FS Protection PC Release 213

Ville
Ville Posts: 671 F-Secure Employee

New Features:

Common:

  • Improved product messaging. On Windows 10 the product will use Windows toast notifications. On Windows 7 and 8 we have new design for notifications.
  • GDPR compliant permission to collect product improvement data. User can select to send product improvement data to F-Secure during installation or from common settings. Note: For beta users this option is locked to enabled and cannot be changed. If you feel that you don't want to contribute product improvement data you need to stop using the beta product.
  • User can select to receive tips and offers to the client. The choice can be made during installation or from common settings.

Fixed issues:

Common:

  • Security Cloud privacy policy link points to wrong privacy policy (PBL-3315)

Antivirus:

  • Malfunction not reported when fsulhoster stopped (PBL-3352)
  • Inappropriate and misleading messages when security features turned off (PBL-3342)
  • [LOC] Netherlands - "Tools" does not fit in button (PBL-3297)
  • Ransomware slider on when DeepGuard slider off (PBL-3296)
  • Fsfilecontrol.exe not exiting (SAFE_BUG-02254, PBL-3278)

Browsing Protection:

  • Childmode, element of allowed page from different domain was wrongly blocked. (PBL-3293)

  • Banking Protection Flyer Details button not working in a rare case. (PBL-3295)

  • Allowed and Denied Web Site List Management not working if Settings dialog was closed. (PBL-3341)

Ville

F-Secure R&D, Desktop products

Comments

  • Ville
    Ville Posts: 671 F-Secure Employee

    Also, please note:

     

    "Recent events" is under work and will be empty or just have a few entries. All old data from recent events is lost.

     

    Ville

    F-Secure R&D, Desktop products

  • Ukko
    Ukko Posts: 3,611 Superuser

    Hello,

     

    Thanks for release.

    One strange point -> fresh TP213 is installed and currently (before restart) I did not receive any of toasts with Windows 10 (about anything). Furthermore, real-time scanning is broken maybe (since -> it will not trigger prompt about detected items. in fact, any action is allowed - include downloading malicious file).

    // Will back after restart.

    // // after restart - troublestuck is still there. does it potentially expected?

    // // // such situation with three Windows 10 systems (where I tried). I will try to check about potential local troubles or with other system later.

     

    Thanks!

  • nanonyme
    nanonyme Posts: 145 Path Finder

     


    @Ukkowrote:

    Hello,

     

    Thanks for release.

    One strange point -> fresh TP213 is installed and currently (before restart) I did not receive any of toasts with Windows 10 (about anything). Furthermore, real-time scanning is broken maybe (since -> it will not trigger prompt about detected items. in fact, any action is allowed - include downloading malicious file).

    // Will back after restart.

    // // after restart - troublestuck is still there. does it potentially expected?

    // // // such situation with three Windows 10 systems (where I tried). I will try to check about potential local troubles or with other system later.

     

    Thanks!


    Hey,

    Just curious, does the product still quarantine eg eicars correctly on access? Just wondering if it's just the detection on download that's misbehaving or something more severe

  • nanonyme
    nanonyme Posts: 145 Path Finder

    Looks like I'm not getting any visible indicators either, the file is getting deleted though. (tried saving Eicar text from Wikipedia into a file, it got removed upon save) Also looked to me as if the downloads were in reality blocked, just silently. Since the changelog mentions Toast notifications were taken into use, I wonder if it matters that I have manually deleted the desktop shortcut.

  • Ukko
    Ukko Posts: 3,611 Superuser

    Hello,

     

    With my current experience (before this TP too) - two of systems with trouble about "Quarantine" (trouble is saved even after reinstall). So, malicious item is not quarantined after manual context scan and is not cleaned (but detection there during manual context scan).

     

    With potential TP213 real-time scanning trouble:

    -- Possible to download malicious file and save it under filesystem; There by malicious file - I mean 'known'(?) harmful-rated file like eicar (for example).

    -- Then it is possible to try launch/load/modify/copy/unpack different malicious items.

    -- It is possible to create eicar-test file and save it (but maybe such point is pinned to first noted trouble with 'Quarantine' and it was possible before this TP too).

     

    I will try to re-check it more with current hour. What if there is changes already.

     

    Thanks!

