F-Secure Computer Protection MacOS - scanning exclusions

Hi,

I'm running into problems on my MacOS laptop that are related to F-Secure Computer Protection installation:

After installing F-Secure Computer Protection (version installed: 17.5 (20488)) I have noticed significant performance loss especially when running virtual machines in VMware Fusion.

I have tried to apply this solution to F-Secure Computer Protection:

https://community.f-secure.com/t5/F-Secure-SAFE/F-Secure-SAFE-Mac-scanning/m-p/92071

but while it might have helped somewhat it is not enough.

While Malware Protection is on I'm seeing finder freezes time to time, applications run slow when system is under high disk I/O load and VMware Fusion becomes unusable until I disable Malware Protection under F-Secure Preferences.

(when booting up VMware Fusion virtual machine for example Windows 10 it might take over 15 minutes to it to become usable at some level).

I'm running latest MacOS version and patch level on MacBook Pro (15-inch, 2016) which is still considered to be fairly new.

Disabling XFENCE did not affect performance.

I'm now in need to exclude the virtual machine's files from realtime scanning to be able to fully use this product.

Is there any way to implement file exclusions by extensions or path with configuration files while exclusions are still unavailable from PSB portal or Preferences Panel?

Find more posts tagged with

Comments

kukushechkin

Oh, that's a witty idea. Indeed, fsavd process is being launched sandboxed and you can prevent it from scanning partcular pathes by denying sandbox access, but I have doubts it will fix performance issues as interception will still happen. But feel free to try, results could be very interesting

So, in order to deny access to a particular subpath, add following lines to /usr/local/f-secure/fsmac/sysconfig/fsavd.sb:

(deny file-read*
       (subpath "/Users/tester/Downloads"))

This will prevent Downloads folders of user tester from being scanned.

etomcat

Hello,

> unfortunetely there is no path exclusions in Mac products at the moment, there is even no magic internal file you can modify

Would it be possible to "abuse" the Mac OS X permissions system to ban F-Secure software from accessing the folders which need to be excluded from scanning?

(Apple Mac OS X is apparently based on the BSD kernel and Un*x-style operating systems have elaborate "rwx" permission schemes for file and folder access.)

Best regards: Tamas Feher, Hungary.

kukushechkin

Hi. No, unfortunetely there is no path exclusions in Mac products at the moment, there is even no magic internal file you can modify, however, as it one of the most requested (obviously) features, we will deal with it in the near future.

What about your case with VMWare, please, contact support, provide them fsdiag files and ask to mentione that that fsdiag is related to this topic.