To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Format of realtime scan folder excludes?

otto_liljalaakso
otto_liljalaakso W/ Member Posts: 1 Security Scout

My employer has given me a Windows computer with WithSecure™ Elements Agent running.
I have observed that when the realtime scan feature is running,
some C++ builds I run fail with randomly appearing Access violation and other similar error messages.
I would like to solve this problem by excluding the folder structure where these build are done from the scan.
However, I am unclear about the correct format of the exclude rows.
Say my builds happen in subfolders of C:\src\project.
If I exclude exactly that string, I still see the errors.
If I exclude C:\src\project\*, my builds succeed.
I have not been able to find a description of the syntax used here.
Is it available somewhere?
Would it be possible to have it available in the dialog where the excludes are configured?

Best Answer

  • Sethu Laks
    Sethu Laks W/ Partner, W/ Staff, W/ Moderator Posts: 197 Moderator
    Answer ✓

    Hi @otto_liljalaakso

    Thank you for contacting WithSecure through the Community!

    You can use wildcards (*) and system environment variables in the path.

    Note: the folder exclusion has to end with a backslash (\).

    Examples:

    • C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
    • C:\Program Files (x86)\Microsoft Office\
    • C:\Program Files*\Microsoft*
    • %ProgramFiles%\Java
    • 3395856ce81f2b7382dee72602f798b642f14140

    From this page, you can find more information about Using wildcards in exclusions in real-time scanning.

    If you have any further questions, please do not hesitate to contact us!

This discussion has been closed.