#734 Exceptions are buggy
Windows 10 64-bit, Version 1809
KIS 220.127.116.113 de app + drv verifier disabled
I noticed that exceptions are a little buggy. I use the program Process Hacker 2 (https://processhacker.sourceforge.io/), that gets detected by KIS as not a virus...
Starting with .713 KIS keeps detecting Process hacker files, even when i created exceptions for those files.
Also some other files get detected with exceptions configured, like an eicar.com file when i try to open that.
But many times exceptions work well, so i am not sure which part is buggy.
If you need traces tell me from which situation and i try to provide them.
EDIT: I added some traces where KIS detects an eicar file ,i added to exceptions, as soon i try to run it .
Operating system: Win 10, x64
System: Intel Core i7 4770 @ 3.4GHZ, 12,0GB RAM, NVIDIA Geforce GTX 1060 6GB, Harddisk 1TB
Product Version: 18.104.22.1683
Product Logs: https://cloud.qainfo.ru/s/rwFhbzUdrCFHX6E
As I can understand
- you run check first time
- Process Hacker files are founded and marked as a threat
- you add Process Hacker files to exceptions
- run check for second time
- Process Hacker files are founded and marked as a threat for second time ?
I had installed Process Hacker from your link, then ran check, add to exceptions and open this program. It opens normally. While new checks KTS doesn't mark Process Hacker as a threat.
Basicly as you described. Process Hacker 2 gets detected everytime, i never had this problem during the Beta.
Also works with an eicar.com file like i wrote, but with many other example Malware the exception works fine and KIS wont detect them if i added them to exceptions.
Those are traces where i scanned the folder where process hacker is installed/where all the files that get detected are in, with exceptions for all those files.
Developers say they cannot find in last traces moment when you had added Process Hacker to exceptions. Can you try reproduce it from very begging (including adding files to exceptions) with "full" traces?
Scan of the Process Hacker folder without exceptions to detect the files, added to exceptions then scanned again, ignored them, scanned again, added to exceptins again.
@helios_07, thank you!