Suspicious:OSX/Malware

Classification

Type :

Suspicious

Aliases :

Suspicious:OSX/Malware, Suspicious:OSX/Malware!Online, Suspicious:OSX/Malware.variant!Online

Summary

This detection from the F-Secure Security Cloud identifies a program or file that has behaviors or aspects which are considered undesirable, unwanted or risky, but do not meet the stricter definition of malware.

Removal

Based on the settings of your F-Secure security product, it may block the file from running, move it to the quarantine where it cannot spread or cause harm, or ask you to select an action.

A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:

  • Check for the latest database updates

    First check if your F-Secure security program is using the latest updates, then try scanning the file again.

  • Submit a sample

    After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.

    Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.

  • Exclude a file from further scanning

    If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.

    Note: You need administrative rights to change the settings.

Technical Details

About Security Cloud

F-Secure's Security Cloud is an online service that tracks the security reputation of common programs, files and websites. If a questionable program or file is found during a scan, your F-Secure security product will send a query to the Security Cloud to get its most recent reputation rating. The product will then use that information (and if needed, further analysis) to choose whether to block, quarantine or remove the program or file.

The Security Cloud rating for the identified program or file indicates that it is a potentially unwanted application (PUA) - it has behaviors or aspects that can have an undesirable or unwanted impact on your privacy, security or productivity.

A program or file may be detected as a PUA if it exhibits any of the following:

Unwanted impact on productivity:
  • Disrupting the desired user experience
  • Waste of time
  • Program performs unexpected, unwelcome and unauthorized actions, which lead to unwanted distractions, lost opportunities or lowered productivity
  • Time or monetary cost of cleaning, maintaining or reformatting the affected device
Unwanted stress on the device's resources:
  • Excessive use of computing resources - disk space, SSD writes, Memory, CPU time, etc
  • Excessive bandwidth or data plan consumption
Compromises security:
  • Exposure to unexpected, questionable or unverified content, location or applications
Compromises privacy:
  • Personal information is unnecessarily exposed to unknown or unauthorized parties

For more about how F-Secure determines if a program is a PUA, see: Classifying Potentially Unwanted Applications