Threat Descriptions

False Positive

Classification

Category :

Malware

Type :

Other

Platform :

W32

Aliases :

False Positive (FP), False Alarm (FA)

Summary

Security programs will sometimes unintentionally identify a program or file as harmful if it has code or behavior that resembles known harmful programs. This is known as a False Positive.

See the Technical Details section for a list of the latest known False Positives, and the relevant remedial database updates.

Removal

Automatic action

A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:

  • Check for the latest database updates

    First check if your F-Secure security program is using the the latest updates, then try scanning the file again.

  • Submit a sample

    After checking, if you still believe the file is incorrectly detected, you can submit a sample of it to F-Secure Labs for re-analysis.

    Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.

  • Exclude a file from further scanning

    If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.

A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:

  • Check for the latest database updates

    First check if your F-Secure security program is using the latest updates, then try scanning the file again.

  • Submit a sample

    After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.

    Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.

  • Exclude a file from further scanning

    If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.

    Note: You need administrative rights to change the settings.

Technical Details

False Positives sometimes occur if a program or file contains code or behavior that is similar to known harmful programs. This is especially likely if the program or file uses compression or protection techniques, or is spread using a distribution method, that are commonly used by harmful programs.

Latest False Positive Notices

  • Trojan-Spy:W32/Powershell_Mimikatz.B
    (3 Mar 2020) This detection unintentionally triggered on Windows Powershell. This issue was resolved with the 2020-03-03_02 database update released at 0910hrs UTC on 3rd March 2020.
  • Trojan.GenericKD.40929615: 
    (10 Jan 2019) This detection unintentionally triggered on a Windows Update file. This issue was resolved with the 2019-01-10_08 database update released at 1922hrs UTC on 10th January 2019.
  • Trojan.Agent.DNAY:
    (9 Jan 2019) This detection unintentionally triggered on a Windows Update file. This issue was resolved with the 2019-01-09_01 database update released at 0403hrs UTC on 9th January 2019.
  • Trojan:W32/GenericSuspExecution.A!DeepGuard:
    (8 Jan 2019) This detection unintentionally triggered on the cmd.exe file. This issue was resolved with the 2019-01-08_01 database update released on 8th January 2019.
  • Gen:Variant.Symmi.83823:
    (21 Dec 2018) This detection unintentionally triggered on a DLL file associated with the Cisco Jabber program. This issue was resolved with the 2018-12-20_13 database update released at 2200hrs UTC on 20th December 2018.