ronmanp 2 Posted August 20, 2019 Share Posted August 20, 2019 Hi, I see Endpoint Antivirus now supports process exclusions. Could someone confirm if child-processes also get excluded from realtime scanning if the parent process is excluded? Thank you, Link to comment Share on other sites More sharing options...
itman 1,629 Posted August 20, 2019 Share Posted August 20, 2019 (edited) Below is the Eset online help reference to real-time scanning exclusions: Quote Processes exclusions The Processes exclusions feature allows you to exclude application processes from Real-time file system protection. To improve backup speed, process integrity and service availability, some techniques that are known to conflict with file-level malware protection are used during backup. The only effective way to avoid both situations is to deactivate Anti-Malware software. By excluding specific process (for example those of the backup solution) all file operations attributed to such excluded process are ignored and considered safe, thus minimizing interference with the backup process. We recommend that you use caution when creating exclusions – a backup tool that has been excluded can access infected files without triggering an alert which is why extended permissions are only allowed in the real-time protection module. Note what I underlined. A startup of a child process is not a file operation; it is an application operation. Therefore, the only way to exclude the child process from real-time scanning would be to do so by explicit full path entry of the process. Edited August 20, 2019 by itman Link to comment Share on other sites More sharing options...
ronmanp 2 Posted August 21, 2019 Author Share Posted August 21, 2019 Thank you for the fast response Link to comment Share on other sites More sharing options...
Recommended Posts