I want to run Memreduct which is a safe software but the Deep guard blocked it so I put it in the Excluded list but the Deep guard keeps blocking it.
There is no way to run this tool without disabling the real-time protection because the exclude list is not working. any idea?I never had such experience with the deep guard.
P.s: the issue gon after a restart but I guess there is a bug or smth like that.
Only tangentially related but it sounds to me like all this software does is force flush process working sets to a page file on disk. If those processes were not dormant, this is likely to lead into a lot of disk trashing and reduced system performance. You can easily DDoS a system by doing this as admin so no wonder the software is blocked by default
I noticed fshoster64 using HTTP to connect your servers!! and we all know port 80 is not safe! did you ever consider to use HTTPS ? for me, this is weakness and from what I know most av companies using HTTPS.
I also noticed similar stuff in hotfix installer log:
2017-10-22 14:10:08.514 [1f38.07f8] I: *** LOGGING STARTED *** (UTC+3:00, session: 0x0)
2017-10-22 14:10:08.514 [1f38.07f8] I: ParseCommandLine: Started with cmd line: "C:\Program Files (x86)\fs protection\apps\Ultralight\ulcore\1508417709\_hotfix.exe"
2017-10-22 14:10:08.514 [1f38.07f8] I: InstallationLocker::Acquire: Lock acquired
2017-10-22 14:10:08.514 [1f38.07f8] I: Downloader::downloadAndUnpack: Downloading 'http://download.f-secure.com/ultralight/hotfixes/hotfix.zip' (fallback 'http://download.f-secure.com/ultralight/hotfixes/hotfix_fallback.zip'). Package type: 0
2017-10-22 14:10:08.514 [1f38.07f8] I: Downloader::downloadFile: Downloading from 'http://download.f-secure.com/ultralight/hotfixes/hotfix.zip' to 'C:\ProgramData\F-Secure\temp\hotfixes.zip'
I'm not entirely sure if it's security issue, but isn't it possbile to do MITM (when using malicious proxy)? Sorry if this is noobish question, perhaps you use some other methods on validating the downloaded files.
Ok, I just found another problem: I disabled both Deep Guard and real-time protection from the GUI! but the problem is f-secure still trying to block my keygen!
Seems it's not working and the real-time protection is still active.
Regarding HTTP vs HTTPS. Any package we download over HTTP has a custom crypto signature that we validate before using it. If you for example look into those zip files, they have a manifest file, which is a signature made by F-Secure. The client will only accept the package if the signature is valid. HTTP is used on some downloads to make it possible to cache the files on ISP proxy level.
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link:
Visit the Community
Check our Forums or How-to & FAQs for advice or answers
View User Guides
Refer to our getting started guides and product manuals
Talk to our Support and get answers to your questions