Best Of
Re: Computer Protection 19.2 will introduce .NET
Here's instructions on how to fix the computer - this issue you're experiencing on .NET is specific to Windows 8.1 / Windows Server 2012 R2. https://medium.com/@what_if/net-framework-4-7-2-install-error-0x80092004-cannot-find-object-or-property-9f46de27b980
You also identified a problem we are fixing at F-Secure. The retry happens with one of our calls to backend every six hours, and that is not our intended behavior.
Support will update the case, I don't have access to leaving you a personal note there.
Maaret
Appreciation Thread: Three Stars Ukko!
Dear Community Members,
(Drum rolls!!!)
Please join me in congratulating @Ukko for attaining this huge milestone. As of today, he has posted more than 3000 times on this platform.
Your act of selflessness cannot go unnoticed and we truly appreciate all you do for us here.
From the entire F-Secure Community team, we say Kiitos!!!
READ FIRST: Common solutions (Installation, Infections, etc. )
Installation, Uninstallation, malfunction
- Download installers - retail versions (not for F-Secure SAFE or ISP versions)
- Removing other Antivirus programs before installing F-Secure
- F-Secure Uninstallation Tool for Windows and Mac
- How to install F-Secure SAFE on your PC (for Virgin Media customers)
Infections (virus, trojan, pop-ups, browser hijacks etc)
- Infection were not automatically cleaned
- General removal instructions
- Cleaning compressed files
- Cleaning a temporary folder
- Cleaning temporary Internet files in Internet Explorer
- Cleaning System Volume Information or a System Restore folder
- Cleaning the Recycle Bin
- Pop-ups and browser hijacks are not necessarily malware. Try the free Anti-Malware from Malwarebytes which is good in detecting PUPs - Potentially Unwanted Programs
- F-Secure is detecting a trusted file as malware (report it to SAS as a false positive, but first scan it on VirusTotal to see if it's clean with other antivirus products)
Deepguard (F-Secure's application monitor)
Verifying that the protection works
- How can I check that my computer is protected and that automatic updates are working
- How to test Anti-Virus and Browsing Protection
Miscellaneous
- Submit a file or URL to F-Secure for analysis
- How can I perform a full computer scan
- The product shows that the virus definitions are old
- Where can I find the product subscription key
- Lost subscription key
Documentation & information
Getting help from the community
- Start a New Thread Please try to describe the problem in detail and provide information about what F-Secure product and version you have. And OS(Operating System) and version
Contact support
Additional security advice
- Running as Administrator? Read this!
- Free 3rd party security products that complement F-Secure AV/IS
- Process Explorer: How to scan all running processes with 50+ AV products
- To be extra safe before installing/running a new program: scan it on VirusTotal which is a multi-engine scanner with more than 50 antivirus products (F-Secure is one of them)
Please suggest other issues/links I can add to this list and I will update this post.
Re: Slow connection in Spain
Hi,
We noticed an underlying network capacity related issue on Friday December 4th at our Spanish location and our service provider there fixed it promptly. Now the network speed should be considerably better there. However, connecting from Finland to Spain has already lots of network and networking devices in between from various different network operators who are beyond our control, so that should be taken into notice when determining what is acceptable with download speeds.
--Tapio
Re: Why is Big Sur showing as macOS 10.16.0?
Hi MarttiNuudi,
Products "see" Big Sur either as 10.16 or 11.0 based on what SDK they were built with. Client version 17.8.35217 was still built with SDK 10.15 and will keep reporting Big Sur as 10.16. Next release will be already built with SDK 11.0 and will "see" Big Sur as 11.0 or the latest 11.01 and will report it.
Re: Why is Big Sur showing as macOS 10.16.0?
Hi MarttiNuudi,
Apple has confirmed that the major release of macOS, Big Sur, will identify itself as both version 10.16 and 11.0 according to context. For apps built with Xcode, the version returned depends on which version of its SDK they were built with. SDK 10.15 and earlier will consistently respond that Big Sur is major version 10 and minor version 16.
