Jump to content

Exclusions


Recommended Posts

Hi

 

How do I add Endpoint Security exclusions for Malware and Exploit for individual end points.  The users are complaining their Windows 7 Pro workstations are lagging ever since installing Endpoint Security. I added exclusions for Windows Defender for Malwarebytes when it automatically came on after uninstalling Symantec Endpoint.   I do not have this problem with my Windows 10 Pro

I read that you can add exclusions so it will not scan certain folders but I cannot see the option for Malwarebytes Enterprise on the clients.

Link to post
Share on other sites

Thank you for your assistance... I did find it.... .eventually myself..  I am assuming I have to put the path for every client workstation of software / folders I don't want to scan/want to trust.   That's how I interpret it …  Not quite sure how to do the server shares other than giving it to the whole ip address.   So, it will look at the paths of every workstation that is part of my domain/where Malware endpoint installed based on the ignore list??  That's a lot of 'ignores' I guess .. I did try some and some things started to work better.. other things are still slow so I guess its just a process....  At least the users don't want to throw their workstation out anymore...

Link to post
Share on other sites

It is a slow process, but something that can help is to approach it with scans that are not yet set to remove anything, this way you can see what the MBAM scans will begin tagging for removal without it happening, and you can set your ignores around the stuff your users have versus what actually generates hits accordingly. We don't often interact with items the same way other AV's do, this tactic can help you avoid spending time making ignores for something we're not going to have an issue with, or be able to make an ignore for something you would not of thought needed one. There is some quirkiness to be aware of, and I see it a bit in your post here with the mention of shares.

There are limitations to consider. Folder and file paths cannot take a wildcard in the middle of the path, it can only be used at the end to represent everything under a certain directory.

Examples:
C:\Users\*\Desktop\item.ext - this wildcard usage is not supported.
C:\ProgramData\Some Program\* - this wildcard usage is supported.

The realtime engine and pieces in the 1.x version has some known complications with applications that run from and/or write too drive shares. Check out this post I made here that brings up the known items and limitations of the MBMC and MBAM 1.x product - 


See this post for an explanation of our workarounds for mitigating the drive share / realtime interference - 

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.