For a long time now my Norton Internet Security has been flagging seven compressed files (.rar files) as High Risk.  A few minutes after each boot up (or wake-up) of my computer (or sometimes seemingly just randomly) Norton pops up a screen showing me the same seven files, calling them High Risk, and allowing me ony to do nothing or to delete everything associated with them.  I know what these files are and I am willing to accept the risks so I would like to exclude them from the scanning (or at least reporting) function ... that is, I don't want to be told about them several times a day any more..

I have looked into the exclusion lists (there's one for SCANS and one for Auto-Protect, SONAR I think.  I have used the 'Settings' for 'Antivirus and SONAR exclusions to add the fully qualified file names (ex: G:\Downloads\NetTools\whatsup\whatsup.rar) of the seven compressed files in question to BOTH lists, but still I am warned about these files several times a day.  I have restarted NIS and even restrted my system after building the exclusion lists, but NIS insists on telling me about the files anyway.

What am I missing?

Bubba

For a long time now my Norton Internet Security has been flagging seven compressed files (.rar files) as High Risk.  A few minutes after each boot up (or wake-up) of my computer (or sometimes seemingly just randomly) Norton pops up a screen showing me the same seven files, calling them High Risk, and allowing me ony to do nothing or to delete everything associated with them.  I know what these files are and I am willing to accept the risks so I would like to exclude them from the scanning (or at least reporting) function ... that is, I don't want to be told about them several times a day any more..

I have looked into the exclusion lists (there's one for SCANS and one for Auto-Protect, SONAR I think.  I have used the 'Settings' for 'Antivirus and SONAR exclusions to add the fully qualified file names (ex: G:\Downloads\NetTools\whatsup\whatsup.rar) of the seven compressed files in question to BOTH lists, but still I am warned about these files several times a day.  I have restarted NIS and even restrted my system after building the exclusion lists, but NIS insists on telling me about the files anyway.

What am I missing?

Bubba

No ... I don't think so.  They are reported during periodic NIS scans and I am always asked what I want to do about them (but the only option I am given is to 'Delete' them ... and everything else in the folder with them).  Since I do not wish to delete them (quarantine them) I simply close the reporting window without taking any other action at all ... whereupon NIS tells me, "Your computer is still exposed", and I close that window to.  Sometime later another scan starts the process all over again.  I have added all the files (fully qualified path names) to the Scan and SONAR exclusion list and I can see them in the list if go into the list with 'Edit'.  But they are not being excluded from the Scan (or SONAR ... whichever one is flagging them to begin with).

thanks for your interest in helping.

Bubba   

An other thing you can do is to exclude the Signature(s) the files are detected with. This way the product should not alert you again with these files, however if you get an infected file somehow with that Signature(s), Norton will not alert you about it in the future.

As you say, there is a much greater risk of future infection by excluding a 'signature' (not sure I'd be willing to do THAT) than by excluding a particular compressed file by name.  Just out of curiosity, though, how would I know or find out what the 'signatures' are that are causing the compressed files in question to be flagged?

BubbaMac

In the security it should be a log entry about it: in the scan history I'm 100% sure you can find it, and possibly in the quarantaine as well. If you can find it in the quarantaine logs as well, you can try to exclude it from there.