Specify scanning exclusions

Standard naming conventions

Sophos Anti-Virus validates the paths and file names of scanning exclusion items against standard Windows naming conventions. For example, a folder name may contain spaces but may not contain only spaces.

Multiple file extensions

File names with multiple extensions are treated as if the last extension is the extension and the rest are part of the file name:

MySample.txt.doc = file name MySample.txt + extension .doc.

Excluding specific files, folders, processes, or drives

Exclusion type Description Examples Comments
Specific file Specify both the path and file name to exclude a specific file. The path can include a drive letter or network share name. C:\Documents\CV.doc

\\Server\Users\Documents\CV.doc

To make sure that exclusions are always applied correctly, add both the long and 8.3-compliant file and folder names:

C:\Program Files\Sophos\Sophos Anti-Virus

C:\Progra~1\Sophos\Sophos~1

For more information, see knowledgebase article 13045.

Specific process Specify both the path and the file name to exclude a specific executable file (process). C:\Windows\notepad.exe You must specify the full path.
All files with the same name Specify a file name without a path to exclude all files with that name wherever they are located in the file system. spacer.gif
Everything on a drive or network share Specify a drive letter or network share name to exclude everything on that drive or network share. C:

\\Server\<sharename>\

When you specify a network share, include a trailing slash after the share name.
Specific folder Specify a folder path including a drive letter or network share name to exclude everything in that folder and below. D:\Tools\logs\ Include a trailing slash after the folder name.
All folders with the same name Specify a folder path without a drive letter or network share name to exclude everything from that folder and below on any drive or network share. \Tools\logs\

(excludes the following folders: C:\Tools\logs\, \\Server\Tools\logs\)

You must specify the entire path up to the drive letter or network share name. In this example, specifying \logs\ would not exclude any files.

Wildcards

You can use the wildcards shown in this table.

Note Only * and ? can be used on Windows Server 2003.
Token Matches Comments
* (Star) Zero or more of any character except \ or /. For example:

c:\*\*.txt excludes all files named *.txt in the top level folders on C:\.

Note You cannot use * to exclude a folder.
** (Star Star) Zero or more of any characters including \ and /, when bracketed by \ or / characters or used at the start or end of an exclusion.

Any other use of ** is treated a single * and matches zero or more of any character except \ or /.

For example:
  • c:\foo\**\bar matches: c:\foo\bar, c:\foo\more\bar, c:\foo\even\more\bar
  • **\bar matches c:\foo\bar
  • c:\foo\** matches c:\foo\more\bar
  • c:\foo**bar matches c:\foomorebar but NOT c:\foo\more\bar
\ (Backslash) Either \ or /.
/ (Forward slash Either / or \.
? (Question mark) One single character, unless at the end of a string where it can match zero characters.
. (Period) A period OR the empty string at the end of a filename, if the pattern ends in a period and the filename does not have an extension. Note that:
  • *.* matches all files
  • *. matches all files without an extension
  • "foo." matches "foo" and" "foo."

Examples

Here are some examples of the use of wildcards.

Expression Interpreted as Description
foo **\foo Exclude any file named foo (in any location).
foo\bar **\foo\bar Exclude any file named bar in a folder named foo (in any location).
*.txt **\*.txt Exclude all files named *txt (in any location).
C: C: Exclude drive C: from scanning (including the drive's master boot record).
C:\ C:\ Exclude all files on drive C: from scanning (but scan the drive's master boot record).
C:\foo\ C:\foo\ All files and folders underneath C:\foo, including C:\foo itself.
C:\foo\*.txt C:\foo\*.txt All files contained in C:\foo named *.txt.

Variables for exclusions

You can use variables when you set up scanning exclusions.

The table below shows the variables and examples of the locations they correspond to on each operating system.

Variable Windows 7 or later, Windows Server 2008 or later Windows Server 2003, Windows XP, Windows Vista
%allusersprofile%\ C:\ProgramData\ C:\Documents and Settings\All Users\
%appdata%\ C:\Users\*\AppData\Roaming\ C:\Documents and Settings\*\Application Data\
%commonprogramfiles%\ C:\Program Files\Common Files\ C:\Program Files\Common Files\
%commonprogramfiles(x86)%\ C:\Program Files (x86)\Common Files\ C:\Program Files (x86)\Common Files\
%localappdata%\ C:\Users\*\AppData\Local\ C:\Documents and Settings\*\Local Settings\Application Data\
%programdata%\ C:\ProgramData\ C:\Documents and Settings\All Users\Application Data\
%programfiles%\ C:\Program Files\ C:\Program Files\
%programfiles(x86)%\ C:\Program Files (x86)\ C:\Program Files (x86)\
%systemdrive%\ C: C:
%systemroot%\ C:\Windows\ C:\Windows\
%temp%\ or %tmp%\ C:\Users\*\AppData\Local\Temp\ C:\Documents and Settings\*\Local Settings\Temp\
%userprofile%\ C:\Users\*\ C:\Documents and Settings\*\
%windir%\ C:\Windows\ C:\Windows\