This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exclude remote files checked under Windows Exceptions?

So does this exclude Network drives and any attached storage/USB device plugged in later? I would like to Exclude Network drives, but not USB storage devices. Should it be checked or not?

This thread was automatically locked due to age.

0 jak over 7 years ago

Hi,

USB and remote files are treated differently.

When you turn off the scanning of remote files, in machine.xml the following option is set:

<item itemName="GeneralExclusions">
<settings>
<exclusionList><item>1</item></exclusionList>
</settings>
</item>

If ever you want to test an exclusion is working. I would suggest just creating "eicar.com" (www.eicar.org/86-0-Intended-use.html) in it to ensure it's note detected.

I find it easier to create a next text file, paste in the eicar string of characters (as found on the above page) and then save it as "eicar.com". This way, you don't have to worry about the web protection component blocking it as it comes through the browser if you're testing on-access exclusions.

Regards,

Jak
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 7 years ago

Hello Michael Wilson,

this is probably some confusion regarding local, internal, external, removable, and remote. What you plug in is not remote.
If in doubt test it as jak has shown (BTW: If you're using the on-premise SEC managed Endpoint there's a savtst32.exe in the \sec_5xx\tools\ folder).

Christian
Cancel
Vote Up 0 Vote Down

Cancel