What is the correct format for file/folder exclusions

Hi All,
I'm a bit confused as to which format to use for exclusions in real-time and manual scanning in Policy Manager. I've previously used either *\\HarddiskVolume*\\AppData\\Local\\Microsoft\\Outlook\\Offline Address Books\\*.oab for real time or *\\AppData\\Local\\Microsoft\\Outlook\\Offline Address Books\\*.oab for manual scanning.
The reason for the confusion is because of these two pages:
https://community.f-secure.com/t5/Business/Using-wildcards-in-exclusions/ta-p/20428
https://community.f-secure.com/t5/Business/Excluding-objects-from-Real-Time/ta-p/66013
I would really appreciate if someone could clarify the correct format please.
Many thanks,
Al
Best Answer
-
Vad Posts: 1,055 F-Secure Employee
Hello Al,
This two pages do not contradict one another. The first one explains how to use wildcards in excluded objects. The second one explains the procedure of adding excluded objects, and contains examples without wildcards.
You can continue to use the exclusions you presented without any changes.
Best regards,
Vad
5 Like
Comments
And why would you exclude "*.oab"?
1) You should never exclude anything, unless you track down a problem
2) AFAIK "oab" is not even scanned normally.
So if you have a problem with OAB that is a suport case. Please open a case with F-Secure, so that you will get the needed debugtools and instructions.
Thanks for your explanation Vad.
Regards,
Al
Hi Matthias,
I was simply following MS recommendations. https://technet.microsoft.com/en-us/library/dn769141.aspx
Do you have any reference for F-Secure not scanning OAB or any other files for that matter? If I can reduce the list of exclusions it would make my life easier.
Regards,
Al
This is the main Technet article listing all exlusion related stuff:
https://social.technet.microsoft.com/wiki/contents/articles/953.microsoft-anti-virus-exclusion-list.aspx
The introductory (first) article in that is:
http://support.microsoft.com/kb/822158
which states:
So MS does NOT recommend to implement any exclusion as default, why should F-Secure? If you identify an issue with performance and you were able to track it down to F-Secure by these instructions please raise a Support case and request a fixed version as recommended by Microsoft.