentionally triggered on random system and application files. The [variant] element in the detection name identifies the first few characters of the affected file's hash. This issue was resolved with updates to the Security Cloud ratings for the affected files.
  • Trojan.GenericKD.30793519:
    (16 May 2018) This detection unintentionally triggered on an installer file. This issue was resolved with the 2018-05-15_03 database update released at 0928hrs UTC on 15th May 2018.
  • Gen:Trojan.Heur2.RP.jDX@aeDTceqi:
    (8 May 2018) This detection unintentionally triggered on game-related files. This issue was resolved with the 2018-05-08_03 database update released at 0450hrs UTC on 8th May 2018.
  • Trojan.Groooboor.Gen.3:
    (8 May 2018) This detection unintentionally triggered on harmless document files. This issue was resolved with the 2018-05-07_07 database update released at 1417hrs UTC on 7th May 2018.

Date Created: -

Date Last Modified: -