Shell and other scripts don’t have the benefit of an SDK to take care of such matters for them. If the calling environment sets the variable SYSTEM_VERSION_COMPAT=1 then Big Sur will return 10.16 as its version number; with that absent or set to 0, the version returned will be 11.0
This ensures that all existing apps should see Big Sur as simply an incremented minor version. Build an app with a new release of Xcode which features the macOS 11 SDK, and the major version will be 11 and the minor version 0.
Re: Weekdays in Family rules
Hello,
I am only an F-Secure user (their home solutions).
In family rules is it possible to modify time limits for each day? For example, if I want to set monday - thursday 2h time limit and friday-sunday 4h timelimit. Now i can choose only mon-fri or sat-sun.
I think that it is impossible with its current design (of F-Secure SAFE).
Perhaps, the logic is "work days" vs "weekends" as a general pattern of use. Mostly, about daylight hours.
As a result, it is only possible to think about some workarounds.
Another feature that i would like to see is to set "vacation mode" to child. For example set all time limits off for next 4 day.
That sounds fine. However, how it should be done? I mean - set it up in advance, even before the "vacation" (for a certain date) or turned on on-demand (then switched off automatically, returning to the usual limits)?
Anyway, there is a dedicated board for feature requests: https://community.f-secure.com/en/categories/Idea_Exchange
Where you can place your ideas and other users can somewhat vote, while the F-Secure teams check it at the time of planning to add or improve functionality.
Thanks!
// one small late addition: with F-Secure Internet Security (only Windows devices) - there is still an ability to set up each day. However, only one platform and no external management (only locally).
Re: Many devices one TOTAL account
Hi @Earthcore
At present, its possible to link one SENSE router to your My F-Secure account for TOTAL subscription package. The majority of home users are using single router for their home environment. If we get more requests, we might rethink your options. In the meantime, I hope you continue to enjoy our service.
Re: Got a blue screen and now I'm paranoid
Hello,
Sorry for the delay with my response!
I also can't find this "recovery" folder. I have hidden files shown so maybe it truly is just some folder that user cant directly access.
So, besides "hidden files shown" option, probably, you may need to modify also the next option: "Hide protected operating system files". By default, it should be checked. So, need to uncheck it and maybe the mentioned folder will be visible. Rough way to do so is ("Control Panel" - "Folder Options" - "View" tab - check list of options against one with wording around "Hide protected operating system files" and uncheck it). However, "checked" state is a recommended one. Also, even if it will be visible - access to it can be restricted anyway.
Is it normal that F-secure and Windows Defender never gave me notification about the PUA. I got the notification about it after doing full scan with Windows Defender? F.secure scan or quick scan with Windows Defender found nothing.
Yes, it is normal. So, both solutions are not found it by real-time scanning. Because "no access" to items, "no launch" state. It is just static 'suspicious' items. Even inside "container" (kind of limited possibilities to go out). When you scan it (full scan) - Windows Defender discovered that this item looked suspicious and maybe a certain 'pattern' that is known for its 'signature logic base'.
Quick scans are usually about the most critical system places and paths where malware can to be. Mostly against "active" ones.
If F-secure never told me about the PUA was Windows Defender able to handle the PUA either quarantine or delete/block it even with F-secure enabled?
If both solutions are enabled (mentioned "periodic scanning" feature of Windows Defender) and there are no some troubles (mentioned discussion under Microsoft Community "Windows Defender Identifies The SAME PUP As A Threat Repeatedly") - then it should be done after then scan event when them item is detected and the 'action' is adjusted.
By default (Windows 10), if F-Secure AV/IS/SAFE enabled/active - then Windows Defender is disabled (off). And there is no 'good' way to use both of them with real-time scanning (at least, it is not recommended and may be tricky). Windows Defender can be used as on-demand scanner and Windows Defender can handle own findings.
