f-secure constantly skipping detected files

ouyangx
ouyangx Posts: 10 Enthusiast

when scanning bunch of samples at one time, there`re a lot of cases that f-secure cannot clean the virus within the sample, while most other antivirus offer the setting to delete them completely, f-secure can only skip them, letting user to delete them manually.

 

Trojan.Doc.Downloader.GC

  • D:\Virus\huge\2015.11.18\27.vir\no name: Skipped

Trojan.Doc.Downloader.GC

  • D:\Virus\huge\2015.11.18\28.vir\no name: Skipped

Gen:Variant.Adware.Solimba

  • D:\Virus\huge\2015.11.18\20.vir: Skipped

Trojan.GenericKD.2719311

  • D:\Virus\huge\2015.11.18\24.vir\Prologue Fix\MGSVData.exe: Skipped

 

this kind of cases are not rare, in fact it happens to me every day.

Is there any possibility that you will add settings to automaticlly delete any infected files that f-secure failed to clean? That would make the whole scanning experience much smoother.

 

 

thx

Jeff

Comments

  • Hi Jeff,

     

    Can we know how you got the detection on your computer? Was it through a manual scan or real time scanning?

    If it was detected during a manual scanning, what action was selected for malware removal?

  • ouyangx
    ouyangx Posts: 10 Enthusiast
    it was through a manual scan, and I haven`t change any settings in scanning, except adding folders to ignore.
  • ouyangx
    ouyangx Posts: 10 Enthusiast
    and...I was testing f-secure then, so I downloaded some suspicious adware and placed them in a folder that was excepted from real time scanning.

    the action for the samples I posted above have no alternatives, but only "skipped"
  • ouyangx
    ouyangx Posts: 10 Enthusiast

    so is there any possibilities that the scanner can delete the corrupted archives?

  • Hi ouyangx,

     

    When you select the manual scanning option, what is the action of the scan seen. You an find it under > Settings > Manual scanning > Actions.

     

    Also, what scanning options are selected under Manual Scanning?

  • ouyangx
    ouyangx Posts: 10 Enthusiast

    sorry i cant find what you called "actions"

     

    but this is the options that I checked:

     

    checked: scan inside compression files; use advanced heuristics

    unchecked:scan only known file types

     

     

  • Ukko
    Ukko Posts: 3,668 Superuser

    Hello,

     

    Sorry for my reply.

    But probably feature/option for "choose, which actions will be" (when some of malicious/other files was found) goes be dropped with some of recent fresh releases. But on default it should be as "auto-decision".

     

    And probably it was always about this situation. With archives (!? as example) F-Secure give advice to do manual steps.... because... what if archive have some important files or other (and just one of resources, the file... marked as malicious. So... full remove action for archive goes be not friendly action).

     

    But also.. with encrypted or packed files.... there was same situation. And F-Secure goes to be with troubles about remove action and previously with previous design of scanner manager... it was with description about reasons for this.

     

    Sorry if I wrong understand your situation around. I can to think about next points:

     

    -> Potentially.... auto-removal action for archives... can be with critical results, when archive have some of other important files.

    -> Work with packed, encrypted, zipped files.... maybe can be better. But... I have experience just about one company, which have technologies for normal work with this kind of situations (it was Norman ASA). Maybe.... now there another situation (with current company certainly.. and maybe there have other examples with other companies, which your noted).

     

    Sorry again for long reply.

  • ouyangx
    ouyangx Posts: 10 Enthusiast

    maybe an option to detele archived manualy,but directly in scanning results will be a good approach for both? 

     

    Deleting infected archives in explorer while checking scanning report from time to time is really slow and awkward.

This discussion has been closed.
Pricing & Product Info