Home > Threat descriptions >

Suspicious:W32/Malware!DeepGuard

Classification

Category: Malware

Type: Suspicious

Aliases: Suspicious:W32, Suspicious:W32/Malware!DeepGuard

Summary


This detection from the DeepGuard behavioral analysis engine has identified a file or program with behavior that resembles known malware. This may indicate that either the file itself is harmful, or that it was altered by an infection present on the system.

Removal


Automatic action

Based on the settings of your F-Secure security product, it will either block or quarantine the suspect file or application, or ask you for a desired action.

Allow blocked files and exclude files from scanning

If you are confident that you are aware of the risks involved in using the program and consent to its use, you may choose to allow the program to run. You can also change the settings of the F-Secure security product to exclude it from further scanning. Note: you need administrative rights to change the settings.

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details


DeepGuard is a behavioral analysis engine that monitors the actions performed by files or programs to detect any potentially harmful activity. DeepGuard analyzes the changes the file or program tries to make, and based on this behavior, decides how likely it is to be harmful.

This detection indicates that an application is attempting to make potentially harmful system changes. These may include:

  • System setting (Windows registry) changes,
  • Attempts to turn off important system programs, for example, security programs like this product, and
  • Attempts to edit important system files.

Depending on the severity of the attempted change, DeepGuard will either display a message notifying you about the suspicious activity and asking if it should be allowed to proceed, or block the behavior entirely.

If you are confident that you are aware of the risks involved in using the program and consent to its use, you may choose to allow the program to run. You can also change the settings of the F-Secure security product to exclude it from further scanning. Note: you need administrative rights to change the settings.