Will F-secure recognize a virus after 'accepting' the software?

Sometimes when I install software F-secure shows a pop-up with the question if I trust the software: if I want to accept it or block it.

 

I'm now in doubt if I did the right thing: I accepted software from which I now think I shouldn't have accepted it. It was a download manager and that often comes with malware.

 

Now when I scan my PC for virusses: will F-secure recognize viruses which are related to this software? Or won't it recognize it (or just skip it) because I once 'accepted' the software in the F-secure pop-up? Does that mean there could be viruses on my PC that F-secure skips because I once 'accepted' them

 

Best regards,

 

Lennart

Comments

  • Simon
    Simon Posts: 2,667 Superuser
    I think you can remove a program from the 'allowed programs' list, so you could always do that, then it should ask again next time you use the program.

    Or, it might be simpler to just uninstall the program if you're not sure about it's integrity.

    You could also do a scan with Malwarebytes, just to be on the safe side:

    http://www.malwarebytes.org/
  • NikK
    NikK Posts: 903 Forum Champion

    As an extra precaution DeepGuard will ask when it detects a non commonly used application. Even if you allow it DeepGuard will continue to monitor the application for any malicious activity. If you regret allowing it you can go to the settings for Deepguard and click "Change application permissions..."

     

    Allowing applications in Deepguard won't affect any scans. It only allows you to run that application.

     

    Here's an advice I practice myself:

    Whenever I want to try a new not commonly used application, I download it and then scan it on the multi-engine scanner VirusTotal: https://www.virustotal.com/  It scans with 50 anti-virus engines. F-Secure is only one of them. It gives you a better protection especially for "unknown" applications.

  • NikK
    NikK Posts: 903 Forum Champion

    Malwarebytes is actually one of these 50 engines at VirusTotal, but I also recommend getting it. It can detect malware types that usually common anti-virus products can't. A very common thing it detects is PUPs = Potentially Unwanted Programs. An example is a toolbar that is installed without the users knowledge or approval.

  • Thanks!

     

    Is DeepGuard the only 'thing' that is used to 'accept/trust' or 'block' software?

     

    In other words: I am always safe whether I accept or block software, because Deepguard always monitors for malicious activity?

     

    The thing I'm very afraid of is passwords being stolen.

     

    I use the paid F-Secure Internet Security 2014.

  • Simon
    Simon Posts: 2,667 Superuser
    DeepGuard will always monitor programs, but, in my opinion, there is also an onus of responsibility which the user should take on board, by way of safe surfing, not downloading from spurious websites, and taking care with email attachments. I don't believe that any one security product can offer 100% bullet proof protection, but F-Secure is one of the best.

    For an additional layer of protection, I would recommend www.malwarebytes.org, for the free, on demand scanner, or for 'Pro' real time protection, which runs alongside F-Secure without issues.
  • NikK
    NikK Posts: 903 Forum Champion

    Deepguard is the only function that will ask you to allow or block an application, if that's what you mean.

     

    When it asks, it's because it can't decide from the applications reputation and behavior if it's clean and trusted. For some applications Deepguard won't ask you until the application tries to connect to internet. If you allow it, you not only allow the application to continue running but you also allow the application to send data to internet. Personally I'm not satisfied with DeepGuard behaving this way and I've made a idea suggestion about it but no response from F-Secure Smiley Sad

    If you want to be 100% safe you should block it. There's always a small risk an application can be an undetected malware.

     

    Deepguard is F-Secures HIPS: Host-based Intrusion Prevention System

    More detailed info: http://www.f-secure.com/static/doc/labs_global/Whitepapers/deepguard_whitepaper.pdf

     

    As recommended before: use VirusTotal to scan downloads and applications before you run or install a program. And Malwarebytes Anti-malware.

     

    For additional security layers I recommend reading this: http://community.f-secure.com/t5/Security/Security-products-that/m-p/36397

    In your case I'd recommend Sandboxie(free) to run applications in a sandbox. Besides application isolation you can also restrict Internet Access for programs, or you can block all Internet Access for all programs in a certain Sandbox.

  • I just scanned my PC with F-secure with all latest updates and did the two scans F-secure provides: Virus- and spyware scan and the Full scan.

     

    I also did the quick and full scan with Malware bytes.

     

    Nothing was found.

     

    Does this mean I'm actually safe? Despite the fact I might have accepted/trusted the application with F-secure?

     

    The application where I'm talking about is the sourcefourge download manager while downloading Filezilla. A lot of malware came in with Sourforge.

  • Simon
    Simon Posts: 2,667 Superuser

    I don't think anyone of us can categorically state that you are 'safe', as we can't see what's going on on your machine, but at a guess, I'd say that the Sourceforge Download Manager might have installed adware or toolbars at worst, which would probably not be considered as malware, but potentially unwanted programs (PUPs).  I think there are scanners which will remove these, and some have been recommended on this forum by @NikK

     

    Does the Sourceforge Download Manager appear in your Programs list in Control Panel?  If so, and if you're concerned, why not uninstall it?  It shouldn't remove Filezilla, if that is already installed.  It might also be worth checking the Programs list for any other unwanted applications, and also, check your browser Add-ons for anything untoward, such as toolbars which you haven't knowingly installed.

     

    Come back to us if you need further help with that.  :)

  • No unwanted programs are in the Programs list.

     

    The only add-on I do not recongnize in my browser is: XML DOM Document 3.0 (IE) and Google Documenten 0.5 (Chrome).

     

    For the rest I do not have any unwanted pop-ups, toolbars or tooltips.

     

    Only thing I'm scared of is a key logger or some password stealing application. But the chance that my pc has these kind of applications because of the download manager are quite low, right?

  • Simon
    Simon Posts: 2,667 Superuser

    I would have thought that either or both F-Secure and Malwarebytes would have picked it up if you had a keylogger.

     

    As I suggested, if you don't need the Download Manager, and you can uninstall it, then that might put your mind at rest.  :)

  • Thanks for your answer. The download manager is not in the Programs list. So I think it has not been installed after all.

  • Simon
    Simon Posts: 2,667 Superuser

    It sounds like you don't have much to worry about.  You could try running the Online Scanner, or even one of the online scanners from another product, such as Bitdefender, but if nothing has been found so far, my guess is there's nothing to find.

This discussion has been closed.
Pricing & Product Info