Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 0 subscribers
  • Views 24363 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

File Exclusions

vospersIT

hi all 

since a resent virous outbrake here (thank god for sophos) we have had to setup a scheduled scan on our network currntly running a scan every day. but since then the console is reporting adware on some files that we know are safe. so iv added the folders to the exclusions in the form of \folder name\   

this has been added to anti-virus and hips policy on the main screan (extensions and exclusions) button and in the on access scanning (configure) windows exclusions tab. its still reporting back about the files in the folders after iv told the console.

my understanding is that by adding the folders in the format of   \foldername\   this should mean that sophos should not scan in the folders.

:57390


This thread was automatically locked due to age.
  • 0

    Hello vospersIT,

    only file exclusions are "global". Folder exclusions require a path (this is documented in the Console Help).

    Christian

    :57395
  • 0

    Hi Christian

    oh the presents a problem as the folders in qustion dont apper in the same location on the computers in qustion as some are saved under users desktops witch is fine but if that user leaves the company then the folder will be coppied to a difrent desktop.

    so if i cant do folders can i do file names without a path so for example we have one called run.exe thats part of one of our dealer programs.

    kurt.

    :57399
  • 0

    Hello kurt,

    sorry, I should have taken the time - even when in a hurry - to give you a full and meaningful answer.

    Global exclusions are pretty dangerous. To deal with wanted AdWare and PUAs with exclusions is barking up the wrong tree - instead Authorization is what you are looking for. The advantage is that files are nevertheless scanned for possible infections but authorized (or whitelisted apps) aren't blocked.

    Christian

    :57401
  • 0

    Hello Christian

    that sounds like a good fix to my problem. (now comes the dumb qustion) how do i set this up do i use the application control function on the concole for this.

    kurt

    :57411
  • 0

    Hello kurt,

    Authorization not Application :smileyhappy:. In the console Anti-Virus and HIPS policy, topmost button Authorization ... will open the Authorization Manager, one of the five tabs is labeled Adware and PUAs. The Known ... pane is filled with applications previously detected on your endpoints.

    Christian

    :57413
  • 0

    Hello Christian

    see i did say dumb qustion time. that seams to have fixed it they have all gone thank you very much.

    kurt.

    :57416
Unfiltered HTML