ESET Online Help

Search English
Select the topic

Automatic exclusions

The developers of server applications and operating systems recommend excluding sets of critical working files and folders from malware scan for most of their products. Malware scan may have a negative influence on a server's performance, which may lead to conflicts and even prevent some applications from running on the server. Exclusions help minimize the risk of potential conflicts and increase the overall performance of the server when running Anti-Malware software. See the complete list of files excluded from scanning for ESET server products.

The automatic exclusions feature is enabled after you activate ESET Server Security with a valid license and perform the initial update to include the latest modules.

note

Automatic exclusions for Microsoft SQL Server database files work for default location. If you have Microsoft SQL Server databases in different locations (other than the default), you have two options. Manually add the exclusions, or have the database files automatically excluded. For the automatic exclusion, ESET Server Security needs read access to the Microsoft SQL Server instance to find what paths are used for database files. If ESET Server Security displays an error message about insufficient rights, solve it by granting the NO_AUTHORITY\SYSTEM account View any definition permission to each Microsoft SQL Server instance you run on the server with ESET Server Security.

For further details, see Knowledgebase article on how to Add permission to get database data locations to generate automatic exclusions for Microsoft SQL Server.

ESET Server Security identifies critical server applications and server operating system files, and automatically adds them to the list of Exclusions. All automatic exclusions are enabled by default. You can disable/enable each server application exclusions using the slider bar with the following result:

When enabled, any of its critical files and folders will be added to the list of files excluded from scanning. Every time the server is restarted, the system performs an automatic check of exclusions and updates the list if there were system or application changes (for example when a new server application was installed). This setting ensures the recommended Automatic exclusions are always applied.

When disabled, automatically excluded files and folders will be removed from the list. Any user-defined exclusions entered manually will not be affected.

To identify and generate automatic exclusions, ESET Server Security uses dedicated application eAutoExclusions.exe, located in the installation folder. No interaction is needed from your side, but you can use command line to list detected server applications on your system by executing eAutoExclusions.exe -servers. To display full syntax, use eAutoExclusions.exe -?.

Elevated permissions account

This feature allows ESET Server Security to generate further exclusions to resources like network shares, Microsoft SQL Server database files locations, or Skype for Business file share storage. To extend the automatic exclusions functionality, enable the Elevated permissions account and enter the username and password of your domain or local administrator account. You can create a new dedicated account for this purpose if you desire, but ensure the account is a member of the domain's built-in Administrators (BA) group or the local Administrators group.