Again, PUA only means that it is a potentially unwanted application, which under some circumstances can be dangerous. Or, which is undesirable since of a hidden installation. That is, if the user did not install this software on his own. Instead it was "bundle" from another installation.
In this case, it is more likely "leftovers" or inactive remained things (because was there as 'initial' state of your system / packaged PC applications). Pre-installed game on your PC.
For example, certain network driver (based on its name) need for the game. It is located under game files. Maybe during installation or launch - driver is 'copied' to System folder (System32) for its wide use. So, it can be different places - but based on provided paths by you - it is anyway somewhat pinned to ASUS GameFirst IV.
Actually, there are some topics on their community about detections against their files / drivers:
- GameFirst IV - Flagged as malware by McAfee (asus.com)
- ASUS ROG Game First III driver detected as Adware (NetTool / NetFilter) [Archive] - ASUS Republic of Gamers [ROG] | The Choice of Champions – Overclocking, PC Gaming, PC Modding, Support, Guides, Advice
the average conclusion was that it was a false positive. Since of its 'design' - unknown network driver - looks as a somewhat that can interfere with user's network (suspicious).
So basically my question is can Windows Defender still quarantine or delete files even with F-secure. SInce the F-secure never had notification about detecting the PUA.
By default - not. I mean - Windows Defender should be with an option to perform scan OR be enabled. Otherwise - Windows Defender can not to detect/handle something.
If your concern is about - will F-Secure prevent trying to quarantine / delete file by Windows Defender. I think that - no. Should be fine. At least, if F-Secure did not think that this is critical file OR also think that this is malicious item.
In addition, F-Secure never had notification about this item (detected as PUA by Windows Defender) - because, for example, these files are not dangerous or rogue. Instead legit, valid ones. That can not be PUA since of its normal design. F-Secure, basically, detect something as PUA based on this policy matter: https://www.f-secure.com/v-descs/guides/classification_guide_pua.shtml
Sorry for asking so many questions again but I just feel a bit paranoid since my PC usually never crashes and I havent had many notifications from any AVs before
It is OK. Actually, based on provided information - situation is quite normal and nothing really to be concerned.
Two detected items (netfilter2.sys) are placed under Recovery directory. As part of initial state of PC. So, static. And perhaps about safe files from certain game. And only Windows Defender (of tried scanners) think about them something. What is more looks like as a false positive.
It is not removed/deleted/quarantined - because inside container (not possible to modify / repack it).
Good step is somehow contact Microsoft and to inform them about situation - maybe their Labs can to analyzing items (files) and whether drop detection or to provide more information abut risks
Thanks!
Re: XFenceDaemon slows down function of ArchiCad23 and 24
Hello, @Architect!
I believe that the root cause of the issue is that DeepGuard feature of SAFE is currently unaware of Graphisoft developer team identifier and is trying to collet as much diagnostic information as possible.
Let's try the steps below to mitigate low performance in Archicad due to DeepGuard interference.
Please open Terminal app and enter the commands below to create an ignore rule for DeepGuard which targets Graphisoft applications. There are three commands: the first two create an ignore rule for applications which are signed with Graphisoft team identifier and the last one restarts DeepGuard service (xfencedaemon).
echo 'allow prefix "/Users/" "any" rwcx "t" "3E9E9FN277"' | sudo /bin/sh -c "cat >> /Users/Shared/F-Secure\ XFENCE/local.xfence.rc" echo 'allow prefix "/Volumes/" "any" rwcx "t" "3E9E9FN277"' | sudo /bin/sh -c "cat >> /Users/Shared/F-Secure\ XFENCE/local.xfence.rc" sudo killall xfencedaemon
I would give it about 5-10 seconds for DeepGuard to restart and apply these new rules. Please let me know if there is any improvement in Archicad performance after that. Thanks.
One thing worth mentioning is that we are planning a new release of SAFE quite soon (upcoming weeks) with more user-friendly controls. The command line interaction with DeepGuard is unfortunately a limitation of the current release of SAFE.
Best regards, Arthur
SAFE Mac R&D Team