An application that does not perform as claimed.
Once detected, the F-Secure security product will either automatically disinfect the suspect file or the user will be prompted to select a desired action. For more information, see: Support Community article: Automatic actions for viruses also used for suspicious items .
The Type designation 'Hoax' was previously used by F-Secure to identify an application that does not perform as claimed. This differs from the more common usage of the term 'hoax' to refer to fake, alarming or misleading e-mail messages, which we no longer catalog.
With changes in the threat landscape today, programs previously identified as 'Hoax' have since been reclassified under the Riskware Category, with the Type designation 'Application'. These programs may be listed under the family name 'Application:W32/Hoax'; specific programs which perform significant actions or pose a notable risk may be further described in in individual Description pages. The update in naming better clarifies the program's overall security profile in the current, more complex threat landscape.
Application files or toolbars that are used to propagate fraud are detected with the prefix Not-Virus:Hoax. Detections beginning with the prefix not-virus:Hoax.HTML are of websites containing fraudulent information. The site is fraudulent rather than malicious. The antivirus engine is detecting the site's HTML rather than a drive-by-download.