cancel
Showing results for 
Search instead for 
Did you mean: 

Common topics

Top Contributors
Sort by:
This table shows the features that are available for the F-Secure consumer products.
View full article
If you need to know the name and exact version of your F-Secure product, follow the steps provided in this article.
View full article
Our customer support may ask you to create and send an FSDIAG file to our technical support. If the file size of your FSDIAG file is larger than 30MB, it is too large to send by...
View full article
If you have technical problems with your security product, our customer support may ask you to create and send an FSDIAG file to our technical support. The file contains...
View full article
Summary   This article explains what you can do if malware is found in the Temporary Internet files folder.   Malware found in Temporary Internet files   The Temporary Internet files folder on Microsoft Windows computer systems contains files - such as images, HTML pages, executable and script files - that Internet Explorer has downloaded from websites visited by the user. Sometimes the F-Secure product may detect viruses and adware inside the folder.   In Windows XP, the folder is located here: C:\Documents and Settings\\Local Settings\Temporary Internet Files\Content.IE5 Note: If you only have one user account on Windows XP, use Administrator as the username. In Windows Vista and 7, the folder is located here: C:\Users\\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 C:\Users\\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 In Windows 8 and 8.1, the folder is located here: C:\Users\\AppData\Local\Microsoft\Windows\INetCache Note: These files are hidden system files. To be able to access these files, you need to make changes to the folder options.   Deleting files from the Temporary Internet files folder   If the Temporary Internet files folder contains malware, we recommend that you delete all the files in the folder. Because the files are only cached copies, no actual data is lost.   To delete the files in Windows XP:   Do one of the following: Click Start > Control Panel > Internet Options. Open Internet Explorer and select Tools > Internet Options.The Internet Properties dialog box opens. Under Temporary Internet files, click the Delete Files... button. The Delete Files dialog box opens. Select first the Delete all offline content checkbox and click then OK to delete the temporary Internet files. To delete the files in Windows Vista, 7 and 8:   Do one of the following: Click Start > Control Panel > Internet Options and, on the General tab under Browsing history, click the Delete... button. Open Internet Explorer and click Tools > Internet Options and, on the General tab under Browsing history, click the Delete... button. Open Internet Explorer and click Safety > Delete Browsing History.The Delete Browsing History dialog box opens. Select the Temporary Internet files checkbox and click the Delete button to delete the temporary Internet files.  This article in other languages: Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish
View full article
Once you have completed your Windows 10 upgrade, you may experience the following with your F-Secure security product: Your F-Secure security product does not start up. On your computer, you can't find the F-Secure security product icon in the system tray at the bottom of the screen. Your F-Secure security product does not show up in the list of installed apps and features in Settings > Systems > Apps & features. If this happens, it means that the Windows 10 upgrade has unfortunately removed some of the F-Secure security software components, and the product fails to start up as it should. To get your F-Secure security product working normally again, the F-Secure security product needs to be removed from your computer, and the product reinstalled. To do this: Download and run the Uninstallation Tool for Windows. You can download the tool here. The instructions for the Uninstallation Tool for Windows are here. Reinstall the F-Secure security product on your computer. You can download the product from the F-Secure website or from your My F-Secure account, depending on your subscription. This article in other languages: Finnish, Swedish, Danish, Norwegian, German, French, Italian, Japanese, Dutch, Polish.
View full article
Products affected: All F-Secure products, such as F-Secure SAFE, F-Secure Client Security and PSB, featuring Browsing Protection and/or Safe Search extension on Google Chrome version 53. Symptoms When you install F-Secure's Browsing Protection extension on Google Chrome version 53, or upgrade Google Chrome to version 53 while having the extension installed, the extension will be detected as corrupted. Visible effects: Search rating icons are missing Chrome extensions list states "This extension may have been corrupted" for F-Secure extensions and the extensions are also disabled. Diagnosis Not available. Solution Until a fix is provided, use the following workaround: To be able to see the search rating icons, you can use https://search.f-secure.com/ for your searches. Also, note that although the extension is not enabled, malicious webpages are being blocked and Banking Protection is working. Related information How can I fix the Chrome 53 "extension corrupted" problem? This article in other languages: Finnish, Swedish, Danish, Norwegian, German, French, Italian, Japanese, Dutch, Polish.
