Hello, @wcandres wrote: I'm still curious why the security suite didn't eliminate or quarantine the problem file automatically. There was a discussion about subject and an interesting reply: https://community.f-secure.com/t5/F-Secure-SAFE/Gen-Variant-Kazy-79682-virus-How/m-p/30354#M5392 starting from "Reasons for _not_ deleting an infected file can be:"-part of reply. About your direct situation and my own feelings (understanding): -- detected item is "UpdateManager.exe". -- this item is a th file inside a compressed archive file "AskToolbarInstaller-AVR-TG.7z". -- even though zipped file is called as "AskToolbarInstaller-AVR-TG" - content of archive is anything. Likely to eliminate or quarantine it automatically possible with the help of steps like: unpack .7z-archive; remove certain executable item; pack all other items back to archive (but, as a result, malicious item will be unzipped with all other items to file system directly). try to modify zipped item only (sounds that it is anyway done by temporary process as with first example). to remove .7z-archive completely (as a result, deleted all items inside archive. Not only detected executable file). Furthermore, try to understand context of detected item (if it is safe to delete entire archive) or even more to cure it (to remove malicious or harmful additions) is a tricky task probably. At least, with current design and meanings for 'done automatically'. I think that Quarantine was not an option based on such meanings too. If so - such state should be described with Scan Wizard user interface after completed scan and with ability to chose further action. With another situations can be another explanations too. For example, this temporary item (placed under browser's temporary internet files) is cleared already after detection and it was not possible to clean up unavailable item; file was a tricky one or too large(?!); used by certain process (browser as example) or opened by certain software. And so on. But I think that when it is possible - F-Secure should to perform action automatically (with requirement to avoid false positive and unwanted destruction). Thanks!
... View more