Threat Description

False Positive

Details

Category: Malware
Type: Other
Platform: W32
Aliases: False alarm

Summary


A legitimate file was inadvertently detected as 'infected', 'malicious' or 'suspicious' (also known as a False Positive or a False Alarm).



Removal


False Positive Fix

In most cases, a False Positive issue is fixed in a subsequent database update; updating your F-Secure security program to use the latest database is enough to resolve the issue. Details of the update containing fixes for the latest known False Positives are listed below.

Instructions on how to check if your F-Secure security program is using the latest database update are available in Community: How do I know that I have the latest updates?

Exclusion

If you are certain that the file detected is a legitimate application file, you may alternatively choose to exclude it from future scans by the F-Secure security product.

More scanning & removal options

More information on scanning or removal options is available in the documentation for your F-Secure security product on the Downloads section of our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for further assistance.



Technical Details


False Positives sometimes occur if a program contains code or behavioral routines sufficiently similar to known malware to be deemed a security risk, particularly if the program uses file compression or protection utilities known to be associated with malware, or is spread through a site or distribution mechanism known to be associated with malware.

Latest False Positive Notices
  • Trojan.Script.645403: (21 December 2015) This detection was unintentionally triggered by a section of JavaScript code. This issue was resolved with the latest 2015-12-21_01 database update released at 2223hrs UTC on 20th December 2015.
  • Gen:Variant.Kazy.5494: (16 December 2015) This detection unintentionally triggered on a file related to a popular game. This issue was resolved with the 2015-12-16_09 database update released at 2213hrs UTC on 16th December 2015.
  • Trojan.MSIL.XAA: (7 December 2015) This detection was unintentionally triggered on certain MSIL files. This issue was resolved with the 2015-12-05_17 database update released at 1634hrs UTC on 5th December 2015.
  • Gen:Variant.Kazy.771924: (21 November 2015) This detection was unintentionally triggered on DLL files associated with some custom software. This issue was resolved with the 2015-11-21_17 database update released at 2100hrs UTC on 21nd November 2015.
  • Gen:Variant.Mikey.27098: (29 October 2015) This detection unintentionally triggered on an open-source custom scripting program. This issue was resolved with the 2015-10-29_11 database update released at 1611hrs UTC on 29th October 2015.
  • Trojan.IFrame.G : (7 October 2015) This detection was unintentionally triggered by a file named jpeg.xmd, which is typically found in the \Temp\fsaua.tmp\ location. This file is associated with our product database updates and a recent modification was made that affected the updates from 2015-10-06_11 to 2015-10-07_01, which may in turn lead to the product failing to update. This issue was resolved with the latest 2015-10-07_02 database update released at 2335hrs UTC on 6th October 2015. Users are urged to update their product to take the latest database update into use.





SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More