Know the distinction between File List and Process Image File List used in Deep Security Anti-Malware Scan Exclusions.
The File List container is used for excluding regular files. Regular file types fall under the File List category. However, the appropriate list, whether it is Regular File List or Process Image File List, should be determined for a specific Scan Exclusion.
Below are the list types and their descriptions:
- Regular File List can contain the regular expression file list exclusion while having wildcards.
For example, *.db matches 123.db, abc.db, but it doesn't match 123db, 123.abd, and cbc.dba.
- Process Image File List can only handle a full path, as other formats are invalid. Note that Process Image File List is only supported in Real-Time Scan.
To exclude a process, specify the full path of the process, not just the process file name. For example, C:\Your_Folder\Your_Second_Folder\Your_File.Extension
Adding the process to the Process Image File List results in the following:
- The process can do anything without Trend Micro's interference.
- The file changed by the process will not be scanned.
- The DLLs/modules loaded by the process will not be scanned.
- The process itself will not be scanned.
If there is another existing process which is not included in the Process Image File List and it loads the same modules as the excluded process used, those modules will still be scanned.
Excluding a process is useful in case of a service performance problem or service hangs caused by anti-malware’s interference.