Exclude Process Explorer in VG log

Discussion in 'Returnil releases' started by philby, Sep 26, 2010.

Thread Status:
Not open for further replies.
  1. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    Hello

    I have VM set to 'Trust Programs from Real Disk Only'.

    When I run PE, I get this message: 'Unable to extract x64 image. Run PE from a writeable directory'.

    That's as expected.

    However, if I then go to the AV log and exclude the entry for PE shown below, I still can't open it - i.e. it has not been succesfully excluded.

    Capture.PNG

    How can I exclude PE correctly so it can run without my having to change the VM setting to 'Allow programs to run normally' every time?

    In RVS 2008, I used to get anoption to allow/disallow and that always worked!

    Thanks in advance

    philby
     
  2. Coldmoon

    Coldmoon Returnil Moderator

    Joined:
    Sep 18, 2006
    Posts:
    2,967
    Location:
    North Carolina USA
    After highlighting the entry and selecting the Exclude button, is the entry added to the exclusions list (Virus Guard > Scan > AV Exclusions > Define List link)?

    If not, what happens after adding the folder/files to the list manually?

    Mike
     
  3. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    Highlight > Exclude fails to add anything to the exclusions list.

    I can add C:\procexp.exe to the list manually and that sticks
    I can't add C:\procexp64.exe manually - that doesn't stick.
    I can also add C:\Users\philby\AppData\Local\Temp\procexp64.exe manually and that sticks.

    I can then open PE, but I get continual and unceasing 'Untrustworthy program...' warnings about C:\Windows\System32\Drivers\Procexp141.sys - even after I close PE. Correction - they eventually stop!

    I cannot add ...141.sys manually - the file is not shown even with the necessary hide boxes unchecked in Explorer.

    Checking those warnings and adding them to the Exclusion list via VG > Log doesn't help either.

    philby
     
    Last edited: Sep 27, 2010
  4. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    Mike - I just rebooted (VM on / drop all) and got another 3 warnings re. C:\Windows\System32\Drivers\Procexp141.sys

    Even after a reboot?

    philby

    PS Maybe this is connected to my open support ticket 508649, regarding Win7 64 and SSD issues.
     
Thread Status:
Not open for further replies.