Add a filename or file path to exclude from an Allow List policy

The following table describes the information that you must provide to exclude a file or path from an allow list policy.
File exclusion settings
Exclusion setting
The following prefixes are supported:
  • [NONE]
    No prefix is prepended.
    The file system folder containing application data for all users.
    • C:\Documents and Settings\All Users\Application Data
      (Windows XP)
    • C:\ProgramData
      (Windows Vista+)
    The file system folder that contains the files and folders that appear on the desktop for all users.
    • C:\Documents and Settings\All Users\Desktop
      (Windows XP)
    • C:\Users\Public\Desktop
      (Windows Vista+)
    The file system folder that contains the documents that are common to all users.
    The file system folder that contains the folders for the common program groups that appear on the
    menu for users.
    • C:\Documents and Settings\All Users\Start Menu\Programs
      (Windows XP)
    • C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
      The file system folder that contains all the programs that appear in the Startup folder for all users:
    • C:\Documents and Settings\All Users\Start Menu\Programs\Startup
      (Windows XP)
    • C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
      (Windows Vista+)
    Program Files
    folder, which includes:
    • C:\Program Files
    • C:\Program Files (x86)
    The folders for the components that are shared across applications:
    • C:\Program Files\Common Files
    • C:\Program Files (x86)\Common Files
  • [SYSTEM]
    The Windows System folder:
    Indicates the location where the Windows operating system is installed (new in 14.0):
    File system folders that correspond to all the users (new in 14.0):
    (Windows Vista+)
    The Windows folder or SYSROOT, which corresponds to the
    environmental variables:
Filename (include full path)
  • Filename
    : The full path to a file or folder. For example: C:\temp\test.txt
    You must include the slash (\) in the path.
  • Path
    : The full path on disk. For example:
    Include subfolders
    to include any folders under the specified path.
Turn on/off file exclusion from one or more technologies
You can apply the file name exclusion for the policy for multiple technologies.
  • Auto-Protect
    Excludes a file from real-time scans.
  • Scheduled and On-Demand scans
    Excludes a file from scheduled and on-demand scans.
  • Behavioral Analysis
    Excludes a file from real-time heuristic scans.
  • Tamper Protection (Filename only)
    Excludes a file from Tamper Protection. Applies to the actor and not the target.
  • Device Control
    Excludes a file from device control.
More information