False Positive

Threat description

Details

Category: Malware
Type: Other
Platform: W32
Aliases: False alarm (FA), False positive (FP)

Summary


A legitimate file was inadvertently detected as 'infected', 'malicious' or 'suspicious' (also known as a False Positive or a False Alarm). Details of the database updates that contain fixes for the latest known False Positives are listed below.



Removal


False Positive Fix

In most cases, a False Positive issue is fixed in a subsequent database update; updating your F-Secure security program to use the latest database is enough to resolve the issue. Details of the update containing fixes for the latest known False Positives are listed below.

Instructions on how to check if your F-Secure security program is using the latest database update are available in Community: How do I know that I have the latest updates?

Exclusion

If you are certain that the file detected is a legitimate application file, you may alternatively choose to exclude it from future scans by the F-Secure security product.

More scanning & removal options

More information on scanning and removal options available in your F-Secure product can be found in the Help Center.

You may also refer to the Knowledge Base on the F-Secure Community site for further assistance.



Technical Details


False Positives sometimes occur if a program contains code or behavioral routines sufficiently similar to known malware to be deemed a security risk, particularly if the program uses file compression or protection utilities known to be associated with malware, or is spread through a site or distribution mechanism known to be associated with malware.

Latest False Positive Notices

  • JS:Trojan.JS.Agent.OOZ: (01 December 2016) This detection unintentionally triggered on certain JavaScript files. This issue was resolved with the 2016-11-30_10 database update released at 1436hrs UTC on 30th November 2016.
  • Worm:HTML/Allaple.gen!A: (2 November 2016) This detection unintentionally triggered on a temporary file created by our product. This issue was resolved with the 2016-11-01_03 database update released at 1609hrs UTC on 1st November 2016.
  • Gen:Heur.JS.Downloader.1: (20 October 2016) This detection unintentionally triggered on a random JavaScript files. This issue was resolved with the 2016-10-20_01 database update released at 0200hrs UTC on 20th October 2016.
  • Gen:Variant.Ransom.Crynigma.2: (14 October 2016) This detection unintentionally triggered on random clean files. This issue was resolved with the 2016-10-13_12 database update released at 2045hrs UTC on 13th October 2016.
  • JS.Nemucod.2.Gen: (updated 22 September 2016) This detection unintentionally triggered on HTML files when accessing internal Sharepoint/Office365 resources. This issue was resolved with the 2016-09-19_08 database update released at 1206hrs UTC on 19th September 2016. A generic fix for the detection was further deployed in the 2016-09-21_13 database update released at 2219hrs on 21st September 2016.





SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More