Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 12 replies
  • Subscribers 1 subscriber
  • Views 67213 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to exclude a process?

MaxSoukhomlinov

Does anyone know how to exclude a process and all files it touches from real-time scan?

We want to improve the speed of backups and would like to exclude backup exec processes and files they read from being scanned by Sophos realtme scan.

Having used other products such as Trend and KAV, both have support for this however we are unable to find a similar feature in Sophos.

Cheers,

Max

:23427


This thread was automatically locked due to age.
Parents
  • 0

    HI,

    It is possible but worth being sure that you need it as it relies on just a string match (including case) on the process name so use it with care.

    To do so it requires registry key(s) to be created and the machine to be rebooted.  Under "driver" key:

    Win2K/XP:

    KEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAVOnAccessControl
     

    Vista/Win7:

    HEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAVOnAccess

    Create a string value called:
    ExcludedProcess0  

    The value can then be for example: "notepad.exe" to exclude the notepad.exe process.

    If you need to exclude multiple processes you would need to create additional string keys, i.e. 

    ExcludedProcess1

    ExcludedProcess2

    with no gaps in the numbering, etc..

    Hope this helps but be careful :)

    Regards,

    Jak

    :23431
Reply
  • 0

    HI,

    It is possible but worth being sure that you need it as it relies on just a string match (including case) on the process name so use it with care.

    To do so it requires registry key(s) to be created and the machine to be rebooted.  Under "driver" key:

    Win2K/XP:

    KEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAVOnAccessControl
     

    Vista/Win7:

    HEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAVOnAccess

    Create a string value called:
    ExcludedProcess0  

    The value can then be for example: "notepad.exe" to exclude the notepad.exe process.

    If you need to exclude multiple processes you would need to create additional string keys, i.e. 

    ExcludedProcess1

    ExcludedProcess2

    with no gaps in the numbering, etc..

    Hope this helps but be careful :)

    Regards,

    Jak

    :23431
Children
No Data
Unfiltered HTML