Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: firzen771 on January 24, 2010, 03:57:38 PM
-
the exclusions in the main program settings that say it applies to on-demand scans AND realtime shields doesnt work, thers this file i have that is being flagged by the realtime file shield even after i put it into the main setting exclusions.
-
works here; I had such an issue with an FP a few days ago; put the corresponding program folder in the main exclusion list and it worked, for shields as well as manual scanners. Just checked again now with another folder ;)
-
works here; I had such an issue with an FP a few days ago; put the corresponding program folder in the main exclusion list and it worked, for shields as well as manual scanners. Just checked again now with another folder ;)
guess its on my machine cuz wen i launch the file i still get an alert after putting its folder into the main exclusions...
-
works here; I had such an issue with an FP a few days ago; put the corresponding program folder in the main exclusion list and it worked, for shields as well as manual scanners. Just checked again now with another folder ;)
guess its on my machine cuz wen i launch the file i still get an alert after putting its folder into the main exclusions...
OK wait I'm gonna test again with EICAR...back in a minute.
-
OK I'm a bit surprised, because as I said when I excluded a folder recently I could run the program wrongly flagged as a virus in it...and guess what, I can exclude a folder with all eicar files in it, ie prevent it from being scanned, but when I open an EICAR ZIP there, it's still sent to Chest ???
-
What exactly did you put into the exclusions?
-
What exactly did you put into the exclusions?
if the question is to me:
I put the folder containing the EICAR files there...
-
Well, I mean the exact form of the mask... \* at the end?
Also, how do you "open" eicar.zip there? Using Windows Explorer for example? Is the path reported in the virus popup (when sending the file to Chest) the same as the one you put in the exclusion list?
-
Well, I mean the exact form of the mask... \* at the end?
Also, how do you "open" eicar.zip there? Using Windows Explorer for example? Is the path reported in the virus popup (when sending the file to Chest) the same as the one you put in the exclusion list?
no mask in the end of the string, I thought pointing at the folder was enough so that all the content would be excluded. Apparently that's enough for the scans (shields and manual) but not when launching a file. How did I open the zip? just a left click to open the archive. And yes the path was of course reported on the pop up as the zip was sent to chest...
So I guess I should retest by adding /* at the end of the path right...
-
...off topic: a forum bug, I just clicked on one post in my post list to get here and it had no effect, as if I was clicking on nothing. Clicking on another post link of the same thread worked
...on topic: my bad, I just looked at the path in the exclusion list, and /* was added automatically... so back to the starting point, how come the ZIP got scanned when I opened it? am I supposed to add extensions too to the path ???
-
Well, I mean the exact form of the mask... \* at the end?
Also, how do you "open" eicar.zip there? Using Windows Explorer for example? Is the path reported in the virus popup (when sending the file to Chest) the same as the one you put in the exclusion list?
no mask in the end of the string, I thought pointing at the folder was enough so that all the content would be excluded. Apparently that's enough for the scans (shields and manual) but not when launching a file. How did I open the zip? just a left click to open the archive. And yes the path was of course reported on the pop up as the zip was sent to chest...
So I guess I should retest by adding /* at the end of the path right...
ye i assume putting in the folder wuld exclude everything in it? that wuld make sense afterall.
-
I posted again above, /* was in fact added automatically
-
just a left click to open the archive. And yes the path was of course reported on the pop up as the zip was sent to chest...
So I guess I should retest by adding /* at the end of the path right...
OK, let me ask in a different way ;)
Do you have any special (3rd party) software associated with the ZIP extension, or do you use the internal Windows ZIP support?
so back to the starting point, how come the ZIP got scanned when I opened it?
Did you enable any non-default packers (let's say ZIP specifically) for the File System Shield?
-
just a left click to open the archive. And yes the path was of course reported on the pop up as the zip was sent to chest...
So I guess I should retest by adding /* at the end of the path right...
OK, let me ask in a different way ;)
Do you have any special (3rd party) software associated with the ZIP extension, or do you use the internal Windows ZIP support?
so back to the starting point, how come the ZIP got scanned when I opened it?
Did you enable any non-default packers (let's say ZIP specifically) for the File System Shield?
OK :) so to the two questions yes: I use WinRar and I added ZIP and RAR to packers as well as to custom extensions in the file shield settings. I've thought this could interfere but concerning folders and their content, excluded is excluded no ?
-
well for me the file is just in a folder, no archive no nothing, when i open the folder thers no alert, but wen i access the file i get an alert...
-
well for me the file is just in a folder, no archive no nothing, when i open the folder thers no alert, but wen i access the file i get an alert...
yeah because it belongs to the scope of the file shield, and it shouldn't be scanned, even when triggered manually (launched)
-
Well, it seems that the global exclusions simply don't work for the resident shields...
I thought it was already fixed, but apprarently not... maybe it's a "feature" and the description in the global exclusions window should be changed, don't know.
-
Well, it seems that the global exclusions simply don't work for the resident shields...
I thought it was already fixed, but apprarently not... maybe it's a "feature" and the description in the global exclusions window should be changed, don't know.
don't know, that's weird because, as said earlier in this thread, after an FP I had a few days ago, I could run the involved program by excluding the folder where it's located...(before the virus def got updated)
-
Well, it seems that the global exclusions simply don't work for the resident shields...
I thought it was already fixed, but apprarently not... maybe it's a "feature" and the description in the global exclusions window should be changed, don't know.
well i hope its fixed at some point either way.
-
I hope it gets fixed too. I can't exclude a PUP (smsniff.exe) on my computer. Added to both File Shield and Main exclusions and it still is detected. :(