View full article
Symptoms When Google released version 53 of its Chrome browser on August 31, 2016, we noticed that it disables both the F-Secure Browsing Protection extension and the F-Secure Search extension and the user is given the following warning: "This extension may have been corrupted." Diagnosis Our investigation into the issue revealed that Google had tightened the security checks in the newest Chrome version and that the checksum of the installed extension did not match with the one in Chrome Web Store. Until this latest release, we have been using an extension installation method that does not rely on Chrome Web Store. Solution On September 6, we uploaded new extensions to Chrome Web Store. Since then Chrome has automatically updated the extensions to the latest ones on user machines. Note, however, that after you start Chrome, the autoupdate may not start until up to five hours. As Chrome 53 was not pushed to all users immediately after the release, most users probably got the extensions autoupdated to the ones in Chrome Web Store; in other words, they are not affected by this corrupted extension issue. If you were affected by this issue, complete the following steps to get rid of the "extension corrupted" message and to enable the extensions: In the Chrome browser, go to URL chrome://extensions. The Extensions tab is displayed. Note: If your browser is affected by this issue, you'll see the following message under the extension name: "This extension may have been corrupted." Also the Enable checkbox of the extension is disabled. Check the extension version. You can find it right after the extension name. If the version is 2.173.4471 (Browsing Protection), 1.9.106 (Search), or newer, the extensions have already been autoupdated from Chrome Web Store. If the version number is lower, the extensions need to be updated first. This will happen automatically by Chrome in due course when browser is open. However, to update them immediately from the Chrome Web Store, click first the Developer mode checkbox in the top-right corner of the Extensions tab and then click the Update extensions now button. Click the Details link located below the extension. A window with detailed information about the extension is displayed. Click the View in store link to open the Chrome Web Store page of the extension in question. On the Chrome Web Store page, click the Enable this item link. The extension is now enabled in your browser and the "This extension may have been corrupted" text has disappeared. If you have other "corrupted" extensions, repeat steps 4-6. This article in other languages: Finnish, Swedish, Danish, Norwegian, German, French, Italian, Japanese, Dutch, Polish.
View full article
Yes, as long as you have a supported version of F-Secure SAFE, Internet Security, or Antivirus for PC, the security products should continue to work on Windows 10. The product versions supported are clients 12.1 or newer. For existing users, the latest version is provided automatically via the daily automatic updates and is taken into use without requiring any user actions. If you wish to do a fresh Windows 10 installation, you can download the latest installer from your F-Secure security product provider's website. This article in other languages: Finnish, Swedish, Danish, Norwegian, German, French, Italian, Japanese, Dutch, Polish.
View full article
To save a scanning report to a file: Open your F-Secure security product. Click Virus scan to start a scan. Once the scan is complete, click View scanning report. This opens up the report in html format in your default browser. To save the report to a file, right-click on the page and click Save as.... Give the file a descriptive name, and save it. Send it to F-Secure for analysis. This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
Note: Different Windows version may have slight variations in the steps. Click Start > Control Panel. Click Programs and Features (for Windows 10, 8, 7), or Uninstall a Program (for Windows Vista). Locate the security product you want to remove. Right-click it, and select Uninstall/Change. The User Account Control may appear, type in your administrative credentials, and click Yes. When the setup window appears, follow the instructions on screen to uninstall the security product. When asked, restart your computer to complete the full uninstallation of the product. Related information How do I remove conflicting security products manually on a Mac? This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
Locate and follow the uninstallation instructions provided by the software vendor. Typically, many vendors have an uninstallation application in their installation disk image (*.dmg), or alongside the main application in the Applications folder. You may try: Open Finder > Applications. Locate the security product folder you want to remove. Open the folder, and double-click the uninstallation application inside the folder (if any). Confirm that you want to uninstall the product. In the Authenticate window, type in your administrative credentials, and click OK. When asked, restart your computer to complete the uninstallation of the product. Related information How do I remove conflicting security products manually on a PC? This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
