[SOLVED] DeepGuard features still take the exclusion into use, regardless if the setting has been disabled

F-Secure Product Expert

[SOLVED] DeepGuard features still take the exclusion into use, regardless if the setting has been disabled

Products affected: All Corporate/Consumer Windows product range

Problem: Exploit Protection & Advanced Process Monitoring still take the exclusion list into use, regardless if the setting has been disabled.

The excluded items in the object list are still taken into use by the DeepGuard features, even if:

1. On the client: The setting "Excluded Objects (files, folders, ...):" has been disabled. Go to the Settings window, and navigate to Computer > Virus & Spyware Scanning > Open excluded items list > Objects.
2. Policy Manager (Advanced Mode): The setting for "Exclusions Objects Enabled" has been disabled. Go to F-Secure Anti-Virus > Settings > Settings for Real-time Protection > Scanning Options > File Scanning > Inclusions and Exclusions > Excluded Objects Enabled.
3. PSB Profile Editor: The setting for "Exclude objects from real-time scanning" has been disabled. Go to Scanning exclusions > Exclude objects from real-time scanning.

Visible effects: Exploit Protection/Advanced Process Monitoring does not block the malicious file.

Workaround: Remove the excluded items in the object list that you have set, to ensure that the DeepGuard features stop taking the exclusion into use.

ETA: Please be informed that the fix has been released to the channel. To verify, kindly ensure that AUA has downloaded, and installed F-Secure Scanner Manager Update 2016-11-01_01. (EDITED)

Internal reference: MP-439