Exclude Process Explorer in VG log

Hello

I have VM set to 'Trust Programs from Real Disk Only'.

When I run PE, I get this message: 'Unable to extract x64 image. Run PE from a writeable directory'.

That's as expected.

However, if I then go to the AV log and exclude the entry for PE shown below, I still can't open it - i.e. it has not been succesfully excluded.



How can I exclude PE correctly so it can run without my having to change the VM setting to 'Allow programs to run normally' every time?

In RVS 2008, I used to get anoption to allow/disallow and that always worked!

Thanks in advance

philby

 

After highlighting the entry and selecting the Exclude button, is the entry added to the exclusions list (Virus Guard > Scan > AV Exclusions > Define List link)?

If not, what happens after adding the folder/files to the list manually?

Mike

 

Highlight > Exclude fails to add anything to the exclusions list.

I can add C:\procexp.exe to the list manually and that sticks
I can't add C:\procexp64.exe manually - that doesn't stick.
I can also add C:\Users\philby\AppData\Local\Temp\procexp64.exe manually and that sticks.

I can then open PE, but I get continual and unceasing 'Untrustworthy program...' warnings about C:\Windows\System32\Drivers\Procexp141.sys - even after I close PE. Correction - they eventually stop!

I cannot add ...141.sys manually - the file is not shown even with the necessary hide boxes unchecked in Explorer.

Checking those warnings and adding them to the Exclusion list via VG > Log doesn't help either.

philby

 

Mike - I just rebooted (VM on / drop all) and got another 3 warnings re. C:\Windows\System32\Drivers\Procexp141.sys

Even after a reboot?

philby

PS Maybe this is connected to my open support ticket 508649, regarding Win7 64 and SSD issues.