Jump to content

New exclusions?


Recommended Posts

Hello -

Can someone tell me why it is that when I do a fresh install of immunet it has certain exclusions, then I will restart Windows and more exclusions will be added like: c:\windows\WinSxS , C:\Windows\Servicing etc...they are at the bottom of the list.... these appear to look different than the others. Notice the capitalization of "C" in the added exclusions after restart. Could it be a malicious attempt? 

Also please note - I cannot remove the exclusions! I get an error stating 'file exclusion cannot be removed'

 

Thanks,

Joe

excl.PNG

Link to comment
Share on other sites

Hi Joe & welcome to the Immunet forum!

I just checked my Exclusion list and it looks exactly the same as your screenshot (great idea to include the screenshot btw) so I very highly doubt there's anything malicious going on. Why those new exclusions have a lower case letter for the drive path is a bit of a mystery to me too!

The most logical reason for the devs to add these new exclusions is to correct issues associated with these Windows OS file paths. 

Even though most of the default exclusions can't be manually deleted rest assured that "does not" leave your system more vulnerable to infection if you're concerned about that.

Best wishes, Ritchie...

Link to comment
Share on other sites

If you look at the list most of the exclusions have to do with Windows Update.

If Immunet was scanning these files while Windows was updating if could take much longer to download & install the updates. These exclusions are also there to keep Immunet from using up excessive system resources. Once any new code is installed these files will be scanned when you run your next full scan.

Keep in mind that Immunet also has heuristic capabilities that can recognize suspicious activity. 

Except for Defender all the third-party AV exclusions can be manually deleted.

  • Like 1
Link to comment
Share on other sites

  • 2 months later...

Hi. Bringing this back to life as the Win.Trojan I've been fighting likes to hide in the WinSxS files. So I really need to have this scanning capability. Anyway to turn it on? I cannot seem to delete the exclusion. I *do* realize there are thousands of files here but when you are fighting this kind of malware, it's worth the loss of memory and disk resources.

Link to comment
Share on other sites

  • 2 weeks later...

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...