FANDOM


The term false positive is used when antivirus software wrongly classifies an innocuous file as malware. The incorrect detection may be due to heuristics or to an incorrect virus signature in a database.

On November 10, 2008, an update issued by the popular antivirus AVG incorrectly identified user32.dll as being infected with either Trojan PSW.Banker4.APSA or Trojan Generic9TBN on Microsoft Windows XP SP2 and SP3 (it did not affect Windows 2000 and Vista). When users clicked on the Heal or Move to Vault button will bring up a Blue Screen of Death with stop c0000135 (Unable To Locate Component). Everytime users rebooted their machine, the same BSOD will appear because of the deleted file.[1] A fix has been provided by AVG.[2]

Avast Antivirus commonly detects a false positive called Win32:Malware-Gen. It is detected in a file called ASPNET_COMPILER.EXE. Win32:Malware-Gen is referred to as that because it is used to refer to a suspicious 32bit program (A program that requires admin privileges or uses files that are admin-locked that does not appear in the database of Avast), so Avast contains it or deletes it in-case. [3]

References