DIVERSE ✭✭✭

Not exactly that I just noticed it, but it's true that I hadn't mentioned it in the forum. On the other hand, nobody had mentioned it in this thread, so I figured that an update was warranted :-p

Hi, all. @Gjoksi, I may be less of an IT security expert than you, but I didn't notice suspicious elements of the Javascipt code you posted. Maybe I just overlooked it, or maybe it was further down (past what the screenshot showed). @Flexx, that's a neat trick. Indeed, when you posted that file, nine out of 59 vendors'…

Here is the new pop-up: Multiple online threats blocked We continue to block dangerous connections silently, in the background. You can review them in the Notifications area. You're safe! More details Although it took quite a while, I reckon this is close to what customers had been asking for. In this case I only found one…

I have noticed that recently there is an improvement. Maybe Bitdefender were indeed (slowly) working to address the concern about multiple pop-up messages voiced by quite a few users here. Now the first notification shows up more-or-less as before, but subsequent messages are bundled together into a single popup saying…

OK, I have noticed that I might have overlooked something. In my first post of this thread I included a screenshot of notifications in the BIS GUI. Notice that the "Critical" tab was selected. The two relevant notifications both relate to E: (the earlier notification is expanded below as confirmation). I'm not sure how the…

I have found what looks to be the general setting in BIS, namely "Scan potentially unwanted applications". I temporarily disabled that feature, renamed the executable to "PrimoPDF_LollyshopTest.exe", and then re-enabled the feature. That way the 'new' file can't have been recorded by BIS as having been recovered from the…

Still unable to completely reproduce the original issue. I can reproduce the same warning in FFS. After hitting "Retry" a couple of times (with the same result), eventually some on-screen notifications are shown from BIS — rather delayed, I would say. Furthermore, the notification shown in the GUI (below) is misleading: it…

Statistics for the 7.20 MB file c/o 7-Zip: Size: 7549704 bytes (7372 KiB) CRC32: 01D76399 CRC64: 819955ADDCB2EA67 SHA256: 600408029D622447C7BAB40A0DE9C67B35037FA1C0FA69B7F24E06F8F75EF181 SHA1: BD3D451BFB56B02EDD3D2D1FEA10E29EC94F1A8C BLAKE2sp: 296AB7A4F3B5CBEE010818FF49488EAD535613EDBF9AAB1B37BF63CE1FA0C28C

Checking the browser I would have been using at the time the original PrimoPDF installer file was downloaded, it appears that it most likely came from either primopdf.com or cnet.com (both accessed on 2017-06-23). Neither of these are still accessible: http://www.primopdf.com/ (now redirects to gonitro.com)…

OK, I think I may have found a source for the installer that I originally had: through SourceForge. File size is given as 7.6 MB. SourceForge itself flags that the executable installer "may be infected with malware". SPOILER: actually, it turns out that this is not the same file that I originally had. While attempting to…

FWIW, I have downloaded the PrimoPDF installer from Softonic. VirusTotal reports it as clean. BIS on my system (with heuristic checking enabled) also reports that it is clean. FFS has successfully copied the PrimoPDF installer file that I got from Softonic to the portable HDD. No notifications from BIS. The (new) original…

As a follow-up, I thought I would submit the 'offending' file to the VirusTotal website. Imagine my surprise to find that the original file has disappeared. Disappeared from my local HDD. No sign of it in the (intuitive) location indicated by the paths shown in the screenshots. No sign of it in the Recycle bin. No sign…

I alluded to this previously, but to make it more explicit here: the default duration that the popups are on screen (and steal focus) is much too long. I got these today The upper box is quite large, and includes a button with progress-bar colouring. It felt as though it was on screen for 30 seconds. That could just as…

I notice some correspondents indicating confusion as to why gamers are given special dispensation, and mentioning that they aren't gamers themselves. Maybe you could create a new profile (copy-and-paste of the Game profile), and call it, e.g., Power User profile or Focussed/Intensive Work profile. That might partly address…