     

    // later added:

    my previous reply was with words like """it will not trigger prompt about detected items""" - but I did mean something like "it will not trigger prompt about POTENTIALLY known malicious items" like it is known that previously such file/item/action will trigger real-time scanning prompt/flyer. Currently, such 'notification' is not visible AND,in fact, entire real-time scanning feature is kind of 'broken' - because any of action is allowed (download and save file; launch/modify/copy/unpack file; create fresh file and so on).

    While potential "Toasts" are not visible with any other potential events too ('Time limits' as example; 'Disabled real-time scanning' and so on). Where was 'notification/prompt' previously - currently it is not visible with my systems. Also, sounds that disabled 'real-time scanning feature' did not trigger prompt "Turn ON" it.

     

    I thought that maybe based on incomplete 'revent events' - such situation is expected. But strange point with real-time scanning abilities is a little be strange. I tried only with three systems (and all Windows 10). I will try to check it with Windows 7 maybe; and check about potential local-based reason for such situation.

     

    Thanks!

  • nanonyme
    nanonyme Posts: 145 Path Finder

    @Ukkowrote:

    Hello,

     

    With my current experience (before this TP too) - two of systems with trouble about "Quarantine" (trouble is saved even after reinstall). So, malicious item is not quarantined after manual context scan and is not cleaned (but detection there during manual context scan).

     

    With potential TP213 real-time scanning trouble:

    -- Possible to download malicious file and save it under filesystem; There by malicious file - I mean 'known'(?) harmful-rated file like eicar (for example).

    -- Then it is possible to try launch/load/modify/copy/unpack different malicious items.

    -- It is possible to create eicar-test file and save it (but maybe such point is pinned to first noted trouble with 'Quarantine' and it was possible before this TP too).

     

    I will try to re-check it more with current hour. What if there is changes already.

     

    Thanks!

     

    // later added:

    my previous reply was with words like """it will not trigger prompt about detected items""" - but I did mean something like "it will not trigger prompt about POTENTIALLY known malicious items" like it is known that previously such file/item/action will trigger real-time scanning prompt/flyer. Currently, such 'notification' is not visible AND,in fact, entire real-time scanning feature is kind of 'broken' - because any of action is allowed (download and save file; launch/modify/copy/unpack file; create fresh file and so on).

    While potential "Toasts" are not visible with any other potential events too ('Time limits' as example; 'Disabled real-time scanning' and so on). Where was 'notification/prompt' previously - currently it is not visible with my systems. Also, sounds that disabled 'real-time scanning feature' did not trigger prompt "Turn ON" it.

     

    I thought that maybe based on incomplete 'revent events' - such situation is expected. But strange point with real-time scanning abilities is a little be strange. I tried only with three systems (and all Windows 10). I will try to check it with Windows 7 maybe; and check about potential local-based reason for such situation.

     

    Thanks!


    I'm assuming you know but writing this to whoever else might be reading through this release posting: us beta users aren't actually expected to test the product against malware other than coincidentally bumping into malware during routine computer usage. There are certain safe samples that can be used for triggering various alarms in the product but if it's not obvious what's safe and what's not, do not download any samples for testing at all.

  • Ukko
    Ukko Posts: 3,611 Superuser

    Hello,

     

    I managed to receive toast notification with fourth Windows 10 system - where I tried to perform clean installation of FS Protection (FsUninstallationTool / manual cleaning). Such installation with proper state of Quarantine (as potential point). Not sure about any other differences yet.

     

    With tries to download eicar-test-file or to create it -> such action is prevented and toast is visible (but strange that "Location"-field of toast is about 'filename' only).

     

    So, Toast and Real-time scanning should work. I will try to understand what is reason with another three Windows 10 systems (and to check about potential other toasts).

     


    @nanonymewrote:

    I'm assuming you know but writing this to whoever else might be reading through this release posting: us beta users aren't actually expected to test the product against malware other than coincidentally bumping into malware during routine computer usage. There are certain safe samples that can be used for triggering various alarms in the product but if it's not obvious what's safe and what's not, do not download any samples for testing at all.

    Yes, I tried, usually, eicar-test file (or its modifications); other popular 'testfiles'; uncommon and unpopular false positives; some 'safe' PoC-files/manual tries with detection by F-Secure. It is good do not try indeed malware with normal system (or as stated - when it is unclear what is safe or what is not).

     

    Thanks!

