ULAV fresh news

Superuser

Re: ULAV fresh news

IMO the devs definitely should investigate and rduce drastically the bandwidth it takes.
have a nice sunday, plenty of sun here :)
Highlighted
Supporter

Re: ULAV fresh news

mutuallySmiley Happy greet

23
Regular Member

Re: ULAV fresh news

@Ukko, Tried every possible way to open the file. Windows explorer shows it as empty, 7z says it's broken.

@yeoldfart. Yep, I will wait till Monday. Thanks.

 

 

edit: Tried  uninstall and install (of both F-Secure ULAV and Firefox) to see if the problem is corrupted installation or something, but the issue still persists.

Superuser

Re: ULAV fresh news

Hello,

 

23,

Spoiler

it's strange... just because it should be normal work.

But there I mean.. that link should be "valid", size... around "valid"-view.

Maybe there something goes wrong during download (by Firefox-specific?) or 7z-settings.

 

Anyway.. just for re-try: direct-link can be also found by next steps:

https://www.f-secure.com/en_US/web/home_us/support-tools

-> there will be direct link for ftp-download:

ftp://ftp.f-secure.com/support/tools/fsdiag/fsdiag.zip

But maybe need to visit: ftp://ftp.f-secure.com/support/tools/fsdiag/   and get fsdiag from there (such as.. if there something wrong with downloading). 

My experience with 7z comes just as "tool". Such as.. I not use it as "default" software for zip/archive-extensions. So.. by default.. there will be try to open or (unzip) it by default Windows mechanism for .zip-files.
With 7z I can to manually unzip/unpack current archive, but not open (as normal) with another extension.
Also.. there can be trouble just around directory-name (better to try... something where can be just English-words!? under folder and before that).
It's just for dreams around.

Anyway... maybe I just will try to do same steps for Firefox :) to see how it will be with my device too.

Sorry for reply again.

 New addition:

Spoiler

With Firefox... and my experience (under one device).... comes with next points:

 

-> Firefox work normally about "closing" or speed of work.

It's looks like OK. And there just fresh installation of Firefox with disabled "auto-update-service" and some of other re-changes for settings; And not installed any of plugins/addons (except.. default ones);

 

But there was strange point... in somewhat reason.... Firefox does not save "history of changes". Each launch was as "first one".

 

-> Can it's also be.. that your experience about troubles.. comes just from add-on?

Did you try not just disabled F-Secure ULAV, but disabled or temporary remove current add-on (which also have troubles under your description);

 

klima89,

Spoiler

you have good design. :)

I feel "re-scan" each time (practically) for folders with a lot of executable files (but there include "local"-scan too.. if databases goes be updated).

And during first launch "my music-media-audio-player" (as example) per session.


What about "installation" as main words under your dreams...  F-Secure ULAV have more "speed"-work, than it will be with FS Protection (F-Secure IS) as example. :)

But it's indeed can to take more time...  and maybe it's normal (during reinstallation). Cloud-databases can be with changes. And current file or part of file.. or other streams during installation already can be marked as malicious. It's should be with re-scan probably :) And any "real-time" actions should be under control.

Also.. with my experience.. not all "installation" goes to be with stuck. But most of trouble-point for me... it's installation for Windows Updates, which goes to be "paused" for uploading (?!) by F-Secure ULAV.. and installation take not just a five minutes, but more than hours.

Just with software.. there always differently. And usually.. it's does not take indeed more time, than it can be.

Also your network speed.. probably much higher, than my.

 

Sorry for reply.

Just decided.. to ask.. what certainly you mean.. about "reinstallation". F-Secure ULAV should to scanning any of new files.... if it was not whitelisted by (exclusion list). And if not whitelisted under Security Cloud;

Also.. how I can to understand.. Security Cloud trigger "upload" a file/metadata.. just if it's totally unknown file.

And it's normal. Just unknown file/metadata (or creating hash/ssdeep and check it).. or first "time in use" under system..... should be uploading for Security Cloud (?!) as visible something. And all other.. brief-"skipped" during normal connection. And just "signature-hash" re-checked.

 

But my experience with some of files (just static.. not launch/not install).. about "not temporary", but too much often "uploading" file/metadata to Security Cloud. Such as.. it's always "unknown" :) and not start be "known" already. It's often related with manual scan, but.... anyway... I not sure.. that it's related just with "ssdeep/hash"-creating action. Because it's looks like total/full upload as "unknown file". Which can be during download-files (or was before).

23
Regular Member

Re: ULAV fresh news

Thanks for the new link. This one works. :)

 

edit: Tried with the add-on disabled. Same.