I agree. If the notifications did not take operating-system focus, then it'd be easier for users to ignore. By contrast, I am thinking vaguely of notifications that emails have arrived: I think I've seen tooltip-like email notifications that fade after a few seconds (customisable), and also changes to the icon in the…

Yes, it would at least be informative if the notification said "Blocked Website xyz.com from attempted [brief indication of category of dodgy behaviour]." At the moment, as I recall, if you have several tabs open (or several browsers on the go!), and indeed several applications running, then the only way to find out is to…

Just for clarity, that's not a website that I manage. (But I have been trying to encourage them to use HTTPS.) In any case, is "Subject Alternative Name" different from "Certificate Subject Alternative Name" under Extensions (see screenshot)? If they're the same, then it seems like it may be merely some slight syntax…

OK, from @Flexx's advice in another post I went to https://www.sslshopper.com/ssl-checker.html#hostname=https://www.auskec.kr , which reports two warnings (not errors). ~~~~~ The certificate is self-signed. Users will receive a warning when accessing this site unless the certificate is manually added as a trusted…

"This is pretty helpful to know about, because suddenly today I was unable to launch Safepay from the usual icon in the Dashboard of the Bitdefender Security Center. When I click that icon — or even double-click it — it fails silently, i.e. it apparently does nothing." It's working again: I can launch Safepay by clicking…

One piece of good news ...and another head-scratcher Amongst all of this I was pleased with the speed of the scan. Back on 11 December 2018 I ran a full system scan with Kaspersky Internet Security. It took somewhere between 16 and 19 hours to scan 6.7 million "files" (as counted by KIS). Then over the past few days…

Settings not user-friendly One hypothetical justification for not warning the user of the impending permanent file deletions would be that "The setting is obvious to the user". I do not believe that such a justification can reasonably be applied in the case of BIS, due to the user-unfriendly nature of the settings…

Files gone forever My larger concern is that not only was there no warning that the files would be deleted, but it seems to be impossible to undelete the files — they don't go to the Recycle Bin or quarantine; rather, they are permanently deleted. Functionality to undo the deletion of files has been requested before. A…

Besides the option of emailing the file, I discovered there's also a website form at Just mentioning it here for completeness. Also, as a follow-up, the team at Bitdefender did analyse the file, and (after a couple of weeks, as far as I vaguely recall) in a later version of the Bitdefender Internet Security software I was…

I may have misinterpreted this comment: "Safepay does not have a separate executable that can be opened in a sandbox environment, it is designed to be the only open application, for security reasons." [Emphases added.] So actually there is a separate executable file — in my case it's located at "C:\Program…

Hi, Gjoksi. Thanks for the tip. Sorry if this is a naïve question, but how would I know if it's actually a false positive before I report it as a false positive? Or do you think that my logic is good enough that because the website looks legitimate, then prima facie it may be a FP, so that's a reasonable basis to report…

Thanks for merging my posts, Gjoski. I suppose I could have done that too, but emotionally I was too far gone.... Flexx, thanks for confirming my hunch that it was more likely a behaviour-blocker, so white-listing of files wouldn't be a workaround. I have emailed the team at the address you provided. ...In fact, I had been…

I forgot to mention here that my OS is also Windows 8.1. The latest release of BD/Safepay was being used. —DIVERSE

Thanks for testing it at your end too, Gjoksi. That looks the same as what I saw. I was wondering why one of the circular icons in the first screen shot is able to be displayed for us, but not any of the others. Speculation: could it be that the image files are located on different (sub)domains? [I believe that some email…

Hi, Alexandru. I've tried it today again with & without VPN after BIS was updated (to 26.0.30.102). The behaviour for that website is the same as reported previously. [Incidentally, I noticed that I missed circling one other glitch: the telephone icon at top right of the page in the previous screenshots also appears as a…

Hello, Alexandru. Following up on this, I think the easiest thing I can do is take a screenshot from an ordinary browser, and describe the difference in SafePay. From https://secure.amp.com.au/ddc/public/ui/term-deposit/ , the graphical elements circled in magenta are rendered in SafePay as just plain squares. If you click…