Turning off background scanning whilst leaving real-time scanning on

Hi,

I get the same alerts every time the background comes across certain files in my pc.

I DO NOT want to add these to exclusions, as some of them I have doubts about and would like to investigate properly in the future before opening / installing / running them. I DO NOT want to delete them either.

Therefore, what I’d like to do is:

  1. Turn off the background file scanner so that I don’t get these alerts all the time, BUT leave real-time on-access scanning on, so when any potentially dangerous file is opened I get a virus alert ( I’m assuming that when the real-time scanning option is disabled, on-access defence is also disabled?).

OR

  1. Exclude these files from the background scanning ONLY, so they don’t cause alerts, but when I run a manual scan they are detected.

Right now the only way I seem to be able to stop these alerts is by disabling real-time scanning in the anitivrus options, but as I mention, I do not want to leave this disabled as unless I’m mistaken this also disables on-access defence.

Thanks.

On access and real time scanning are the same thing. What do you mean with background scanner?

OR
  1. Exclude these files from the background scanning ONLY, so they don’t cause alerts, but when I run a manual scan they are detected.

Right now the only way I seem to be able to stop these alerts is by disabling real-time scanning in the anitivrus options, but as I mention, I do not want to leave this disabled as unless I’m mistaken this also disables on-access defence.

Thanks.

You can add the concerned files to the Excluded Applications of the AV.

I mean when Im working on the PC, I get alerts about his file or that. Im not manually running a scanning, and Im not actually opening those files, but I still get these alerts.

I want Comodo to ONLY give me alerts about these files when I access them, or when I run a manual scan - not at random times at the time when Im working.

Regarding the exlcusions list, as I said in the first post:

“I DO NOT want to add them to the list of excluded apps…”

RealTime scanning is the same as On Access.
You cannot have alerts when accessing the files unless On Access is turned on.
If the AV is set to Stateful, once scanned, you will only get alerts if the file has been changed or it is infected.

Hi guys,
I believe alerts should not occur unless the file is accessed somehow.
I suspect the ‘cache builder’ or ‘scanning optimization’ might be accessing the file in question, try with these options disabled.

Real-time Scanner Settings-Comodo Help

Kind regards.

To add to captainsticks. There may be an indexer running in the background.

Ah yes. I believe the Windows 8.1 search function has some kind of indexing service to make its search results appear faster. Is that a possibililty?

The file IS infected. In spite of the fact that it thinks it’s infected, I dont want the reminders for those specific files.

I don’t think there’s a way to do what you want, but you could add the files in question to an encrypted and password protected archive, if you don’t need it continuously…

Ok I have turned those settings off and will wait and see.

Re: Turning off background scanning whilst leaving real-time scanning on

Following up after your idea to turn off scanning optimisation and cache builder, unfortunately that hasn’t worked.

I think utorrent might be causing this. Running in the background accessing the files.

In the middle of other work on the PC, virus alerts for a bunch of files in a folder I haven’t accessed in months have just started popping up.

Is it possible to set up the antivirus so that it only gives alerts for certain folders when those foders are accessed by the user, not an application?

Or maybe when a file is OPENED by a user, rather than ‘accessed’ by an application (is there any difference?). Im guessing not casue I dont see anything in the options but nothing else I can think to try. An advanced config file in a program directory?

Thanks.

This is not a good idea, as any time a file is accessed, whether directly by the user or by a program, and that file is viral, it will infect your system.

Sometimes backround programs such as utorrent or windows search indexer access a file without executing it. For example, utorrent continuously accesses a file to write to it , when that file is being downloaded.

Considering this, Im not sure what you mean here John when you say merely accessing an infected file causes it to infect a system. How can a file which has a virus infect a system if that file is just accessed for the purposes of being written to, not executed?

John is wrong here. It is only of rare cases of an exploit where accessing a file is enough to get infected. That doesn’t seem to be the case with you.

You could exclude the uTorrent folder or the offending files from the Real Time Scanner. However, there is a risk involved. If you would execute a malicious file from the uTorrent folder the real time scanner will not warn. That’s your responsibility to remember.

I have excluded some folders from scan but I have noticed a behaviour which , if it is by design, seems a bit strange: If a folder is located in a folder which is on Comodo’s exclude list, when performing a scan on that file using Comodo’s virus scanner, it comes up as clean (even though this file is considered to have a virus when it was not in the excluded location). It’s as if Comodo , rather than just excluding it from scans performed ( and background scanning), actually treats the file as if it were clean, or a false positive.

Is this just the way it works once a file is in an excluded location (and by design), or something that is configurable? I need to keep these files on my drive for various reasons (sometimes I need time to investigate whether such files are false positives for example) , but I DONT want Comodo saying that files are clean, just by virtue of being in an excluded location.

When you exclude a folder CIS will also exclude everything in that folder including subfolders. Does that answer your question?

To answer your original question add utorrent to the excluded applications tab in AV exclusions and you will see by default searchindexer is already set to be excluded. This way real-time scanning is disabled against files created or modified by utorrent but during a manual/on-demand scan the files/folders will be scanned allowing you to check for malware. When you exclude a file/folder under excluded paths then both real-time and on-demand scans ignore set exclusions.

Ok yes this is the solution. THanks.