A "false positive" is where legitmate programs are detected as a virus. Virus signature strings are only dozens of characters long and sometimes a legitimate script or executable might have code closely resembling the virus somewhere within the larger file itself. DAT 5198 was released promptly by AVERT Labs to correct this issue. Most everyone should have updated to 5198 automatically. If anyone is on DAT 5197, they should move to this corrected DAT. Please use the HELP / ABOUT on the Shield or background scanner to find out which version you are using.