FS Ultralight AV flags steam server status as malicious url

GroovyMotionGroovyMotion Posts: 7
in Home Security Beta Programs

I have noticed that Ultralight AV flagged steam as a malicious url when I start it. This is only to check the steam server status so I had to tag it as safe or else steam would generate errors.
Has anyone noticed that? I have to make steam a safe app in order to run it. Just curious.

Like

Accepted Answer

Comments

  • klima89klima89 Posts: 58

    As far as I remeber I didn't have problems around steam, but I noticed that playing through steam, one of ULAV processes consumed the considerable part of the processor (probably fshoster64.exe, but I don't certainly know because I came back to FS protection)

    Like
  • UkkoUkko Posts: 3,215 Superuser

    Hello,

     

    Potentially.. there should be one desing around "malicious"-ratings and URLs.

    So, if F-Secure ULAV marked it as "malicious". Another solutions - FS Protection or F-Secure IS should to have same decision about URL.

    But with F-Secure ULAV "background-blocking" more visible as notification-prompt. With FS Protection it's can be not visible but "blocked" in fact. Such as.... blocked connection, but notification can be just as "blocked-page" - which missing there by connection-source.

     

    I not really friendly with Steam, but with my experience about F-Secure ULAV and Steam-application probably not about your experience. Such as - without any prompts about malicious URLs (as Steam-server URLs). But maybe you able to create some of "steps", which can be as repeat-instruction for reproduce situation?!  Maybe I just have experience about another steps of use.

     

    Or maybe your situation with something else around.

     

    Sorry for my reply.

    yeoldfart
    1Like
  • GroovyMotionGroovyMotion Posts: 7

    I haven't checked the status of ofhost but I will, thanks!

    Like
  • GroovyMotionGroovyMotion Posts: 7
    I don't understand what you mean by steps. If I remove steam from a safe app, it will immediately be triggered by ULAV as soon as I start steam.
    Like
  • AndyPAndyP Posts: 45

    Thanks for alerting us to this. We had a similar false positive a few weeks ago. I'll have our folks look into the problem.

     

    The same exact mechanisms are used fto check URL reputation in all of our products, so if this is a real issue, it should also affect FSProtection.

    GroovyMotion
    1Like
  • PaolofPaolof Posts: 3

    Hi there

     

    just to let you know that FS Ultralight is again blocking steam server status websites. I've sent the 3 url to FS sample analysys as false positive.

    have a nice day

    p

    Like
This discussion has been closed.