The Uninstallation Tool for Mac removes F-Secure Anti-Virus for Mac, F-Secure Mac Protection and F-Secure SAFE. Note: You should only use the Uninstallation Tool as a last resort, in cases where the normal uninstallation method fails. Log on to your computer with administrator privileges. Download the Uninstallation Tool for Mac from our Support Tools page. Run the Uninstallation Tool (script) for Mac. Enter your administrator username and password when prompted. The uninstallation process starts. When the app finishes successfully, the following information is displayed: "Uninstallation complete" The uninstaller may prompt to restart your browser(s). Make sure to save any unfinished work before doing so. The uninstallation is complete. This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
The Uninstallation Tool removes F-Secure Service Platform, Protection Services for Consumers, Protection Services for Business, Anti-Virus, Internet Security and SAFE components from your computer. Note: You should only use the Uninstallation Tool as a last resort, in cases where the normal uninstallation method fails. Please be aware that the Uninstallation Tool might affect other F-Secure products installed on your computer. Log on to your computer with administrator rights. Download the Uninstallation Tool for Windows from our Support Tools page. Run the executable UninstallationTool.exe. The User Account Controls appears. Click Yes. Accept the terms in the License Agreement, and click Next. The Uninstallation Tool window appears. Click Start. The uninstallation process is initiated. Click Restart when prompted. This is to remove remaining files. The uninstallation is complete when your computer restarts. This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
To create logs to detect presence of malicious files, you need to run two tools. Download the Autoruns tool from https://technet.microsoft.com/en-us/sysinternals/bb963902. Execute the Autoruns.exe tool. When the tool opens, it automatically scans and shows you what programs are configured to run during a system boot up or log in. Allow the tool to finish scanning. Once done, click Options, and tick Hide Microsoft entries. Save the log as *.arn (File > Save) on your desktop. Download the GMER tool from http://www.gmer.net/gmer.zip. Execute the GMER.exe tool. When the tool opens, it starts the scan automatically. Allow the tool to finish scanning. Once done, click the Save... button to save the log file as *.log on your desktop. Combine both generated log files in a password-protected archive. Use the password: infected Submit the zip file in your next reply to our analysts. This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
Log on to your computer with administrator rights. Download F-Secure Quarantine Dumper tool from ftp://ftp.f-secure.com/support/tools/fsdumpqrt/fsdumpqrt.exe Run the executable fsdumpqrt.exe. Enter your administrator credentials when the User Account Control appears. In the command prompt box, press Enter to read the license terms. Press E to allow the tool to start collecting quarantined files. The collected files are saved in a password-protected archive on your desktop with the name malware_samples.zip. Press any key to exit the tool. Submit the zip file in your next reply to our analysts. This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
You can go to our Submit a Sample (SAS) page if you would like to send us anything suspicious that you encounter online. Sample submission is analyzed by our analysts and databases are then updated if necessary. To submit a sample: Go to our Submit a Sample (SAS) page. If you are submitting a file sample, select the File Sample tab. Click Browse, and attach your sample file. For URL sample submission, select the URL Sample tab, and type in the URL in the Suspicious URL box. Tick the I want to give more details about this sample and to be notified of the analysis results box to add in more information and receive feedback on the submitted file or URL sample. Type in the verification Captcha code. Click Submit. Related information Creating a ZIP archive and password-protecting it Saving a scanning report to a file Saving a spam, ham or phishing message to a file Making sure your security software has the latest updates This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
If your sample submission is larger than 30MB, you can submit the large sample to us via our FTP. Zip the sample(s) in a password protected archive. For security purposes, make sure the archived sample is password protected. Use the password: infected. Open Windows Explorer or Finder (Mac), and paste the following location in the address bar: ftp://ftp.f-secure.com/incoming Upload (drag and drop) the file(s) in the FTP. Once uploaded, visit the Submit a Sample (SAS) page and upload a text file containing the file name(s) of the uploaded file(s). Tick the I want to give more details about this sample and to be notified of the analysis results box, and fill in the remaining fields with the appropriate information to help our analysts better grasp the issue faced. Click Submit sample file. An automatic ticket is generated and emailed to you. An analyst will reply to you accordingly upon handling the case. Related information Creating a ZIP archive and password-protecting it Saving a scanning report to a file Saving a spam, ham or phishing message to a file Making sure that your security software has the latest updates This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
