defender classifying?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have a few startup programs when Defender starts that keep saying
"unclassified" How do I classify them so they are permitted?
One is Nuance PDF Converter

Thanks, SoozyQ
 
Tools->Options->Advanced Options. Add your startup programs to the box Do
not scan these files or locations.
 
Soozy;

Just to clarify what Mr Cat is saying, Put those individual programs into
the ignore box that you want excluded. Do not put the entire startup
folder in there, as you wouldn't want to permanently exclude everything
that could eventually make it's way into your startup folder.
 
Mr Cat said:
Tools->Options->Advanced Options. Add your startup programs to the box Do
not scan these files or locations.
Click to expand...

Thank you. I'll try that, but if something isn't classified and running,
isn't it bad to just ignore some things?
 
Dave M said:
Soozy;

Just to clarify what Mr Cat is saying, Put those individual programs into
the ignore box that you want excluded. Do not put the entire startup
folder in there, as you wouldn't want to permanently exclude everything
that could eventually make it's way into your startup folder.
Click to expand...

Thanks for your help, Dave. I believe (I hope) I put the right program
in-the whole folder of ScanSoft from my programs. But if something isn't
classified and running, isn't it bad to just ignore some things? Thanx again.
 
By putting the ScanSoft/Nuance PDF Converter into the Do Not Scan box,
you're in effect saying you trust this program and you'll ALLOW it to do
whatever it wants on your system, and only on your own system, without
monitoring it directly. There are hundreds of thousands of programs
available including some that are malware, and a significant percentage of
these are not classified by Microsoft.

The idea behind SpyNet was that, if an overwhelming majority of members
decided that an application is either trustworthy and allowed it to run or
non-trustworthy and prevented if from running, then it would eventually
make it into classified status. How well that's been implemented is
another story and also involves digital validation signatures, but I think
that the PDF Converter is probably not used by enough people to have made
it beyond this Microsoft classification hurdle yet, and I'm afraid that
your single vote by itself won't have much effect on their classification
database one way or the other.

Here's a somewhat funny sidenote, Windows Defender's own MsMpEng.exe shows
up as not yet classified in Defender's Software Explorer. Do we put that
into Do Not Scan? ...I did, for whatever that's worth ;o)
 
I did that for a program in my Software\Microsoft\Windows\Run registry key,
adding the program at the location specified there to the "Do not scan...."
box, but windows defender keeps stopping it and I have to allow it manually
every time.

I have the impression that the box "Do not scan..." is for the "equipement
scan" button, rather than the boot feature.

Anyway, how can I make windows defender to allow my program to boot?
 
What program? There are cases where the software re-schedules itself or
adds itself to the run key on every iteration. I don't think we've ever
found a fix for this situation.

You might give some details.

--
 
The program in the run key is always the same and is there all the time, it
was added only once.

The program is the rc1-test2.2 for peerguardian2.

The executable pg2.exe is the one signalled all the time in the same path in
Program Files. That is the one that I added to the "Do not scan..." box.

Today I've seen that in the software explorer the classification for
Peerguardian2 says "In progress" (may be the word is slightly different, as I
am using the spanish version of Vista, and sometimes is difficult to know how
the words were translated).

Anyway, I think there should be a way for the users to add manually programs
that they trust.

Cheers
 
I hear you, but for the moment, excluding the location of the executable
from scanning, or turning off the particular test that is raising an alarm,
are the only options.

I wouldn't expect a program to be listed while it is still in beta--perhaps
once the project is finalized, if enough folks who are participating vote
for it, it'll be listed as safe.

It has been a good long time since I looked into this area of Defender.
I'll see if I can arrange for an equivalent alert on a machine with Defender
on it and see what luck I have excluding it using the UI as you've attempted
without success. If I do manage that, I'll post back to this thread.
--
 
Back
Top