Submit a sample

Customer support

Submit a sample

If you suspect a file is harmful or that a file or a website was incorrectly detected and rated, you may submit it for analysis. 

For samples collected from consumer products (Internet Security, SAFE, FREEDOME, etc.), please send your submission through this form.

File sample
  • Maximum file size allowed is 100MB. You can submit files over 100MB via FTP.
  • You can zip multiple files to submit them as one archive file.
URL sample

To submit multiple URLs or IP addresses, compile them in a text file and submit via File Sample

Disclaimer

By submitting a link or an electronic copy of the selected software/file possibly consisting of or including malicious/harmful code and/or having been detected as a possible security threat, you acknowledge that the file associated with the URL or the submitted sample may be protected by copyright laws and submission and copying such sample to WithSecure for security research purposes. In case the sample contains any personally identifiable information, WithSecure shall handle such information as confidential. More information on personal data collected in portal can be found in the WithSecure™ privacy Policy for services.

Other issues

Need help submitting a sample?

Contact our support and chat or speak with WithSecure expert for further assisntance.

Read more

Need help with troubleshooting?

Search our support articles to find the solution to common product issues.

Read more

Dealing with ransomware?

Advice on recovering affecting device or data Ransomware: How to Predict, Prevent, Detect & Respond

FAQ

How to create and send FSDIAG file?

If you encounter technical problems with your product and need further assistance, kindly create and send an FSDIAG file to our technical support. 

You can create the FSDIAG file using the Support Tool program provided with the product. This program gathers vital information about your system and its configuration, which includes product details, operating system logs, and system settings.

Information collected by our program will be treated with utmost confidentiality. Read more about our Support Tool privacy policy here. https://www.f-secure.com/en/legal/privacy/support-tool 

For Windows

Note: Support Tool requires you to be logged in as an administrator. 

  1. Click Start 
  2. Select All Programs > (WithSecure product) > Support Tool
  3. Select Run diagnostics
  4. Once the tool completes gathering information, it will create the output file on your desktop. The name of the archive file is fsdiag.zip. Do note that the file size may be as large as 100MB.  
  5. Attach the file to your support request. Our technical support will handle the request and reply to you. 

 

For Mac OS

  1. Go to Finder > Applications > WithSecure
  2. Select the Support Tool app 
  3. Select Run diagnostics 
  4. Once the tool completes gathering information, choose a location for the output file and save it there. The name of the archive file is fsdiag.tar.gz. Do note that the file size may be as large as 100MB. 
  5. Attach the file to your support request. Our technical support will handle the request and reply to you. 

 

For Linux

  1. Follow the instruction for applicable Linux product provided in the article How do I create an FSDIAG file on Linux systems? https://community.f-secure.com/common-business-en/kb/articles/5514
  2. Collect the archive file fsdiag.tar.gz. Product name and date of collection may be included in the file name, depending on the products.
  3. Attach the file to your support request. Our technical support will handle the request and reply to you. 
How do I collect quarantine files?

In the event where you need to submit quarantined files to our analysts for further investigation, follow the steps below

  1. Log on to your computer with administrator rights.
  2. Download the WithSecure Quarantine Dumper tool: https://download.f-secure.com/support/tools/fsdumpqrt/fsdumpqrt.exe
  3. Run the executable fsdumpqrt.exe. Enter your administrator credentials when the User Account Control appears.
  4. In the command prompt box, press Enter to read the license terms.
  5. Press E to allow the tool to start collecting quarantined files. The collected files are saved in a password-protected archive on your desktop with the name malware_samples.zip.
  6. Press any key to exit the tool.
  7. Submit the zip file in your next reply to our analysts.
How to save scanning report to a file?

To save a scanning report to a file, follow the steps below.

  1. Open your WithSecure security product.
  2. Click Virus scan to start a scan.
  3. Once the scan is complete, click View scanning report. This opens up the report in html format in your default browser.
  4. To save the report to a file, right-click on the page and click Save as....
  5. Give the file a descriptive name, and save it.
  6. Send it to WithSecure for analysis.
Viruses were found but were not automatically cleaned. What can I do?

Symptoms

The WithSecure security product reports an infection and states that it cannot automatically remove the infected files. Instead you will be asked to remove the files manually. In addition, in some cases the reported files cannot be found (anymore) on the system.

 

Diagnosis

When the WithSecure security product reports anything malicious on your computer it has already detected and stopped it, preventing it from causing any harm to your system or your data. Our security software will not remove infected files under some circumstances, they will however do no more harm than wasting your disk space and cause additional virus warnings whenever you or a system process is accessing that file.

 

Reasons for not deleting an infected file can be:

  1. File is an important system file and removing it would render your computer unusable. We prevent the malware embedded in those files from causing any harm to your system or your data, so you will be protected despite the frequent virus warning you will get whenever the infected file is executed, or otherwise accessed.
  2. The file is inside an archive. In that case we would have to delete the complete archive to remove it, including all clean files therein.
  3. The file is a temporary file created by an application, like browser downloads in progress, network streams and similar. Those files are usually locked by the application creating them, which means they cannot be opened or executed to do their damage, but also not deleted by WithSecure Anti-Virus at that point. Those files are then either replaced with a permanent version or automatically discarded when the process is finished.

Those are the cases where the files cannot be located on the system when trying to remove them manually.

 

Solution

It is very likely that your system is clean and safe but to be absolutely sure, run a manual full computer scan:

  1. Update the virus definitions manually to make sure the WithSecure security product has the latest database updates installed.
  2. Run a full computer scan. This will allow for a more thorough scan and is highly recommended especially if you suspect an infection.