Exclude large files

Hi,

is there an option to exclude files to be scanned that are exceeding a size thereshold?
e.g I want to scan *.zip-Files, but if they are bigger than 10MB they don’t have to be scanned by on-access scanner.

It would also be nice that this can be specified seperate for on-demand and on-access scanner.

Regards and Thanks!

In Avast home/pro you can exclude certain fileypes, not sizes.
I don’t know about the server editition, but I suspect it is the same.
Wait till someone with more knowledge about the server edition answers here.

What part of resident protection (provider) are you referring to?

If you’re looking for an easy setting like we have into ClamWin, no there is not…

Yeah, it will.
Also if we can define a different sensitivity to different folders. Some of them (critical) could be at High and some others (not dangerous ones) could be at Custom level. We asked this in WishList but… until now…

James, I’m talking about the Home/Pro version. Maybe the Server Edition has more features… :wink:

Well, in a certain sense this might be achieved using the MaxFileSizeToExtract_* ini-file settings. Anyway, I’d like to know what provider we are talking about - e.g. the Standard Shield doesn’t scan ZIP files by default, and I don’t think it’s a good idea.

Yes, I’m referring to the Standard filter, and I want to scan compressed files, but only if they are smaller than e.g 10MB

I am afraid it’s not possible (and I think it’s not a good idea for the Standard Shield to scan archives at all - it may have bad impact on the system performance, even if the size of the archive is limited somehow; besides, it shouldn’t be necessary, because the file has to be unpacked to be activated).

You can set the MaxFileSizeToExtract_Resident parameter in avast4.ini, but:

  1. It doesn’t limit the size of the archive, but rather the size of the resulting unpacked file
  2. It is common for more providers, i.e. the setting limits also e.g. Web Shield and P2P/IM providers
  3. The files that are bigger than the limit are not just ignored, but rather flagged as decompression bombs (so you may see it in report, for example).