To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

F-Secure detected virus in its own folder

ravi12
ravi12 Posts: 57 Security Scout
in Business Suite
Hi to all In our some of clients, F-Secure detected virus in its installation folder files. for example:C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp0000018c\tmp000c269e. We are not able to understand why F-Secure detected virus in its own folder. In some host the all time infection is more than 200 times. If the Virus is deleted than why it comes again. Host Last infection date Last infection name Last infected object Last infection action Recent infections All time infections Host 1 17/11/17 13:26 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp0000018c\tmp000c269e Deleted 37 231 Host 2 10/11/17 13:20 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp000001a2\tmp000645e6 Deleted 7 144 Host 3 17/11/17 13:14 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00000544\tmp000cb8e9 Deleted 0 124 Host 4 27/10/17 13:15 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp0000061b\tmp0008d120 Deleted 0 53 Host 5 10/11/17 13:27 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00000af3\tmp00099166 Deleted 0 56 Host 6 14/04/13 03:50 Win32.Sality.OG C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00000d3f\tmp00000f31 Disinfected 0 17 Host 7 10/11/17 13:13 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00000e02\tmp0006f335 Deleted 0 20 Host 8 31/03/17 15:31 Win32.Sality.3 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00001462\tmp001761f8 Deleted 0 202 Host 9 03/11/17 13:08 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00001fa9\tmp0002ff1d Deleted 0 17 Host 10 14/05/13 10:24 Worm.Generic.341784 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp0000206c\tmp0000123c Deleted 0 8 Host 11 17/11/17 13:13 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp0000227a\tmp0008f995 Deleted 4 12 Host 12 27/10/17 13:30 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp0000249b\tmp0009b973 Deleted 0 76 Host 13 17/11/17 13:28 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp000024d7\tmp00104d1c Deleted 11 11 Host 14 07/04/17 13:48 Gen:Variant.Razy.108263 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp000027c0\tmp0018071f Deleted 0 7 Host 15 10/11/17 13:14 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp000029df\tmp0008d2d6 Deleted 0 15 Host 16 09/07/14 13:14 Trojan.Generic.7113610 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00002a2c\tmp0000050f Deleted 0 118 Host 17 27/10/17 13:13 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00002c6e\tmp000728b3 Deleted 0 26 Host 18 27/10/17 13:13 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00002c6e\tmp000728b3 Deleted 0 26 Host 19 27/10/17 13:29 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp000030d9\tmp000ec10e Deleted 0 17 Host 20 17/11/17 13:18 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00003883\tmp00059680 Deleted 6 12 Host 21 27/10/17 13:14 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00003cf1\tmp000b0fad Deleted 0 13 Host 22 27/10/17 13:16 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00004063\tmp001369df None 1 88 Host 23 26/02/16 13:30 Gen:Variant.Symmi.54911 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp0000436d\tmp0006d8ad Deleted 0 14 Host 24 28/10/17 09:47 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp000047b5\tmp0007ea87 Deleted 16 34 Host 25 10/10/13 11:14 Win32.Sality.OG C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00004a3a\tmp00001046 Deleted 0 8 Host 26 10/10/13 11:14 Win32.Sality.OG C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00004a3a\tmp00001046 Deleted 0 8 Host 27 10/11/17 13:15 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00004b59\tmp000c87a2 Deleted 16 18 Host 28 17/11/17 13:09 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00004cd1\tmp0005f114 Deleted 9 31 Host 29 27/10/17 13:13 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00004ed7\tmp000c9de7 Deleted 0 131 Host 30 28/07/15 19:55 Gen:Trojan.Heur.VP2.pm0@aWckcKfi C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00004f51\tmp0000418f Deleted 0 3 Host 31 27/10/17 09:16 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp000060ff\tmp0019db68 Deleted 0 7 Host 32 17/11/17 13:19 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00006253\tmp000ddb11 Deleted 0 93 Host 33 10/11/17 13:18 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp000069db\tmp001ec7ea Deleted 2 13 Host 34 27/10/17 13:22 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00006dfa\tmp00097e69 Deleted 1 21 Host 35 17/11/17 13:20 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00006fe0\tmp00105fba Deleted 8 79 Host 36 10/11/17 13:26 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00007890\tmp000c404e Deleted 0 141 Host 37 03/11/17 13:19 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00007998\tmp000ce708 Deleted 20 37 Host 38 10/11/17 13:08 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00007a07\tmp00069b0b None 0 32 Host 39 17/11/17 13:20 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00007ca7\tmp000f53b2 Deleted 9 50 Please advise

Comments

  • ravi12
    ravi12 Posts: 57 Security Scout
    Host 3 17/11/17 13:14 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00000544\tmp000cb8e9 Deleted 0 124 Host 29 27/10/17 13:13 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00004ed7\tmp000c9de7 Deleted 0 131 Host 36 10/11/17 13:26 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00007890\tmp000c404e Deleted 0 141 Host 2 10/11/17 13:20 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp000001a2\tmp000645e6 Deleted 7 144 Host 8 31/03/17 15:31 Win32.Sality.3 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp00001462\tmp001761f8 Deleted 0 202 Host 1 17/11/17 13:26 Gen:Variant.Johnnie.61792 C:\Program Files\F-Secure\Anti-Virus\aquarius\tmp0000018c\tmp000c269e Deleted 37 231
  • Vad
    Vad Posts: 1,069 Cybercrime Crusader

    Hello ravi12,

     

    Did you try to submit a sample to our Labs for analysis?

    BTW, what F-Secure product, version do you have?

     

    Best regards,

    Vad

  • Secronis
    Secronis Posts: 4 Security Scout

     Does anyone have a solution or root cause to this? 

This discussion has been closed.

Categories