 

 I think I found it! Disabled all the add-ons and started enabling them one by one. FF did it when  Tab Mix Plus 0.4.1.7 was enabled, not before. Ok, now I feel better. Will disable this add-on for now. Thank you everybody. :)

 

No, actually nothing is OK. Smiley Sad Firefox resets all my add-ons to default settings on every browser restart. I think my browser is being virtualized WITHOUT my approval. Well....that's not a good thing. So, my final conclusion - ULAV is causing all the troubles.

Superuser

Re: ULAV fresh news

Hello,

 

So... "virtualized" Firefox.. it was totally same with my brief-check before (where I called it as strange point - "Firefox does not save "history of changes". Each launch was as "first one". probably it's about same experience with your);

I goes to re-check it now... and yes... maybe we get more "true" description for trouble:

 

-> F-Secure ULAV + installed Firefox create a "virtualized" Firefox;

 

Spoiler
Just because also.. it's mean... other troubles.. related with add-ons (as example... it was suggestion and maybe it related with your experience after that; anyway with my experience Firefox goes be closed and work normally during launch. but there not installed any of addons/plugins, which not default)... there can be temporary work-around (?!):

 

Because... there work next workaround too:

 

-> turn off F-Secure ULAV... launch Firefox... set up it (include... disable addons, which can to create something wrong) or simply re-change anything. Close Firefox. Turn on F-Secure ULAV.

 

Should be already stuck with new "changes" :) and "virtualized" normally work status again (but "virtualized" not work.. when F-Secure ULAV disabled/unloaded).

Such as... "virtualized" was disabled. But F-Secure ULAV in somewhat reasons prevent changes for settings/other things around.

 

I not really friendly with Firefox. But probably it's can be that Firefox totally work under "scripts" (such as UI based on real-time creation) and it's can be that... F-Secure ULAV prevent to proper save-status for any changes.

Or maybe there just can be "time-out" for creating settings-file (?!) (Firefox have limits, but F-Secure ULAV goes to extend time for over the limit). But it's should be already under investigation by F-Secure ULAV team maybe.

With your fsdiag and as report (if you want). And it should be work as stable behavior maybe (such as.. it same situation with my device).

//fsdiag-link from previous replies and "previous link" was same or should be same with link from reply. it's mean.. not really new one// :)

23
Regular Member

Re: ULAV fresh news

Yes, if I disable ULAV, then launch FF and then enable ULAV, everything is fine, but that's not really a solution. Thank you anyway. :)

 

Edit: I've sent a report from fsdiag to the ULAV support.

 

P.S. I don't like virtualization and never use it. Prefer common sense.

Superuser

Re: ULAV fresh news

Yes.. can be just as workaround for situation, when it's can be helpful. :)

Solution can be just.... if there can be fix/update for design of work (maybe there some of simple reasons... for current local behavior... but not sure that it's can not be something same about other software) after a report about it.

Probably it's certainly not a special virtualization. Just in somewhat reason.. F-Secure ULAV prevent a save for changes after session of using Firefox (or part of changes). Maybe it's also related with changes about scanning platform and scripts-scanning.

Superuser

Re: ULAV fresh news

Sorry that I back to previous words about Firefox.

 

Spoiler

Just I decided to install Firefox again and look for that (about... what else can to do or why it's happened).

Not really friendly with Firefox... so.. I just go to search.. where placed a local files for Firefox (as profile settings).

 

-> It was something about (if there something as around modern system):

C:\Users\User-name\AppData\Roaming\Mozilla\Firefox\Profiles\some-characters.default

 

-> There indeed have some (a lot of) scripts... such as .js-files/.json and etc.

Some of them was with "related" (potentially) names: I thought about next ones:

sessionstore.js, prefs.js and other session/settings.js files; include subfolder with "backup" for session(?) as "previous.js" and .etc

 

-> I decided to do next action: for first -> some of scripts marked as safe. not helpful.

After that I decided to use "Mark as safe" (not scanning by F-Secure ULAV as exclusion) full folder (current one as profile-folder for Firefox).

Not work also. Firefox still with "virtualized"-result.

 

-> I decided to brief-check something around sessionstore/prefs .js-files. And probably it's can be that.. for example... prefs.js during work created a "copy"-file, which should be re-placing after session.

But I not get it under folder. It's not created... and not really "modified" during work with browser (?!).

 

-> So...I can to think... what if there can be work other layer of system (and file just a hidden for somewhat design).. or something as "alternative data streams" or other... So... I mean.. something.. which can be work and will be scanned.... when folder should be "excluded" from scanning?!

 

-> And as potentially... a reason for "virtualized"-result can be... that  "real-time created file or something as alternative data-stream" (or other meanings.. if it's can be under memory or other.. I not really friendly with technologies and computers-things) about prefs.js (and changes for that) can be not saved because..... it not possible to on-the-fly re-placing "previous one version" to "new one version" with re-naming from "temporary name" to "original name". Because there not happened save-changes/modify-action for pref.js, when F-Secure ULAV work.

