To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Format of realtime scan folder excludes?

Options
otto_liljalaakso
otto_liljalaakso W/ Member Posts: 1 Security Scout
edited October 2023 in Elements Endpoint Protection

My employer has given me a Windows computer with WithSecure™ Elements Agent running.
I have observed that when the realtime scan feature is running,
some C++ builds I run fail with randomly appearing Access violation and other similar error messages.
I would like to solve this problem by excluding the folder structure where these build are done from the scan.
However, I am unclear about the correct format of the exclude rows.
Say my builds happen in subfolders of C:\src\project.
If I exclude exactly that string, I still see the errors.
If I exclude C:\src\project\*, my builds succeed.
I have not been able to find a description of the syntax used here.
Is it available somewhere?
Would it be possible to have it available in the dialog where the excludes are configured?

Best Answer

  • Sethu Laks
    Sethu Laks W/ Partner, W/ Staff, W/ Moderator Posts: 245 Moderator
    Solved
    Options

    Hi @otto_liljalaakso

    Thank you for contacting WithSecure through the Community!

    You can use wildcards (*) and system environment variables in the path.

    Note: the folder exclusion has to end with a backslash (\).

    Examples:

    • C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
    • C:\Program Files (x86)\Microsoft Office\
    • C:\Program Files*\Microsoft*
    • %ProgramFiles%\Java
    • 3395856ce81f2b7382dee72602f798b642f14140

    From this page, you can find more information about Using wildcards in exclusions in real-time scanning.

    If you have any further questions, please do not hesitate to contact us!

This discussion has been closed.