Found another Trojan and F Secure skipped it rather than quarantine it

F Secure found a trojan today and skipped it.  I have the setting so that when a virus is found it should go to quarantine.  I ran it a second time and stopped it when it found the trojan again and it did the same thing-- said it skipped it.  I then ran Malwarebytes, which found it, and quarantined it.   Unable to show you a picture, would like to but can't make it work after typing in the entire string

Comments

  • UkkoUkko Posts: 3,014 Superuser

    Hello,

     

    There was discussion how to upload/attach picture:

    https://community.f-secure.com/t5/F-Secure/Fredome-F-Secure-and-BullGuard/m-p/93078/highlight/true#M8121

     

    Possible to add -> that it is good to log-in at first -> then open "Reply"-form.

     

    But, in general, maybe it was zipped or compressed file (or container). But not sure why Malwarebytes was with abilities to quarantine entire item (and why F-secure is not).

     

    Thanks!

  • JackJack Posts: 63

    xxx_320.jpgtrojan found but skipped

  • UkkoUkko Posts: 3,014 Superuser

    Hello,

     

    Sorry for delay with my reply.

    Based on picture -> sounds that it is ?! indeed something like zipped/compressed/packed file and 'malicious' payload inside.

     

    So, does Malwarebytes quarantined it? Or file is still there (or re-created)?


    Sounds that it is folder about built-in Windows applications like Mail or Messengers. And then -> some of received files (or attachments).

    Maybe it is part of container of discussion or multiple letter; or it is entire attachment. Where something like ""items[258].r23" is container (or even it is another zipped item) where detected malicious item "items.exe" is first file inside container.

     

    F-Secure does not remove/quarantine it POTENTIALLY because it may break application (if it is ?! not a temporary file/container) OR will remove all safe files inside container (not only malicious one).

    But if Malwarebytes was with abilities to clear/handle situation -> maybe F-Secure should to do so too.

    Usually, with such situations -> there is option to remove entire file/container manually (from file system). And do not open any suspicious attachments or received files. And do not launch suspicious executable files.

     

    Thanks!

  • JackJack Posts: 63

    Thank you for your comments, I always find them valuable.

    Ukko
  • JackJack Posts: 63

    Malwarebytes took care of it, so this can be closed

    Ukko
This discussion has been closed.