If you encounter unwanted pop-ups when browsing the Internet or you spot some unusual activity while working on your computer, it is possible that you have an adware on your computer. The F-Secure product should remove the adware from your computer automatically. If you want to be sure, we recommend that you run a virus and spyware scan. Click the product icon in the system tray to open the main user interface. Click Virus scan and allow the scan to complete. If an adware is not detected by your F-Secure product, send a sample to us at Submit a Sample. Related information Threat description: Adware How can I submit samples to F-Secure? This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
Digital Code Signing F-Secure signs installer packages and binary files digitally with code signing certificates obtained from trusted certification authorities. This is one way to assure anyone downloading and installing products from F-Secure that the downloaded package is prepared and coming from F-Secure Corporation and is unaltered. Microsoft Windows and Apple OS X operating systems check the digital signatures automatically when you start software installation but you can also check the signatures manually. Here is some basic information about the certificates we use for Windows and OS X code signing and some hints to the tools that can be used to show information about the signatures. Windows code signing Standard Authenticode certificate Common name: F-Secure Corporation Organization: F-Secure Corporation SHA1 fingerprint: 35 D8 A1 37 2C A4 02 B0 C8 A4 39 BB 8A 31 1F 29 39 99 E8 AB SHA256 fingerprint: AD 5F D7 86 36 44 26 C8 37 93 D5 48 EB B5 1F 47 93 EB 09 D4 A7 42 9A 87 59 E1 63 40 C1 D6 BE 80 Issued by: GlobalSign CodeSigning CA - G2 issued by GlobalSign Root CA Extended Validation Authenticode certificate Issuing an Extended Validation certificate requires extensive verification of the certificate requester's identity and the subject field of a certificate reflects this. Common name: F-Secure Corporation Organization: F-Secure Corporation SHA1 fingerprint: 5F 82 67 96 43 A4 07 97 F9 14 92 46 24 F2 67 62 4B 98 BD F5 SHA256 fingerprint: EF AD 46 D3 E1 5B D7 30 35 B7 DF 17 9F 3A 9D 1B E2 D2 4C E5 3B 4E 36 C7 FB 45 02 65 AD 46 2C D4 Issued by: DigiCert EV Code Signing CA (SHA2) issued by DigiCert High Assurance EV Root CA Use Windows Explorer to view "Digital Signatures" tab in file properties. To manually check the signature of an installer package use "signtool.exe verify /pa /v [filename]" from command line. Signtool utility is available as part of Microsoft Windows SDK. To check the SHA256 fingerprint of a certificate, first export the certificate from a file using Windows Explorer using Copy to File... in Certificate properties. Then use "openssl.exe x509 -in [certificate_file] -inform der -noout -fingerprint -sha256" to get the fingerprint. Files signed with either of these certificates have also been time stamped with GlobalSign or DigiCert certificates respectively. OS X code signing Installer certificate Common name: Developer ID Installer: F-Secure Corporation Organization: F-Secure Corporation Organizational Unit: 6KALSAFZJC SHA1 fingerprint: 6B 8A 26 62 64 D1 B4 5A 49 03 C2 69 3E 59 6D A0 63 80 74 C0 SHA256 fingerprint: 46 61 84 AF DC C7 2F 07 98 24 BD 25 57 FB DF FA F9 92 A1 48 98 A6 92 3C 5D E3 B0 CD 01 64 7B AF Issued by: Developer ID Certification Authority issued by Apple Root CA Application certificate Common name: Developer ID Application: F-Secure Corporation Organization: F-Secure Corporation Organizational Unit: 6KALSAFZJC SHA1 fingerprint: D7 34 B1 F3 C0 BC 79 95 95 6A FD DD A3 78 1C CF FA 85 E0 8B SHA256 fingerprint: 54 DE 5B 6F 35 6E 8A 1A D2 53 90 4C 81 41 8E 77 B0 F2 32 9C FB E3 4E ED 75 4E 84 CE 2D 57 9E 41 Issued by: Developer ID Certification Authority issued by Apple Root CA Open the installer package in Finder and click the lock icon on the upper right corner of the installer window to view the certificate information. To manually check the signature of an installer package use "pkgutil --check-signature [filename]" from command line. This command is usable also for mounted application bundles. The organizational unit can also be viewed with command “codesign --display --verbose=3 [application]” that reports it as TeamIdentifier value along with a time stamp. Pkgutil and codesign utilities are part of standard OS X installation. To check the SHA256 fingerprint of a certificate, first mount the disk image (.dmg) and then export the certificate from the application using command "codesign --display --extract-certificates /Volumes/[mount]/[application.app]". Then use "openssl x509 -in codesign0 -inform der -noout -fingerprint -sha256" to get the fingerprint. About other signatures Certain components in our solutions are licensed from our technology partners and a small number of files is signed by these partners. This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
This article applies to all F-Secure mobile products, including: F-Secure SAFE Mobile Security Freedome Key Booster AdBlocker Although it is possible to install and use F-Secure mobile products on a rooted or jailbroken devices, at F-Secure, we unfortunately cannot offer you with customer support for these devices. Rooting or jailbreaking a device can reduce the security provided by your operating system. As a result, you won't be fully protected by our F-Secure products. This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