  • nanonyme
    nanonyme Posts: 145 Path Finder

    I've had 3 Win10 upgrades myself and got working toasts in two out of three. This is seeming alarmingly random to me :/ I suspect the precise contents of the Toasts may not be finalized but strange there's this much fluctuation where they work and where they don't

  • Ukko
    Ukko Posts: 3,611 Superuser

    Hello,

     

    Just as my own feedback about my own situation (and three other systems):

    -> Clean reinstallation (with Uninstall Tool, manual clean up) for one device was helpful. There is still some trouble with 'Application and File Control' (partly another than before) - but toasts are there (as with entire clean installation with another device).

    -> With one device clean reinstallation was not helpful - but maybe it was not indeed 'clean'. And there is also trouble with 'Application and File Control' (and real-time scanning).

    -> With another device 'All OK' with 'Application and File Control' - but toasts are not visible. But looks like that real-time scanning is OK. And just silently block all events (only toasts are not visible).


    With 'helpful clean reinstallation' was interesting point. It was clean(?) reinstallation - but after first toast (or further shutdown/turn on system) -> 'stuck' toasts from previous installation (probably not all of them - but some part; probably based on limits with seventeen? toasts) - appeared with Windows notifications area with fresh ones.

     

    Thanks!

  • Ukko
    Ukko Posts: 3,611 Superuser

    Sorry for over-the-reply.

     

    One more feedback (quite logical.... but):

    for getting Toasts with Windows 10, at least, should be 'enabled' option for "Windows Settings >> System >> Notifications & actions >> :Notifications: Get notifications from apps and other senders: ON".


    With one certain system (entire clean installation and tweaking settings) "OFF"-state of this option was a reason for 'invisible' toasts while all things are captured.

    I'm not sure that it is can be a reason for one another my system - but I will try to re-check it later.

     

  • nanonyme
    nanonyme Posts: 145 Path Finder

    @Ukkowrote:

    Sorry for over-the-reply.

     

    One more feedback (quite logical.... but):

    for getting Toasts with Windows 10, at least, should be 'enabled' option for "Windows Settings >> System >> Notifications & actions >> :Notifications: Get notifications from apps and other senders: ON".


    With one certain system (entire clean installation and tweaking settings) "OFF"-state of this option was a reason for 'invisible' toasts while all things are captured.

    I'm not sure that it is can be a reason for one another my system - but I will try to re-check it later.

     


    Hey,

    It might sense to leave some of those systems where you're not setting Toasts with in that state until there's further comments from F-Secure on this in case they want to fix the problem with a further upgrade

  • Ville
    Ville Posts: 671 F-Secure Employee

    Hi,

     

    I think we have quite good understanding what is causing the toasts to not work after upgrade. We are working on a fix that will be in next TP release. Toasts should always work after clean installation.

     

    Ville

    (F-Secure R&D)

     

    Ville

    F-Secure R&D, Desktop products

  • Ukko
    Ukko Posts: 3,611 Superuser

    @nanonymewrote:

    Hey,

    It might sense to leave some of those systems where you're not setting Toasts with in that state until there's further comments from F-Secure on this in case they want to fix the problem with a further upgrade


     Hello,

     

    Yes, there is one laptop with multiple user accounts (where I did not check yet - what if some of user accounts with 'OFF'-state for noted system option). 

    There I did not clean installation or reinstallation. While with another systems -> there are already clean installations and toasts are visible (with related system option is 'ON'; or from first where it was with 'ON'-state).

     

    And I created potential fsdiag; but based on further reply -> it is something as potentially 'known' (so, even if one my system was with practically another 'view' than current system - maybe it was not something too much local and is not pinned to only my systems anyway).


    Also, I did not create any reports on subject (for except this topic's discussion). Rely on 'fresh' feature of collect product improvement data. :):)

     

    Thanks!

  • yeoldfart
    yeoldfart Posts: 556 Superuser

    I have a different experience: toast worked fine on clean install after enabling it in the windows parms, the bad side: bank protection does not kick in: the controversialBP status bar is nowhere to be seen: feedback ticket created.

  • yeoldfart
    yeoldfart Posts: 556 Superuser

    issue solved by beta feedback answer as follows

     

    lose all web browsers
    - Open fs protection UI
    - From Antivirus tab, open Settings
    - Select "Browser extensions" tab, click "Reinstall extensions". If you are using also Chrome, do also the Chrome Web Store steps shown in same tab.
    - Open you web browser and navigate to Add-ons/Extensions settings. Make sure that Browsing Protection extension is installed and enabled.
    - Restart browser and check if banking protection is now working.

     

    works perfectly now, thanks Jouni

This discussion has been closed.