Exceptions with Resident Protection

[Floods7]

The Avast On Access Protection (resident protection) detects a program that is running as a trojan. The program is safe. On the virus protection I put the program on the exception list but it doesnt carry over to the resident protection program. How do I make an acception in the resident protection?

[Lisandro]

You need to use two Exclusion lists:

For the Standard Shield provider (on-access scanning):
Left click the 'a' blue icon, click on the provider icon at left and then Customize.
Go to Advanced tab and click on Add button...

For the other providers (on-demand scanning such as the screen-saver or the Simple User Interface):
Right click the 'a' blue icon, click Program Settings.
Go to Exclusions tab and click on Add button...

You can use wildcards like * and ?.
But be careful, you should 'exclude' that many files that let your system in danger.

[DavidR]

Exclusion is one method, but the better option is a) confirm it is an FP, b) report it to avast as an FP and when analysed by them they will correct the FP in a VPS Update. This helps all avast users with this program.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect\* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them (Tech post above) until the problem is corrected.

[fuzzy29]

I have the same problem. I'm trying to install a VNC program on my other home pc's, but the file I'm trying to run is shown as a virus. Although this is technically true I don't want it to come up. I have added it to the exceptions list ( right click icon > Program settings > Exclusions > Add > "C:\Documents and Settings\Owner\Desktop\*" )
When I try to run the file, It comes up as a virus.
When I left click the Avast Icon in the system tray nothing happens.
Thanks in advance for any help.

[DavidR]

Apart from it is crazy to try and exclude the whole desktop folder, you should exclude specific files or you leave large holes in your security. I can't see how something can be technically true, it is either malware or its not, no technicalities.

The exception path can actually be copied from the alert pop-up.

Neither of the above options are ideal, the right way to go about it is to confirm or deny the detection and the file can be submitted for analysis (as mentioned in my last post) and correction of the virus signature. That way you don't need an exclusion and other people using that program are also benefiting.

Your problem appears to be you can't set the exclusion in the correct place, the standard shield.
Have (or did) you another AV installed in this system, if so what was it and how did you get rid of it ?

[fuzzy29]

There are no other AV's on my system. I know it's not good to allow a directory rather than the individual file(s), but I thought i'd try it.
It IS a virus. But it's a virus that I want to run.
Thanks for the quick reply, Dan.