Finding infected file name from report
hadi
Posts: 3
Hi,
I did a virus scan on my PC using F-Secure 2014 a few days ago. It said that it found and quarantined this virus:
http://www.f-secure.com/v-descs/suspicious_w32_malware_gemini.shtml
The report however does not tell me the name of the file that it believes was infected, nor the folder it was found in. Where can I find this information? It is obviously important to be able track the source of the infection, or decide whether it was a false positive.
Thanks!
Best Answer
-
Ukko
Posts: 3,160 Superuser
Also you can try to find in Settings (for manual scan, for example) about History of Viruses and Spyware (?).
Here can be information about that (in hidden part of description);
Anyway - that detection can be related with:
- location of file/files in some of "critical places" - like if "C:\"
- other variants - like if it's detected in one place about a lot of same files;
- just because it's suspicious by Gemini (behavior) - it's can be or false positive, or some of "registry empty keys" - which looks suspicious.
Of course, you can try to use F-Secure Support.
Or.... will try to remember about some situations, which can be about that (like any missing important files - if it's not happened - it's mean something suspicious close to PUP, for example, detected and cleaned). Probably also - it's can be in Quarantine or History of Spyware and Viruses.... another detection during that date - which can to explain for you about current detect.
6 1Like
Comments
Simon, thank you for your response. In quarantine section, it indeed lists the item, but for pathname states system infection (one or more objects)", which is not of much use. Details provides no extra information either - see the screenshot.
Found some old threads with more info:
http://community.f-secure.com/t5/Security/Unable-to-find-the-quarantined/td-p/273
http://community.f-secure.com/t5/tkb/articleprintpage/tkb-id/[email protected]/article-id/200
Ukko, thanks. The "view removal history" from the location you mentioned had the necessary details. Turned out to be a false positive - detecting the virus in Claws mail. Great to know this!