User guide
A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I ON
105
A L L O W E D F I L E E X C L U S I O N M A S K S
Let's look at some examples of permitted masks that you can use when create file exclusion lists. They are as follows:
1. Masks without file paths:
*.exe – all files with the exe extension;
*.ex? – all files with the ex? extension, where ? can represent any single character;
test – all files with the name test.
2. Masks with absolute file paths:
C:\dir\*.* or C:\dir\* or C:\dir\ – all files in the C:\dir\ folder;
C:\dir\*.exe – all files with the exe extension in the C:\dir\ folder;
C:\dir\*.ex? – all files with the ex? extension in folder C:\dir\, where ? can represent any single character;
C:\dir\test – only the C:\dir\test file.
If you wish to exclude file scan in all nested folders of the specified folder, check the Include subfolders
box when creating a mask.
3. File path masks:
dir\*.*, or dir\*, or dir\ – all files in all dir\ folders;
dir\test – all test files in dir\ folders;
dir\*.exe – all files with the exe extension in all dir\ folders;
dir\*.ex? – all files with the ex? extension in all dir\ folders, where ? can represent any single character.
If you wish to exclude file scan in all nested folders of the specified folder, check the Include subfolders
box when creating a mask.
*.* and * exclusion masks can only be used if you specify the classification type of the threat according to the Virus
Encyclopedia. In this case, the specified threat will not be detected in any object. Using those masks without specifying
the classification type essentially disables monitoring. When setting an exclusion, it is not recommended selecting a path
related to a network disk created based on a file system folder using the subst command, as well as to a disk, which
mirrors a network folder. The case is that different resources may be given the same disk name for different users, which
will inevitably lead to an incorrect triggering of exclusion rules.
A L L O W E D T H R E A T T Y P E M A S K S
When adding masks to exclude certain threats based upon their Virus Encyclopedia classification, you can specify the
following settings:
The full name of the threat as given in the Virus Encyclopedia at www.viruslist.com (e.g. not-a-
virus:RiskWare.RemoteAdmin.RA.311 or Flooder.Win32.Fuxx).
The threat name by mask, e.g.:
not-a-virus* – exclude legal but potentially dangerous programs from the scan, as well as joke programs;
*Riskware.* – exclude riskware from the scan;
*RemoteAdmin.* – exclude all remote administration programs from the scan.