This site is for AVG Business products only. For articles on Avast Business products, see Avast Business Help. If you are in the right place but cannot find what you are looking for, please contact AVG Business Support for further assistance.

Configuring Antivirus Exclusions

This Article Applies to:

  • AVG Business Cloud Console

 

Through your Cloud Console policies, you can exclude specified files, folders, or websites from being scanned by Antivirus if needed. Configuring standard and component-specific exclusions can speed up scans and prevent false-positive detections.

Exclusions are limited to approximately 8000 characters across both standard (All Scans and Shields) and component-specific (File Shield, Web Shield, etc) exclusions. Therefore, we recommend minimizing exclusions where possible to prevent any security flaws and/or impact on system performance.

Wildcards can be used when configuring exclusions. Note, however, that Behavior Shield and Web Shield have certain limitations when it comes to the use of wildcards. For more info, see respective sections below.

To access the settings for Antivirus exclusions:

  1. Open the Policies page
  2. Click the desired policy to open its Detail drawer
  3. Click the Exclusions tab
  4. Expand the Antivirus exclusions section

Configuring Standard Exclusions

You can configure exclusions (called exceptions in the local UI) that will propagate across all of the various Antivirus shields and components in the Exclusions tab of your console, within a selected policy.

Any changes made to exclusions within policies will propagate across your network every 5-10 minutes.

 

To add a standard exclusion, i.e. an exclusion that will apply to all scans and shields:

  1. From the Antivirus exclusions section of the policy's Exclusions settings, select the All Scans and Shields tab
  2. Click + Add new exclusion in the desired section:
    • File paths: Exclude specified file paths or URLs from virus scans and shield protection
      • Exclusions containing full application paths will also apply to the Anti-Rootkit component.
    • Hardened mode: Exclude specified executable files from Hardened Mode checks
    • CyberCapture: Exclude specified executable files from CyberCapture checks
    • URL addresses: Exclude specified URL addresses from scanning
    • On-demand scans: Exclude specified file paths from virus scans started by the end user
    • Programs: Exclude specified paths to programs or scripts (and optional parameters) from Antivirus checks
  1. In the pop-up dialog, specify the file/program path or URL you want to exclude
  2. Click Add new exclusion
  1. Save your changes once you are finished adding exclusions

Configuring Component-Specific Exclusions

Many of the customizable Antivirus components have a dedicated tab for configuring exclusions that will only affect that particular component. The process of creating specific exclusions is similar for most shields and components.

File Shield Exclusions

Any exclusions specified here will not be scanned by File Shield during a device scan. This can be used to speed up your scan for locations you know are safe or to prevent false positives.

To add an exclusion to the File Shield scan:

  1. From the Antivirus exclusions section of the policy's Exclusions settings, select the File Shield tab
  1. Click + Add new exclusion
  2. In the pop-up dialog, enter the file path you would like to exclude
  3. Use the check boxes to specify to which actions the exclusion applies (reading, writing, or executing files)
  4. Click Add new exclusion
  1. Save your changes once you are finished adding exclusions

Web Shield Exclusions

Any exclusions specified here will not be scanned by Web Shield when devices are accessing the internet. This can be used to prevent false positives.

Web Shield's Process exclusions do not accept wildcard characters.

 

To add an exclusion to the Web Shield scan:

  1. From the Antivirus exclusions section of the policy's Exclusions settings, select the Web Shield tab
  2. Click + Add new exclusion in the desired section:
    • URL addresses
    • MIME-types
    • Processes (these do not accept wildcards)
    • Scripts
  1. In the pop-up dialog, enter the details for the exclusion (URL address, MIME-type, or path to process, depending on the selected section)
  2. Click Add new exclusion
  1. Save your changes once you are finished adding exclusions

Behavior Shield Exclusions

Any exclusions specified here will not be scanned by Behavior Shield when devices are running programs and processes. Network share is supported as long as you are using the absolute path to the folder/file.

Behavior Shield does not support inserting wildcards at the beginning or in the middle of a file path (for example, C:\users\*\application.exe). However, you can still use a wildcard at the end of the path (for instance, C:\users\username\*).

Behavior Shield exclusions apply to Windows workstations only.

 

To add an exclusion to the Behavior Shield scan:

  1. From the Antivirus exclusions section of the policy's Exclusions settings, select the Behavior Shield tab
  2. Click + Add new exclusion
  1. In the pop-up dialog, enter the location of the program you would like to exclude
  2. Click Add new exclusion
  1. Save your changes once you are finished adding exclusions

 

Other Articles In This Section:

Configuring Patch Management Exclusions

Related Articles:

Logging Blocked Packets to Create Exclusions

Wildcards