Exceptions
With these options you can configure exception objects for the Real-Time Protection (on-access scan). The relevant objects are then not included in the on-access scan. The Real-Time Protection can ignore file accesses to these objects during the on-access scan via the list of processes to be omitted. This is useful, for example, with databases or backup solutions.
Please note the following when specifying processes and file objects to be omitted: The list is processed from top to bottom. The longer the list is, the more processor time is required for processing the list for each access. Therefore, keep the list as short as possible.
Processes to be omitted by the Real-Time Protection
All file accesses of processes in this list are excluded from monitoring by Real-Time Protection.
Input box
In this field, enter the name of the process that is to be ignored by the real-time scan. No process is entered as the default setting.
The specified path and file name of the process should contain a maximum of 255 characters. You can enter up to 128 processes. The entries in the list must not result in more than 6000 characters in total.
When entering the process, Unicode symbols are accepted. You can therefore enter process or directory names containing special symbols.
Drive information must be entered as follows: [Drive letter]:\
The colon symbol (:) is only used to specify drives.
When specifying the process, you can use the wildcards * (any number of characters) and ? (a single character).
C:\Program Files\Application\application.exe
C:\Program Files\Application\applicatio?.exe
C:\Program Files\Application\applic*.exe
C:\Program Files\Application\*.exe
To avoid the process being excluded globally from monitoring by Real-Time Protection, specifications exclusively comprising the following characters are invalid: * (asterisk), ? (question mark), / (forward slash), \ (backslash), . (dot), : (colon).
You have the option of excluding processes from monitoring by the Real-Time Protection without full path details. For example: application.exe
This however only applies to processes where the executable files are located on hard disk drives.
Full path details are required for processes where the executable files are located on connected drives, e.g. network drives. Please note the general information on the notation of Exceptions on connected network drives.
Do not specify any exceptions for processes where the executable files are located on dynamic drives. Dynamic drives are used for removable disks, such as CDs, DVDs or USB sticks.
Warning
Please note that all file accesses done by processes recorded in the list are excluded from the scan for viruses and unwanted programs!
The button opens a window in which you can select an executable file.
Processes
The "Processes" button opens the "Process selection" window in which the running processes are displayed.
Add
With this button, you can add the process entered in the input box to the display window.
Delete
With this button you can delete a selected process from the display window.
File objects to be omitted by the Real-Time Protection
All file accesses to objects in this list are excluded from monitoring by the Real-Time Protection.
Input box
In this box you can enter the name of the file object that is not included in the on-access scan. No file object is entered as the default setting.
The entries in the list must have no more than 6000 characters in total.
When specifying file objects to be omitted, you can use the wildcards* (any number of characters) and ? (a single character): Individual file extensions can also be excluded (including wildcards):
C:\Directory\*.mdb
*.mdb
*.md?
*.xls*
C:\Directory\*.log
Directory names must end with a backslash \ .
If a directory is excluded, all its sub-directories are automatically also excluded.
For each drive you can specify a maximum of 20 exceptions by entering the complete path (starting with the drive letter). For example:
C:\Program Files\Application\Name.log
The maximum number of exceptions without a complete path is 64. For example:
*.log
\computer1\C\directory1
In case of dynamic drives that are mounted as a directory on another drive, the alias of the operating system for the integrated drive in the list of the exceptions has to be used, e.g.:
\Device\HarddiskDmVolumes\PhysicalDmVolumes\BlockVolume1\
If you use the mount point itself, for example, C:\DynDrive, the dynamic drive will be scanned nonetheless. You can determine the alias of the operating system to be used from the Real-Time Protection report file.
The button opens a window in which you can select the file object to be excluded.
Add
With this button, you can add the file object entered in the input box to the display window.
Delete
With this button you can delete a selected file object from the display window.
Please note the further information when specifying exceptions:
In order to also exclude objects when they are accessed with short DOS file names (DOS name convention 8.3), the relevant short file name must also be entered in the list.
A file name that contains wildcards may not be terminated with a backslash. For example:
C:\Program Files\Application\applic*.exe\
This entry is not valid and not treated as an exception!
Please note the following with regard to exceptions on connected network drives: If you use the drive letter of the connected network drive, the files and folders specified are NOT excluded from the Real-Time Protection scan. If the UNC path in the list of exceptions differs from the UNC path used to connect to the network drive (IP address specification in the list of exceptions – specification of computer name for connection to network drive), the specified folders and files are NOT excluded by the Real-Time Protection scan. Locate the relevant UNC path in the Real-Time Protection report file:
\\<Computer name>\<Enable>\ - OR - \\<IP address>\<Enable>\
You can locate the path Real-Time Protection uses to scan for infected files in the Real-Time Protection report file. Indicate exactly the same path in the list of exceptions. Proceed as follows: Set the protocol function of the Real-Time Protection to Complete in the configuration under Real-Time Protection > Report. Now access the files, folders, mounted drives or connected network drives with the activated Real-Time Protection. You can now read the path to be used from the Real-Time Protection report file.
Copyright © 2014 Avira Operations GmbH & Co. KG
Last change on 20.03.2018