We recommend that you have just one security product on your computer. F-Secure's security product needs to open files to scan them. If another security product is trying to open the same files at the same time, it has to wait for the files to become free. This often causes problems. For example, programs may not start correctly or the whole system may crash. Our security product detects and removes security and firewall products of most security software vendors automatically during installation. However, new versions of other vendors' security products are being released all the time and because of this, it takes time for F-Secure to react and support the uninstallation of all of them. This is why we recommend removing other security or firewall software manually before installing F-Secure security products on your device. Related information How do I remove conflicting security products manually on a PC? How do I remove conflicting security products manually on a Mac? This article in other languages: Swedish, Danish, Finnish, German, Japanese, French, Norwegian, Dutch, Polish, Italian.
View full article
Summary   This article provides information about fake antivirus and antispyware products, known collectively as rogue security software or rogueware.   Description   Rogue security software is also known as Scareware. It is made purely to scare users into buying their way out of a "problem" that the software itself creates. It is possible that the software shows an infection that doesn't exist, that the software claims to clean an infection but does nothing or that it installs a real trojan.   What to do with fake security software?   If your computer gets infected with rogue security software, the case should be handled by F-Secure Security Labs. However, there are a few things that the lab requires before they can help you with the infection.   To be able to help you, the Security Labs needs the following log files for further investigation:   Execute F-Secure BlackLight. If it finds any hidden items, save the log file. This tool is available at ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe. Execute GMER tool. Click the Scan button on the main page, and once the scanning is finished, click the Save... button on the same page to save the produced log file. This tool is available at http://www.gmer.net/gmer.zip. Execute Autoruns.exe from Sysinternals. Remember to enable the Hide Signed Microsoft Entries setting. Save the produced log file. This tool is available from Microsoft at http://www.microsoft.com/technet/sysinternals/SystemInformation/Autoruns.mspx. Execute HijackThis. Save the produced log file. This tool is available at http://sourceforge.net/projects/hjt/. Send all generated log files to F-Secure Security Labs in a single ZIP file. We recommend that you protect the ZIP file with password infected. Send the ZIP file to F-Secure by registering for an account with our sample analysis system at https://www.f-secure.com/en/web/labs_global/submit-a-sample. Please login and submit the sample together with a short message describing the issue in the message field of the submission form.   This article in other languages: Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish
View full article
Summary   This article describes how you can create a ZIP archive and password-protect it.   Description   It is recommended that you create a dedicated folder where you copy all the sample files that you want to send to F-Secure for analysis. In addition, you need special software, such as WinZip, to be able to create archive files. If you do not have WinZip, download and install it from http://www.winzip.com/downwz.htm.   Creating a ZIP file   To create a ZIP file, complete the following steps: To create a new folder, right-click on your desktop and select New > Folder. Give the folder a name, such as samples. Copy the sample files to the folder you just created. To add the sample files to a new zip file, select the files (click Ctrl+A to select all), then select File > WinZip > Add to Zip file. The Add dialog is displayed. Enter the path and the zip filename, e.g. f-securesample.zip, in the Add to archive field. Note that the default folder is the one where the sample files are currently stored. Finally click Add. The f-securesample.zip file is created. Password-protecting the ZIP file   To password-protect the ZIP file, complete the following steps: In the WinZip window, select Actions > Encrypt or click the Encrypt button. The Encrypt dialog is displayed. Enter infected as the password, confirm it by re-entering the password, and finally click OK. An asterisk (*) is shown at the end of the filename in the WinZip window to indicate that the file was successfully password-protected. Select File > Exit to close the WinZip window.  This article in other languages: Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish
View full article
Question How can I check which version of the Windows operating system I have? Answer You can check the operating system version in Windows system properties. To check your system properties in Microsoft Windows: Click Start. Click Control Panel. Do one of the following: In Windows 7 and 8: Select System and Security. Click System. In Windows Vista: Select the System and Maintenance category. Note: This step may not be necessary in all computers. Click System. The System Properties window opens. In Windows XP: Select the Performance and Maintenance category. Note: This step may not be necessary in all computers. Double-click System. The System Properties window opens. You can view the properties of your computer, such as operating system version, processor information, and the amount of memory (RAM).
