Certain embedded files that are part of legitimate programs or specialized fix tools may at times be detected by some anti-virus/anti-malware scanners as a "RiskTool
", "Hacking tool
", "Potentially unwanted tool
", or even "malware (virus/trojan)
" when that is not the case.
Such programs have legitimate uses in contexts where an authorized user or administrator has knowingly installed it. These detections do not necessarily mean the file is malware or a bad program. It means it has the potential
for being misused by others. Anti-virus scanners cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove
them. In these cases the detection is a "False Positive
". Removing these applications may cause other programs that came with them to behave erratically or no longer work.
rdsok, Moderator at the AVG forum provides these instructions for suspected FP's.
If you suspect a file to be a false positive. Test the file at [virusscan.jotti.org] and if it is a false positive, archive (zip, arc, tar etc) the file using a password and email a copy to firstname.lastname@example.org with a brief description as well as the password you used to archive it with.
If it is a false positive , turn off heuristic scanning for the time being. When Grisoft adjusts the virus definitions you can turn it back on. If turning off Heuristics still doesn't allow access to the file while testing and emailing... disable the resident shield temporarily.