Jump to content

Recommended Posts

Hello -

Can someone tell me why it is that when I do a fresh install of immunet it has certain exclusions, then I will restart Windows and more exclusions will be added like: c:\windows\WinSxS , C:\Windows\Servicing etc...they are at the bottom of the list.... these appear to look different than the others. Notice the capitalization of "C" in the added exclusions after restart. Could it be a malicious attempt? 

Also please note - I cannot remove the exclusions! I get an error stating 'file exclusion cannot be removed'

 

Thanks,

Joe

excl.PNG

Share this post


Link to post
Share on other sites

Hi Joe & welcome to the Immunet forum!

I just checked my Exclusion list and it looks exactly the same as your screenshot (great idea to include the screenshot btw) so I very highly doubt there's anything malicious going on. Why those new exclusions have a lower case letter for the drive path is a bit of a mystery to me too!

The most logical reason for the devs to add these new exclusions is to correct issues associated with these Windows OS file paths. 

Even though most of the default exclusions can't be manually deleted rest assured that "does not" leave your system more vulnerable to infection if you're concerned about that.

Best wishes, Ritchie...

Share this post


Link to post
Share on other sites

If you look at the list most of the exclusions have to do with Windows Update.

If Immunet was scanning these files while Windows was updating if could take much longer to download & install the updates. These exclusions are also there to keep Immunet from using up excessive system resources. Once any new code is installed these files will be scanned when you run your next full scan.

Keep in mind that Immunet also has heuristic capabilities that can recognize suspicious activity. 

Except for Defender all the third-party AV exclusions can be manually deleted.

  • Like 1

Share this post


Link to post
Share on other sites

Hi. Bringing this back to life as the Win.Trojan I've been fighting likes to hide in the WinSxS files. So I really need to have this scanning capability. Anyway to turn it on? I cannot seem to delete the exclusion. I *do* realize there are thousands of files here but when you are fighting this kind of malware, it's worth the loss of memory and disk resources.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...