View full article
Question How can I clean an infected System Volume Information folder or a System Restore folder? Answer If a virus infects your computer, it is possible that the virus is backed up in the System Restore folder. System Restore is a feature of the Windows operating systems.   To clean the System Restore folder, you need to first turn it off, and then scan and clean the folder. By turning off System Restore, you lose your last system restore point. Unfortunately, there is no other way to remove infections from System Restore. If you want to continue using the System Restore feature, it is important to turn it on after removing the infected files.   To turn off System Restore in Windows 7: Close all open programs. Right-click Computer, and select Properties. The View basic information about your computer dialog box opens. Click System protection. The System Properties dialog box opens. Click the System protection tab. Click Configure. Select Turn off System protection. Click Apply. When the system asks if you want to turn off system protection, click Yes. Click OK. Scan all hard drives and all files for viruses with your F-Secure security product. Once you have scanned and cleaned the files, turn on System Restore in Windows 7 as follows: Right-click Computer, and select Properties. The View basic information about your computer dialog box opens. Click System protection Click the System protection tab. Click Configure. Select Restore system settings and previous versions of files. Click Apply. Click OK. To turn off System Restore in Windows XP: Close all open programs. Right-click My Computer, and select Properties. The System Properties dialog box opens. Click the System Restore tab. Select the Turn off System Restore on all drives check box. Click Apply. When the system asks if you want to turn off System Restore, click Yes. Click OK. Scan all hard drives and all files for viruses with your F-Secure security product. Once you have scanned and cleaned the files, turn on System Restore in Windows XP as follows: Right-click My Computer, and select Properties. The System Properties dialog box opens. Click the System Restore tab. Clear the Turn off System Restore on all drives check box. Click Apply , and then click OK. To turn off System Restore in Windows Vista: Close all open programs. Click Start. Select All Programs > Maintenance. Select Maintenance > Backup and Restore Center. Click Create a restore point or change settings. If asked, click Continue. Under Available disks, clear the check boxes for all drives. Click Apply. When the system asks if you want to turn off System Restore, click Turn System Restore Off. Click OK. Restart your computer. Scan all hard drives and all files for viruses with your F-Secure security product. Once you have scanned and cleaned the files, turn on System Restore in Vista as follows: Close all open programs. Click Start. Select All Programs > Maintenance. Select Maintenance > Backup and Restore Center. Click Create a restore point or change settings. If asked, click Continue. Under Available Disks, select all drives. Click Apply. When the system asks if you want to turn on System Restore, click Turn System Restore On. Click OK.
