Add or Edit exclusion

This dialog window enables you to add or edit exclusions. Choose the exclusion Type from the drop-down menu:

Exclude path

Excludes specific path (file or directory) for this computer. Choose an appropriate path by clicking ... in the Path field.

DIALOG_EXCLUDE_PATH

See more exclusion format examples below.

Exclude detection

A valid ESET detection / threat name should be provided. For a valid detection name, see Log files and then select Detections from the Log files drop-down menu. This is useful when a false positive sample is being detected in ESET Internet Security. Exclusions for real infiltrations are very dangerous, consider excluding only affected files / directories by clicking ... in the Path mask field and/or only for a temporary period of time. Exclusions apply also to Potentially unwanted applications, potentially unsafe applications and suspicious applications.

DIALOG_EXCLUDE_THREAT

See also Threat exclusions example below.

Exclude hash

Excludes a file based on specified hash (SHA1), regardless of the file type, location, name or its extension.

DIALOG_EXCLUDE_HASH

 


You can use wildcards to exclude a group of files. A question mark (?) represents a single character whereas an asterisk (*) represents a string of zero or more characters.

example

Exclusion format

If you want to exclude all files in a folder, type the path to the folder and use the mask *.*

To exclude an entire drive, including all files and subfolders, use the mask D:\*

If you want to exclude doc files only, use the mask *.doc

If the name of an executable file has a certain number of characters (with varying characters) and you only know the first one (for example, "D”), use the following format:
D????.exe (question marks replace the missing / unknown characters)

example

System variables in exclusions

You can use system variables like %PROGRAMFILES% to define scan exclusions.

To exclude the Program Files folder using this system variable, use the path %PROGRAMFILES%\* (remember to add backslash and asterisk at the end of path) when adding to exclusions

To exclude all files and folders in a %PROGRAMFILES% subdirectory, use the path %PROGRAMFILES%\Excluded_Directory\*

hmtoggle_plus0 Expand list of supported system variables

example

Exclusions using an asterisk

A few more exclusion examples using an asterisk:

C:\Tools\* – The path must ends with the backslash and asterisk to indicate that it is a folder and all its subfolders that are being excluded.
C:\Tools\*.dat – This will exclude .dat files in the Tools folder.
C:\Tools\sg.dat – This will exclude this particular file located in the exact path.

An exception for Exclude path:

C:\Tools\*.* – Same behavior as C:\Tools\* (not to be confused that the mask *.* will exclude only files with extensions in the Tools folder).

A wrong manually entered exclusion example:

C:\ToolsTools folder will not be excluded. From the scanner perspective, Tools can also be a file name.
C:\Tools\ – Do not forget to add the asterisk at the end of the path: C:\Tools\*

example

Wildcards in the middle of a path

We highly recommend that you do not use wildcards in the middle of a path (for example C:\Tools\*\Data\file.dat) unless your system infrastructure requires it. See the following Knowledgebase article for more information.

When you select Exclude threat, there are no restrictions to using wildcards in the middle of a path.

example

Order of exclusions

There are no options to adjust the priority level of exclusions using the top/bottom buttons (as for Firewall rules where rules are executed from top to bottom)

When the first applicable rule is matched by the scanner, the second applicable rule will not be evaluated

The fewer the rules, the better the scanning performance

Avoid creating concurrent rules

example

Threat exclusions

If you want to exclude a threat, enter the valid detection name:

Win32/Adware.Optmedia

You can also use the following format when you exclude a detection from the ESET Internet Security alert window:

@NAME=Win32/Adware.Optmedia@TYPE=ApplicUnwnt
@NAME=Win32/TrojanDownloader.Delf.QQI@TYPE=Trojan
@NAME=Win32/Bagle.D@TYPE=worm