Maybe it's related with "on access" usage. Such as... F-Secure ULAV scanning "new created file" (which not possible to exclude manually) and it's hooked/prevented... or something other... and it's not goes to be re-placed.

 

I goes to try read about "pref.js" under Firefox pages.. and maybe there have something same about potentially troubles with "virtualized"-result of Firefox. But not sure... how certainly it's can be related with F-Secure ULAV design.

But maybe it's indeed related with new scanning platform (where .js-files/resources/scripts goes to be scanning under cloud too). So will be interesting to read.. response from F-Secure about "situation" (and reasons for behavior, whic there will be in fact).

 

Sorry again for new one reply.

 

Supporter

Re: ULAV fresh news


@Ukko wrote:

Hello,

 

23,

Spoiler

it's strange... just because it should be normal work.

But there I mean.. that link should be "valid", size... around "valid"-view.

Maybe there something goes wrong during download (by Firefox-specific?) or 7z-settings.

 

Anyway.. just for re-try: direct-link can be also found by next steps:

https://www.f-secure.com/en_US/web/home_us/support-tools

-> there will be direct link for ftp-download:

ftp://ftp.f-secure.com/support/tools/fsdiag/fsdiag.zip

But maybe need to visit: ftp://ftp.f-secure.com/support/tools/fsdiag/   and get fsdiag from there (such as.. if there something wrong with downloading). 

My experience with 7z comes just as "tool". Such as.. I not use it as "default" software for zip/archive-extensions. So.. by default.. there will be try to open or (unzip) it by default Windows mechanism for .zip-files.
With 7z I can to manually unzip/unpack current archive, but not open (as normal) with another extension.
Also.. there can be trouble just around directory-name (better to try... something where can be just English-words!? under folder and before that).
It's just for dreams around.

Anyway... maybe I just will try to do same steps for Firefox :) to see how it will be with my device too.

Sorry for reply again.

 New addition:

Spoiler

With Firefox... and my experience (under one device).... comes with next points:

 

-> Firefox work normally about "closing" or speed of work.

It's looks like OK. And there just fresh installation of Firefox with disabled "auto-update-service" and some of other re-changes for settings; And not installed any of plugins/addons (except.. default ones);

 

But there was strange point... in somewhat reason.... Firefox does not save "history of changes". Each launch was as "first one".

 

-> Can it's also be.. that your experience about troubles.. comes just from add-on?

Did you try not just disabled F-Secure ULAV, but disabled or temporary remove current add-on (which also have troubles under your description);

 

@klima89,

Spoiler

you have good design. :)

I feel "re-scan" each time (practically) for folders with a lot of executable files (but there include "local"-scan too.. if databases goes be updated).

And during first launch "my music-media-audio-player" (as example) per session.


What about "installation" as main words under your dreams...  F-Secure ULAV have more "speed"-work, than it will be with FS Protection (F-Secure IS) as example. :)

But it's indeed can to take more time...  and maybe it's normal (during reinstallation). Cloud-databases can be with changes. And current file or part of file.. or other streams during installation already can be marked as malicious. It's should be with re-scan probably :) And any "real-time" actions should be under control.

Also.. with my experience.. not all "installation" goes to be with stuck. But most of trouble-point for me... it's installation for Windows Updates, which goes to be "paused" for uploading (?!) by F-Secure ULAV.. and installation take not just a five minutes, but more than hours.

Just with software.. there always differently. And usually.. it's does not take indeed more time, than it can be.

Also your network speed.. probably much higher, than my.

 

Sorry for reply.

Just decided.. to ask.. what certainly you mean.. about "reinstallation". F-Secure ULAV should to scanning any of new files.... if it was not whitelisted by (exclusion list). And if not whitelisted under Security Cloud;

Also.. how I can to understand.. Security Cloud trigger "upload" a file/metadata.. just if it's totally unknown file.

And it's normal. Just unknown file/metadata (or creating hash/ssdeep and check it).. or first "time in use" under system..... should be uploading for Security Cloud (?!) as visible something. And all other.. brief-"skipped" during normal connection. And just "signature-hash" re-checked.

 

But my experience with some of files (just static.. not launch/not install).. about "not temporary", but too much often "uploading" file/metadata to Security Cloud. Such as.. it's always "unknown" :) and not start be "known" already. It's often related with manual scan, but.... anyway... I not sure.. that it's related just with "ssdeep/hash"-creating action. Because it's looks like total/full upload as "unknown file". Which can be during download-files (or was before).


"re-instalation" means that I often uninstall the program to install it again after some time. And the point is that this program is still scanned during installation. And yes, it takes forever to install the windows update, developers must reduce transmission to the server, because only someone who has a big upload can easily use ULAV, without long waiting