Threat Description

False Positive

Details

Category: Malware
Type: Other
Platform: W32
Aliases: False alarm (FA), False positive (FP)

Summary


A legitimate file was inadvertently detected as 'infected', 'malicious' or 'suspicious' (also known as a False Positive or a False Alarm). Details of the database updates that contain fixes for the latest known False Positives are listed below.



Removal


False Positive Fix

In most cases, a False Positive issue is fixed in a subsequent database update; updating your F-Secure security program to use the latest database is enough to resolve the issue. Details of the update containing fixes for the latest known False Positives are listed below.

Instructions on how to check if your F-Secure security program is using the latest database update are available in Community: How do I know that I have the latest updates?

Exclusion

If you are certain that the file detected is a legitimate application file, you may alternatively choose to exclude it from future scans by the F-Secure security product.

More scanning & removal options

More information on scanning and removal options available in your F-Secure product can be found in the Help Center.

You may also refer to the Knowledge Base on the F-Secure Community site for further assistance.



Technical Details


False Positives sometimes occur if a program contains code or behavioral routines sufficiently similar to known malware to be deemed a security risk, particularly if the program uses file compression or protection utilities known to be associated with malware, or is spread through a site or distribution mechanism known to be associated with malware.

Latest False Positive Notices
  • JS.Nemucod.2.Gen: (updated 22 September 2016) This detection unintentionally triggered on HTML files when accessing internal Sharepoint/Office365 resources. This issue was resolved with the 2016-09-19_08 database update released at 1206hrs UTC on 19th September 2016. A generic fix for the detection was further deployed in the 2016-09-21_13 database update released at 2219hrs on 21st September 2016.
  • JS.Nemucod.4.Gen: (22 September 2016) This detection unintentionally triggered on encoded JS files. This issue was resolved with the 2016-09-21_10 database update released at 1601hrs UTC on 21st September 2016.
  • Trojan.GenericKD.3534882: (20 September 2016) This detection unintentionally triggered on programs compiled by AutoIt. This issue was resolved with the 2016-09-19_09 database update released at 1321hrs UTC on 19th September 2016.
  • Gen:variant.razy.92555: (08 September 2016) This detection unintentionally triggered on a remote administration program. This issue was resolved with the 2016-09-07_07 database update released at 1040hrs UTC on 7th September 2016.
  • Trojan.Generic.17922353: (04 August 2016) This detection unintentionally triggered on a temporary file. This issue was resolved with the 2016-08-03_16 database update released at 2011hrs UTC on 3rd August 2016.





SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More