Wildcards in path exclusions: FCS
Since the August 2009 antimalware engine update we support wildcards in path exclusions for on-demand scans (quick/full/custom scan).
It is important to note that Wildcards in path exclusions will not work for Real Time Protection and will be ignored (this does not apply to extension exclusions).
For on-demand scans, this will allow you to exclude paths such as:
"C:\Users\*\AppData\Roaming\Microsoft\Windows\Recent"
The above example excludes the same path for all users folders. This can improve performance with scheduled scans and on-demand-scans.
Since Real-Time Protection (RTP) will not honor the wildcards, you will not be able to use the wildcard exclusion to prevent detection or avoid any RTP performance issues. In these cases you will have to use the full path.
Additional information about the use of wildcards:
Character |
Exclusion type |
Notes |
* |
One subfolder |
Example1: c:\temp is the same as c:\temp\* and c:\temp\*\ When the wildcard is the last character in the exclusion, it is treated the same as not having the wildcard, and all subfolders will be excluded. Example2: C:\Users\*\AppData\Roaming\Microsoft\Windows\Recent The wildcard within the path can be used to represent a complete folder name. |
? |
One character or null |
Example 1: If the exclusion is c:\? and you scan c:\e, the file is excluded. Example 2: If the exclusion is c:\??car, both eicar and mycar would be excluded. |
Eddie Bowers
Senior Support Escalation Engineer