FP suspicious action : sessionstore-1.js

Hello,

Since approximately 2-3 weeks, AVAST 5 & 6 find almost every day this action as a suspicious action : c:\Documents and Settings.…\Application Data\Mozilla\Firefox\Profiles\54jikbr3.default\sessionstore-1.js
( the “…” are my first name and last name, I don’t write them to avoid spams …).

I found on many forums that is a normal action from Firefox.

Thank you,

  • avragorn -

delete

no need to double post, I already replied to that here:
http://forum.avast.com/index.php?topic=77014.msg638256#msg638256

What is in the File System Shield, Expert Settings, Exclusions ?
I thought that the sessionstore files were excluded by default, I know before in avast5 they may not have been, but in avast6 they should be.

I have this exclusion in mine, \Firefox\Profiles*sessionstore.js (see image) and I don’t get any issues like this.

I didn’t exclude it :frowning: I have left my default settings …
As Logos wrote, it is a little a double post because I wrote about it in my thread about my problems with Firefox/Youtube.
I added it to the trusted processes, in the suspicious actions agent part.
Is it good ?

so do it!!! ::slight_smile: ;D

edit: read my post below, default should be okay for you.

yeah okay, my profile is not located on C: and I had to add the path to my sessionstore file to the exclusion list manually, not needed for people using the default location :wink:

Well, it is strange, it is already in the default exclusions list. But there are 3 cases : L, E, and X, only the “E” is checked (écriture=writing).

edit : Since I added it to the trusted processes in the suspicious actions agent part, should I remove it ?

forget it, just leave it as it is :wink:

Thank you very much :slight_smile:
And should I remove it from the suspicious actions agent part, since I added it there ?

first check through virus total if your file is infected

VirusTotal finds nothing, because it is a normal process from Firefox. I already checked on google, I found a page on the AVIRA forum.
So I can keep it in the trusted processes in the suspicious actions agent part ?
:slight_smile:

yeah I know it’s a normal FF file, but it has some content, your last session, so it could contain stuff found suspicious, like Avast did.

Well, I preferred to remove it since I added it in the trusted processes list. It is maybe better :slight_smile: