This is a TP95 - F-Secure Internet Security Technology Preview release 95. Or version 95.
For those who don't know this is infact a beta version of F-Secure Internet Security.
So don't get confuse over a release version which I beta testing previously.
This is what I found out ...
Methods of Beta Testing.
Eicar test files
What file being block and what file did not block. Let see...
Mostly this files are being block with F-Secure TP95.
Download area using the standard protocol http
Under Eicar SSL only one file is being block which is eicar.com. If you are using IE10. And if you are using Mozilla Firefox browser eicar.com and eicar.txt are block.
Download area using the secure, SSL enabled protocol https
Only two of Eicar SSL files are not successfully block. There is no F-Secure Notification Indicator to block these files being block. Namely https://secure.eicar.org/eicar_com.zip and https://secure.eicar.org/eicarcom2.zip
Software Bug, these two files are not fully block and there is no F-Secure Notification Indicator.
Cleanup Tool seems to work out of the box. It is infact an F-Secure Online Scanner.
Currently downloading and testing two files. One from GRC Leaktesting and the other is Comodo Firewall leaktest.
Both Files are block when run.
GRC leaktesting and Comodo Firewall are block when Deep Guard detects the two files.
If you choose to allow and trust those programs.
GRC leaktesting and Comodo Firewall both failed to block when allow or trust the program to run.
GRC leaktesting failed. Indicate Firewall Penetrated! (When allow or trust the program)
Comodo Firewall leaktesting failed. Indicate a 190/340 score. (When allow or trust the program)
Now this is the interesting part. You have to turn on one option from Deep Guard settings.
Now go to Status Settings, Check or tick the "Use the compatibility mode (lower security)"
However GRCLeaktest passed the test when this option is turn on from Deep Guard.
GRC leaktest says "Unable to Connect". Which is pass the test.
Now let's do the Comodo Firewall Leaktest. The score that I get is 290/340. With the same Deep Guard "Use the compatibility mode (lower security) turn on.
What failed to detect under Comodo Firewall Leaktest.
Rootkit Installation:ChangeDrvPath (vulnerable)
Invasion: RawDisk (vulnerable)
Injection: SetWinEventHook (vulnerable)
Injection: SetWindowsHookEx (vulnerable)
Hijacking: StartUpProgram (vulnerable)
F-Secure TP95 Failed the Comodo Firewall leaktesting.
What I did not do a test at this time. The Matousec Firewall Leaktest. However I have file a report on this matter to F-Secure Beta Team. I hope they look into the matter.
Verdict:- I still find that using Windows Integrated Firewall is not a option to secure your computer.
Malware Domain List
Check all the known malware domain list. Seem to detect most of it.
Test most of banking site, just to see if the F-Secure Online Banking Notification is working.
I do a run down test and select online banking. All the local banks that I can think off detected by F-SEcure Online Banking Protection.
** Please do take note, I did not own a credit or debit card to test the site for online banking **
Working! Via Online Internet Connection.
Seems to be working.
Seems to be working.
The big problem that I see with the ONLINE SCANNER/Cleanup Tool is that it will automatically clean/delete malware; there is no ASK.
So if the malware is a false positive and it detects a "harmless" system file then there are problems.
I am not running the beta; does the Cleanup Tool have a quarantine/log-file now?
I don't think there is a quarantine for online security. Usually is detect and delete.
Maybe I'm wrong. Because this is TP95 version.
The Cleanup Tool is indeed simply a link to download the Online Scenner. There is still no indication that the application will ask before deleting in TP95.
Detecting Eicar files seems to vary with IE 10, Google Chrome and Mozilla.
Especially with the HTTPS/SSL Eicar files.
F-Secure tend to fumble with these files!
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link:
Visit the Community
Check our Forums or How-to & FAQs for advice or answers
View User Guides
Refer to our getting started guides and product manuals
Talk to our Support agents and get answers to your questions