Allow applications that DeepGuard has blocked to run through PSB portal
Is there an easy way to allow application that has been blocked to run from the PSB portal? In this case it is a false alarm as can be seen below:
Accepted Answers
-
Hi,
The application is blocked by DeepGuard as rare application.
You need to create the whitelisting using SHA1 hash for the application, via the following setting, and configure to trust the file:
* Real-time scanning > DeepGuard protection rule
0 -
If you look at the detection in security events and click the menu open you should see an option to "exclude by SHA1" or "exclude by file path". These links will take you to the profile used by the device with the detection and pre-populate the exclusion field for you.
You can now also submit a false positive from the same menu by selecting "report a possible false positive", it will upload the file directly from the client for analysis.
0
Answers
-
Hi,
Submit the application to our Anti-Malware team to investigate the file.
Open a ticket on the following webpage:
https://www.f-secure.com/en/web/labs_global/submit-a-sample#sample-file
Upload the file, and remember to click on this button [I want to give more details about this sample and to be notified of the analysis results] if you want us to contact you regarding the file, the analyses and the result. Remember to fill in the information, and describe the issue, so that we can analyze the situation and contact you.
The sample submission is analyzed by our analysts and databases, and is updated if necessary.
Note: Post your question in English in the "Description" field.
For more information on how you can submit a sample, read our Community article here:
https://community.f-secure.com/common-home-en/kb/articles/5436-how-can-i-submit-samples-to-f-secure
0 -
Is there an easy way for me to allow application that has been blocked to run from the PSB portal?
0