Configuring exclusions

Threat Prevention enables you to fine-tune your protection by specifying items to exclude.

For example, you might need to exclude some file types to prevent a scanner from locking a file used by a database or server. A locked file can cause the database or server to fail or generate errors.

Tip: Best practice: To improve performance of on-access and on-demand scans, use scan avoidance techniques rather than adding file and folder exclusions.

Exclusions in exclusion lists are mutually exclusive. Each exclusion is evaluated separately from the others in the list.

Note: To exclude a folder on Windows systems, append a backslash (\) character to the path.To exclude a folder on Mac or Linux systems, append a slash (/) character to the path.
For this feature... Specify items to exclude Where to configure Exclude items by Use wildcards?
Access Protection Processes (for all rules or a specified rule) Access Protection Process file name or path, MD5 hash, or signer All except MD5 hash
Exploit Prevention Processes Exploit Prevention Process file name or path, MD5 hash, or signer All except MD5 hash
Caller modules Caller module file name or path, MD5 hash, or signer
APIs API name
Signatures Signature ID No
All scans Detection names Threat Prevention Options Detection name (case-sensitive) Yes
Potentially unwanted programs Name Yes
On-access scan
  • Default
  • High Risk
  • Low Risk
Files, file types, and folders On-Access Scan File name or folder, file type, or file age Yes
ScriptScan URLs URL name No
On-demand scan
  • Quick Scan
  • Full Scan
  • Right-Click Scan
Files, folders, and drives On-Demand Scan File name or folder, file type, or file age Yes
Custom on-demand scan Files, folders, and drives Custom On-Demand Scan client task File name or folder, file type, or file age Yes