Items that can be excluded from scanning

On each type of computer, there are different limitations on the items that you can exclude from scanning.


On Windows, you can exclude drives, folders and files.

You can use the wildcards * and ?

The wildcard ? can be used only in a filename or extension. It generally matches any single character. However, when used at the end of a filename or extension, it matches any single character or no characters. For example file??.txt matches file.txt, file1.txt and file12.txt but not file123.txt.

The wildcard * can be used only in a filename or extension, in the form [filename].* or *.[extension]. For example, file*.txt, file.txt* and file.*txt are invalid.

For more information and examples, see Specifying scanning exclusions for Windows.

Mac OS X

On Mac OS X, you can exclude files, folders, and volumes.

You can specify which items are excluded by prefixing or suffixing the exclusion with a slash or suffixing the exclusion with a double slash.

For more information, see the Sophos Anti-Virus for Mac OS X Help.

Linux or UNIX

On Linux and UNIX, you can exclude directories and files.

You can specify any POSIX path, whether it is a file or a directory, for example, /folder/file. You may use the wildcards ? and *.

Note: Enterprise Console only supports path-based Linux and UNIX exclusions. You can also set up other types of exclusion directly on the managed computers. Then you can use regular expressions, exclude file types and filesystems. For information on how to do this, see the Sophos Anti-Virus for Linux configuration guide or the Sophos Anti-Virus for UNIX configuration guide.

If you set up another path-based exclusion on a managed Linux or UNIX computer, this computer will be reported to the console as differing from the group policy.

For information about excluding items from scanning, see the following topics: