Excluding files/folders
This may or may not be an issue, but with the original beta of FSecure, I was able to exclude drives.. This iteration (new FSProtection) appears not to let me do that.. as I excluded 2 internal drives, namely 'D' & 'E' and the program promptly scanned both drives and quarantined exe's which was contrary to my wishes! The fact that the exclusions were 'allowed' by the program, should have done just that.. excluded them from the scheduled scan!
Comments
-
The problem is.. there are no exclusions available for selection from the scheduled scan screen, it states at the base of this screen that the settings within "manual scanning" are used.. but, over-ridden by default within scheduled scans.. regarding archive and whatever the program deems as suspect files irrespective of exclusions shown in "manual" screen!
Furthermore, there are no settings to select which drive/s to scan or exclude from the scheduled scan.. this has to be put into the finished product
-
You go to settings for manual scan and make the exclusions there. Then when the schedules scan has finished you check the scan report for information about excluded items/folders.
I've done this many times. No problems. In my case I have a lot of encrypted files with EFS that the scheduled scan can't access because it runs as system and not as "me" as a manual scan does. The manual scanning exclusion will make the scheduled scan skip these folders. Otherwise the scan report will be filled with "can't access" errors for every encrypted file, and I can't see other errors.
-
Well, it actually states on the scheduled scan screen that it will scan all archives/harmful files and take action.. that being Quarantine, which is where I had to go to restore them all, so it is different to the previous iteration of the security setup as I stated in first post, the previous version did allow exclusions in scheduled scan screen.
This is the terminology at the bottom of the scheduled scan screen.. Quote " Scheduled scanning uses the same settings as the manual scanning, except that archives are scanned and harmful files are cleaned automatically".. this is not satisfactory really, and as you say you aren't using this beta!
I guess this now requires escalating!
-
No.. I'm not saying it's any different, but when the exclusions for my internal drives 'D' & 'E' were classified as such, the scheduler did NOT scan those drives, but in this version it does. Irrespective of this, why is there no facility in the scheduling part to specify what scans I as the user would like. The manual screen is fine for one offs, but my scheduler is used far more and on a daily basis.
-
Ok, well in that case it's bad! Some other useful info:
Because of the real-time scanning it's not really necessary to scan manually/scheduled:
https://community.f-secure.com/t5/Security-for-PC/Should-I-manually-scan-my-hard/ta-p/15412
If you use the command line based scanner, FSAV, you can specify exactly what you want to scan. If you use Windows Task Scheduler to run it it will run as System just like an ordinary scheduled scan does. If you want to run it as a batch file you can use an MS utility called PsExec to run as System.
Edit: with "run it as a batch file" I mean run manually
Example here: https://community.f-secure.com/t5/Security/2nd-Full-Scan-is-not-faster/m-p/32585/highlight/true#M5744
C:\>"C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\fsav.exe" /?
Give scan path as first parameter. Supports multiple paths.
Paths are given without the parameter specifier.Other valid parameters:
/ALL Do a dumb scan of all files.
/APPEND Append to existing report file.
/ARCHIVE Scan inside .ZIP, .ARJ and .LZH files.
/BEEP Beep when a virus is found.
/DELETE Delete infected files.
/DISINF Disinfect whenever possible.
/EXT= List of file extensions to be used in the scan
/HARD Scan the hard disk(s).
/HELP Display this list.
/LIST List all checked files.
/NOBOOT Do not scan boot sectors.
/POLICY Read scanning parameters from the policy.
/QUAR Quarantine infected files.
/RENAME Rename infected COM/EXE files.
/REPORT= Send the output to a file.
/ROOTKIT Scan system for rootkits.
/SILENT No output.
/SPYWARE Scan the specified path for spyware
/SYSTEM Scan the computer for active viruses
/USEACCOUNT Always use the command-line scanner's account for scanning.
/VERSION Show scanner version information. -
You're welcome!
A note about the /POLICY parameter:
I started using that parameter because it was convenient, I didn't have to specify any other parameters because /POLICY uses the settings for the manual scan settings. The bad thing is that you can't really control what it scans even if you specify only E: for example. It'll still start scanning C: although I think it's because it automatically scans the "system" also (/SYSTEM)
IMO it's better to specify all parameters needed and skip the /POLICY
Example: fsav.exe E: /ALL /ARCHIVE /BEEP /QUAR /SPYWARE
This will scan only E:
🚩 What Do You Think?
We’d love your thoughts on our fresh look! Quick survey, big impact!