Why does f secure detect files that it cannot delete?

Brad03
Brad03 Posts: 4 New Member

In my opinion this is really **bleep**ty..... I tested a few EICAR test files and now they are showing up each and every scan and F secure can’t even remove them???? Are you freaking kidding me???? If you are detecting files in you’re databases you should be able to remove them..... this is utter bull crap. I shouldn’t hbe to rely on windows defender to delete a simple file.... what if this was actually real active malware??? What are you guys thinking??? Every security program can detect and delete eicar 

Comments

  • Ukko
    Ukko Posts: 3,768 Superuser

    Hello,

     

    I am only an F-Secure user (their home solutions).

     

    There is Knowledgebase article about subject of "items that impossible to delete automatically":


    But sounds that your experience is about something else (however, good to read article too).

     I tested a few EICAR test files and now they are showing up each and every scan and F secure can’t even remove them???? 

    So, items are detected by scan? But not possible to automatically remove them?

     

    Could you delete them manually? If so - what was the reason of inability to remove them by F-Secure (usually, there description for each item under Scan Wizard user interface with generic information)? What is location / destination of file? Is it archive / container?

     

    If you are detecting files in you’re databases you should be able to remove them

    I think that if file is detected. Then, of course, it is possible to remove it or to quarantine this item.

    But if there are limitations (read-only media OR anything else from provided article) - then it is just technically impossible to perform action or such action is unwanted for user (may affect other safe files. For example, if it is archive and to auto unpack/repack/modify container is not an option).

     

    what if this was actually real active malware??

    Active malware, usually, blocked by real-time scanning or DeepGuard module.

    In fact, if file is not quarantined or removed - then access to file is restricted / blocked. Kind of isolation. Of course, with some exclusions or limitations.

    When it is not possible to automatically perform good enough action - F-Secure should to inform about it and to suggest remove it manually (by user).

     

    Every security program can detect and delete eicar 

    I just checked with my installation. EICAR test file (as try to download; or to create it manually) is detected and deleted on-the-fly.

    // but, by the way, what is your OS / platform?

     

    Thanks!

  • Ki123m
    Ki123m Posts: 1 New Member

    In addition, in some cases the reported files cannot be found anymore on the system MyLowesLife.

  • Keef3e
    Keef3e Posts: 1 Observer

    When a malware is detected and it cannot be automatically removed, the F-Secure program will provide the path/location where the malware is found so you can manually remove it.

  • New_Kid_2020
    New_Kid_2020 Posts: 5 New Member

    Eicar has been around for centuries. I think most security programs are on to it as being a "test" file by now. I've seen some delete one or all  files along with actually labeling it as an exercise file. 

     

    Another one to use is the Amtso malware test site. It checks Eicar formats as well as Phishing attempts etc.

This discussion has been closed.
Feedback on New Design