View full article
This article explains how to clean or disinfect a compressed file.   Handling infection in a compressed file   Compressed files are files created with Winzip, Winrar or other file archivers. Common file extensions used with compressed files include ZIP, RAR, CAB and GZ.   With the current versions of F-Secure products, you cannot automatically disinfect a file that is inside a compressed file.   To disinfect a file which has been found infected inside an archive, do as follows: Manually extract the files. Try to disinfect (or just delete) the infected file(s). Repack the files again. More information   Currently, no malware is known to infect straight from compressed files. For such an infection to occur, the executable file would need to be extracted to a temporary location first in which case the F-Secure product would detect it before it could be launched by the user. This article in other languages: Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish
View full article
Summary   This article describes how you can save a spam, ham or phishing message to a file.   Description   F-Secure welcomes samples of spam, ham and phishing messages that you have received. Note: Spam, ham and phishing message samples should be submitted to specific e-mail addresses. For more detailed instructions, see page http://www.f-secure.com/en/web/labs_global/submit-samples/spam-submission   Saving sample messages to a file   To save a spam, ham or phishing message, complete the following steps:   Open the spam, ham or phishing message that you have received in your e-mail program. Select File > Save As. Find an appropriate folder for the file, give it a descriptive name (the subject of the message is the default name of the file) and save it. Send it to F-Secure. This article in other languages: Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish
View full article
Not all malware is listed in F-Secure's virus description database.   Detailed descriptions are not available for all malware even though the product detects them. Also, many viruses belong to the same family and share the same description. If you cannot find the description of a particular malware that your product has found, look for a similar name in the virus description list.   Note: The product detects much more malware than is listed on the database.   This article in other languages: Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish
View full article
There are two types of antivirus scanning: protocol-level scanning and filesystem-level scanning. Protocol-level scanning checks data that enters the computer via the network. Filesystem-level scanning checks the files that are saved on the computer's file system, i.e. generally the computer's hard disk. Antivirus scans can be triggered in a number of ways. A filesystem-level scan is started when a file is accessed, i.e. when you open an application or save a document. This is also known as on-access scanning. Scheduled scanning is an on-demand scan of files. The functionality is the same in terms of finding viruses, but it is started deliberately rather than being automatically started based on file access. The same applies to a scan started by the user - this is a true on-demand scan.   Protocol-level scanning takes place inside the software, in the firewall module. The file is scanned before it is allowed through the firewall, for example when downloading a zip file. The file will be scanned twice; first when it is downloaded and again when the file is saved to disk. The content files will be scanned again when they are extracted from the zip.   On-access scanning is, strictly speaking, a variation of the on-demand scan. The difference is in the requester of the scan, not the scan itself.       This article in other languages: Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish
View full article
Summary   This article describes how you can clean a Java cache folder.   Cleaning the folder   In some rare cases, a few infected files and archives with infected files are detected inside Java cache folder. To remove the infection, empty the cache folder as follows:   Click Start > Control Panel. Double-click the Java icon to open the Java Control Panel. (Don't know where to find Java Control Panel?) Click Settings under Temporary Internet Files. The Temporary Files Settings dialog is displayed. Click the Delete Files button. The Delete Files and Applications dialog is displayed. Select the check boxes and click OK. As this folder only contains cached files, no actual data is lost in the operation.   Warning: Be careful when deleting files. Make sure that you are deleting files inside the Java cache folder only. Otherwise you may damage your system.   This article in other languages: Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish
View full article
Applies to the Browsing Protection feature in the following F-Secure products: Internet Security F-Secure SAFE Mozilla releases a new version of its Firefox browser approximately once every six weeks (https://wiki.mozilla.org/RapidRelease/Calendar). The new versions are released to introduce new functionality and to address bugs, vulnerabilities and security issues.   F-Secure supports two latest major versions of the Firefox browser. This means, as an example, that when Mozilla releases its next major browser version (Firefox 46) on April 19, our products will support Firefox browser versions 45 and 46 until the next Firefox release in June when the supported browser versions include 46 and 47.   Note: We recommend that you upgrade your Firefox browser to the latest version as soon as it is available. To find out what browser version you are running, click (Firefox >) Help > About Firefox.  
View full article
Question How can I clean Recycle Bin from malware? Answer The F-Secure product may detect infected files inside the Recycle Bin folders. These folders are used to store files that the user has deleted. You can usually find the folders here:   C:\RECYCLED C:\RECYCLER C:\$RECYCLE.BIN\ To remove the infected files inside these folders, you need to empty Recycle Bin.   To empty Recycle Bin, do as follows:   Double-click the Recycle Bin icon on your desktop. From the File menu, select Empty Recycle Bin. Click OK. All files inside the Recycle Bin folders on all drives are removed. Note that because these files are meant to be deleted, no real data is lost in the operation.   This article in other languages: Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish
