Jump to content

Process exclusion

ronmanp

By ronmanp
in ESET Endpoint Products

 Share

Recommended Posts

ronmanp

ronmanp 2

Posted
Posted

Hi, 

I see Endpoint Antivirus now supports process exclusions. Could someone confirm if child-processes also get excluded from realtime scanning if the parent process is excluded? 

Thank you,

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted (edited)

Below is the Eset online help reference to real-time scanning exclusions:

Quote

Processes exclusions

The Processes exclusions feature allows you to exclude application processes from Real-time  file system protection. To improve backup speed, process integrity and service availability, some techniques that are known to conflict with file-level malware protection are used during backup. The only effective way to avoid both situations is to deactivate Anti-Malware software. By excluding specific process (for example those of the backup solution) all file operations attributed to such excluded process are ignored and considered safe, thus minimizing interference with the backup process. We recommend that you use caution when creating exclusions – a backup tool that has been excluded can access infected files without triggering an alert which is why extended permissions are only allowed in the real-time protection module.

Note what I underlined. A startup of a child process is not a file operation; it is an application operation. Therefore, the only way to exclude the child process from real-time scanning would be to do so by explicit full path entry of the process.

Edited by itman
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...