Add my vote!!! If you add an item to the exlusion list, it shouldn’t be scanned at all.
I’m also really curious as to why there would be a “File Group” for “Executables” and “All Applications” but not for media files or digital pictures. Wouldn’t it make sense to exclude generally non-executable files like JPGs, MP3s, MPGs, and their like?
The release notes for 3.8.65951.477 say “FIXED! AV Exclusions do not work”. Well I can tell you, they still don’t work.
When I choose to scan Critical Areas, whether scheduled or on demand, it scans far too many files, and for far too long. I’ve added exclusions, but as other people have noted, it still scans the excluded items anyway.
Using FileMon from SysInternals, I found that Comodo is reading the entire contents of all the files its scanning, even the excluded ones, like log files, text files, media files, etc. This is so annoying, as I sit there waiting for the scan to finish, knowing that Comodo is ignoring what I tell it to do, or not to do.
Why spend so much time scanning what doesn’t need to be scanned?
I think what was fixed was actually another problem.
Something to do with exclusions still giving detection errors if you do a right click scan or something.
But yes, it is pretty frustrating when you tell CIS to exclude something and it still ends up scanning it…
From our friends at Miriam-Webster.
One entry found.
Middle English, from Latin excludere, from ex- + claudere to close – more at close
1 a: to prevent or restrict the entrance of b: to bar from participation, consideration, or inclusion2: to expel or bar especially from a place or position previously occupied
The exclude option only supresses detection rather than scan exclusion. there could be a few reasons -
the underlying assumption being that the number of false positives would be very low and the file sizes would also be small hence the performance boost from scan exclusion could be minimal (exclusion is only for false positives and not for large files, which is a different option)
any scan exclusions would add an overhead check on the scan telling it what to scan and what to exclude which may not be the case today. even if it is present today, it probably follows an algorithm to scan files placed in the HD sequentially to maximize read speeds. exclusions could lead to jumps in this process.
Performance boosts through scan exclusion is definitely not minimal in the case of folder excluding. For example, on my system, I have over 17GB of non-infectable files that it is silly to scan. If I was able to exclude these folders, that would be a serious improvement in scan time.
Yes. As has already been mentioned, we’re not talking about file size here, so the file size limiting doesn’t apply.
Not to mention that ‘exclude’ doesn’t make sense if the action is actually just ‘ignoring’ a detection. See the defintion of the word ‘exclude’ that I posted earlier.
So you’re saying that the overhead of the scan engine having to keep track of which files to exclude is going to be more resource intensive than the resources used to actually scan the files? I find that a bit hard to believe. You’re going to have a single check to verify if the file is to be scanned or not. Whereas scanning the file has to scan the file, compare the hash with the virus DB, etc…
OK, 3.9 is now out and excluded files are still scanned…
What’s the story here?
And please don’t say that with the new “stateful” scanning mode, exclusions aren’t necessary because only files that have been modified will be scanned. Egeman made a post in the thread asking whether the new stateful mode was a security risk saying that when virus definitions are updated, this will be reset and the files will be rescanned. So in the case of a weekly full system scan, the “stateful” mode is as good as irrelevant as surely there has been a virus definition update over the course of the week. In fact, with that in mind, “stateful” is only useful for about 8 hours. (General time frame of when CIS automatically updates the definitions)
For every other product I can think of, anything on the exclusion list is excluded! Why does CIS merely ignore instead of exclude?
Normal exclusion method = Exclude files from scan. (Files are not included in scan)
CIS exclusion method = Scan excluded files, suppress any detections. (This would be ignore, notexclude!)
Please add an actual exclusion function to CIS. Ignore is just a waste of resources.
I’m curious how you are testing this. Is there some indicator in CIS when a file is being scanned in real time? And was perhaps the exclusion you noted during the real time scan a function of stateful scanning?
Because if the real time scanner is indeed excluding, then it would appear that the functionality is already built in to the scanning engine and the on demand utilization of the feature is simply broken. In which case this would be a bug and not a wish…
Egeman? I know you developers loathe to answer questions like this, but could you please speak up on whether or not the list is functioning as intended? Any hope of actual exclusion in the future?
Well i toke a zip file that has about 350 malware that is detected by CIS and exculuded it then using 7 zip i extracted the file and at the same time watched in Task manager for Real and Virtual memory and CPU usage NO change. cmdagent was using NO CPU when i was extracting the malware
However i will also try with real time set to on Access
Tryed with ON access, same result memory did not grow and when i was extracting all the files cmdagent.exe did not use any CPU.