cancel
Showing results for 
Search instead for 
Did you mean: 

TP130 Windows client release

Scholar

Re: TP130 Windows client release


@DoubleTom wrote:

Antivirus:

  • Web traffic scanning will now show flyer also for clean files that are downloaded.

This causes some annoyance to me because it doesn't tell which application downloaded a file and where did it go to. I wasn't able to find the information from any of the log files so I had to fire up MS Network Monitor to capture the reason for the message below.  It turned out to be Steam client. I wish I could turn this off or at least to be able to rule out Steam for announcing the clean files without excluding it from the scan altogether.

 

fs_steam_annoyance.png


This kept popping for me a few times as well. As said in the quoted post, this is more annoying than helpful. Having no way to change the default is a bit of an odd one, as I remember back in the days of Internet Security having more control over some settings than you have now in "fs protection"

Highlighted
Superuser

Re: TP130 Windows client release

Hello,

 

Sorry for questions again.

 

It's also about new feature (web-traffic flyer about safe-files downloaded):

 

 

Spoiler

-> Does there will be some of other protocols as supported ones (except HTTP)?! Or it's not really helpful?

I mean something as "FTP" maybe (?!);

 

 -> How it will be about files, which will be not known for F-Secure Security Cloud (if checking goes be cloud/reputation-based there). It will be marked as "safe file" - because it's not known as malicious/suspicious file? Or it will be trigger to brief analysis for file (and will be pause before downloading?!).

 

 -> Can be situations, when file goes be marked as safe-downloaded... but during downloading it goes be "re-placing" for another one (?!). On-the-fly (?!)... if it possible, of course.

Or it's not really important, because local-scanning will be detected any malicious files.. and "safe-status" comes just from cloud  (and same with scanning by installation) and it's does not created something as new "separate" module of detection (I mean - if it's not known for engines, but can be detected before downloading - which probably not possible)?

 

-> Can be situation... when files goes be marked "This file is safe to open", but during "open" - DeepGuard will be detected something (or suspicious, or malicious, or other). Or there meanings "safe to open", but not "to launch"?

Or maybe I mean... what if there already can be situation... when current flyer can to create notification about "detection by DeepGuard, which can be after launch"? Such as - it's not a detection malicious web-traffic, but also related with new feature about safe-web-traffic-downloads-flyer, but with "knowledge" about potential DeepGuard prompt (for known files)? Or it's also not possible?

 

 

Maybe all of that can not be helpful...

And not so important how can be "optional"-status for current feature (show notification-flyer for safe-downloads or does not use it). Or maybe something as additional information around flyer.

 

But anyway.... just decided to ask current questions too.

 

Sorry again.

 

 

Thanks

Tags (1)
Superuser

Re: TP130 Windows client release

Hello,

 

Sorry for the over-the-words... but just want (if I can) to ask about

"Browsing protection blocking event now added to product timeline ";

 

On current time (and previously) blocking under "background" will be "invisible" still.

 

There I mean - if F-Secure blocked something (but not full page or current-direct URL) during visit a web-page as malicious element or other... it goes be not visible for users (if it's not available to be as "frame" and there just resources). It's mean - user goes with experience about web-site and without experience.. that there was something blocked (as malicious resources, scripts, pictures or something else from another source.... or another variants for same situations).

 

But what if with new current feature.. it's possible to do something, which can be as trigger.. for adding "all blocking actions/events" for timeline.... and not just ones, which visible as "normal blocked page".

Time to time it's can be helpful maybe, but can be "surprise" (because without "knowledge" where it was).

If there should be examples... maybe I can to create some of them (which I met time to time).

 

Sorry again for reply.

 

Novice

Re: TP130 Windows client release

I keep having the pop-ups discussed here quite often. They don't bother me too much except for the fact that they become the active window upon appearing. This means that if I'm, for example, writing something and the notification appears I can't write again unless I reselect the windows or wait for the notification to disappear.

 

I have also been unable to find a way to turn the notifications off.

Superuser

Re: TP130 Windows client release

Hello,

 

Just want to say... that I also today get experience about DeepGuard and "svchost.exe" blocked at launch system (one of machines, which was not launched after upgrade fs protection....  and all of isntalled browsers, which can be a reason.. because there also was new firewall rules for them?!).

With reason as "unknown application" trying to get network connection. And maybe related with Teredo (?!).


So... maybe there any changes around?! Anyway.. I choose block it and get also prompt for transfer sample. So it's work too. :)

Supporter

Re: TP130 Windows client release

There was a similar problem at me, more I cannot add nothing because I am testing ULAV and I don't have installed FS Protection on a computer