View full article
Summary   This article describes how you can use an EICAR test file to see how your antivirus software works.   EICAR test file   EICAR Standard Anti-Virus Test File (EICAR) is a safe file developed by the European Institute for Computer Anti-Virus Research (EICAR) for testing anitvirus software. It is commonly used to confirm that the antivirus software is installed correctly, demonstrate what happens when a virus is found, and check internal procedures and reactions when a virus is found. Your antivirus software detects EICAR as if it were a real virus.   Testing with EICAR   EICAR is a good way to get familiar with your antivirus software. The EICAR test file is available in the following four formats: eicar.com: EICAR test file. eicar.com.txt: Copy of eicar.com with a different file name. eicar_com.zip: EICAR ZIP file for testing compressed files. eicarcom2.zip: An archive which contains the eicar_com.zip file for testing nested compressed files. To download the EICAR test files, visit either the EICAR test file page or F-Secure's Security Lab page. From there, you can also find instructions on how to create an EICAR test file.   Note : If you have problems downloading the eicar.com file, downlowad eicar.com.txt instead. Rename it then to eicar.com.   See how the firewall blocks unsafe traffic   These instructions apply to products which contain a firewall (F-Secure Internet Security): Download eicar.com. Change the security level (firewall profile) to a stricter one. See how real-time scanning detects harmful files   See how harmful files are deleted or renamed: Try to save eicar.com on your computer or execute it. If your antivirus software is on and working properly, you should not be able to execute the file or save it to your computer. The antivirus software automatically detects and disinfects the file either by renaming or deleting it. See how harmful files become harmless when they are renamed: Change the file name of eicar.com to, for example, eicar.co0. The file becomes unexcecutable, similar to a dead virus. Change the name back to eicar.com to execute it, and you notice that your antivirus software detects it again automatically. See how harmful files in an archive are detected: By default, compressed or archive files, such as ZIP files, are not scanned in real time. F-Secure's antivirus products scan the archive files automatically once you attempt to extract or execute their content. Download the eicar_com.zip file and save the file to your computer. Note : To test nested compressed files, use eicarcom2.zip. Try to exctract the ZIP file or execute one of the files within the ZIP file. Right-click the eicar_com.zip file and select Scan eicar_com.zip for viruses. See how e-mail scanning detects infected e-mails   You can use EICAR to test how e-mail scanning detects infected e-mails. Important: Before using EICAR to test your mailbox: EICAR is a safe file but actions taken during disinfection may make it dangerous, especially if your antivirus software does not scan incoming or outgoing e-mails. If the infected file is named OUTLOOK.PST , INBOX.DBX , or similar, do not select the Delete automatically action during disinfection. This file is your mailbox file, and if you select this action, your mailbox is deleted. If this happens, see article How to restore a deleted mailbox. This article in other languages: Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish
View full article
Summary   This article explains how you can clean a temporary folder containing malware.   Description   In many cases, infected files and archives are detected inside temporary folders. These folders are used to store files used for a short period of time, e.g. during the installation of software. The location of these folders varies and can be one of the following: C:\Documents and Settings\\Local Settings\Temp C:\Documents and Settings\Guest\Local Settings\Temp C:\Documents and Settings\Administrator\Local Settings\Temp C:\Users\\AppData\Local\Temp (Windows Vista) where is your Windows user name.   Removing infection   Make sure Windows Explorer is configured to show all files, including system and hidden files: In Windows Explorer, select Folder Options from the Tools menu. Click on the View tab and select the Show hidden files and folders option. To empty the temporary folders: Go to the temporary folder where the infection was detected. Select all files and subfolders and press the Delete button on the keyboard, or select Delete from the File menu. Warning! Be careful when deleting files. Make sure that you are deleting files inside the temporary folders only. Otherwise you may damage your system.   This article in other languages: Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish
View full article
Summary   This article describes how you can take screenshots which you can then attach to your support request.   Description   When you contact technical support, it is often useful for the technical support to see, e.g. the error message as it appears on your screen. Screenshots enable our technical support to help you solve your issue faster and more efficiently.   Taking screenshots   To take a screenshot, do as follows:   Find the Print Screen key on your keyboard. It can also be labeled as "Prnt Scrn", "Print Sc", or similar. On a standard keyboard layout, the key is at the upper right-hand corner of your keyboard. To take a snapshot of your entire screen or a specific window, do one of the following: Press Alt + Print Screen to copy the currently active window to the clipboard. Press Print Screen to copy the entire screen to the clipboard. Click Start > All Programs > Accessories > Paint to start the Windows Paint program. Select Paste from the Edit menu. Your screenshot appears on the canvas. Save the screenshot file. Now you can attach the file to your technical support request.   Tip: The easiest way to take a screenshot in Windows Vista, Windows 7 and Windows 8 is to use the Snipping Tool which can be found by clicking Start > All Programs > Accessories > Snipping Tool.   This article in other languages: Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish
View full article