-->
Applies to:
Do not, do not shoot.45s without removing the choke tube. If it didn't come with one, get one from a T/C dealer or see if someone on this board has an extra. Can you shoot 410 out of 45long colt barrel. I never saw one chambered for 2-1/2 but they may make them.
Exclude Folders From Mcafee Total Protection
This article provides information on how to define exclusions that apply to on-demand scans, and real-time protection and monitoring.
Important
Feb 13, 2020 Mac and Linux Only — The feature is supported for Mac and Linux operating systems. Install mac os on macbook air. For on-demand scan, ENSM has the options Clean, Delete, and Continue Comparison of Endpoint Security features supported by Endpoint Security for Mac Threat Prevention 10.5, Endpoint Protection for Mac 2.3.0, and VirusScan for Mac 9.8.0.
- How to Exclude Folder or Drive from All Access Real-time Protection I installed McAfee All Access Internet Security as part of the Time-Warner package. I want to exclude an entire drive from real-time scanning.
- May 21, 2020 You want to exclude files from being scanned with your Windows security product. NOTE: If you are having a problem excluding files even after following the advice in this article, contact us McAfee security software for Windows or macOS, such as LiveSafe or Total Protection, allow you to exclude individual files from being scanned for viruses.
- Endpoint Security protection features, such as Self Protection and Access Protection, and other McAfee product protection rules, are enforced by a technology called Arbitrary Access Control (AAC).AAC rules protect objects, such as files, processes, and registry data, from being accessed by malware and untrusted programs.
The exclusions described in this article don't apply to other Microsoft Defender ATP for Mac capabilities, including endpoint detection and response (EDR). Files that you exclude using the methods described in this article can still trigger EDR alerts and other detections.
You can exclude certain files, folders, processes, and process-opened files from Microsoft Defender ATP for Mac scans.
Exclusions can be useful to avoid incorrect detections on files or software that are unique or customized to your organization. They can also be useful for mitigating performance issues caused by Microsoft Defender ATP for Mac.
Warning
Defining exclusions lowers the protection offered by Microsoft Defender ATP for Mac. You should always evaluate the risks that are associated with implementing exclusions, and you should only exclude files that you are confident are not malicious.
Supported exclusion types
The follow table shows the exclusion types supported by Microsoft Defender ATP for Mac.
Exclusion | Definition | Examples |
---|---|---|
File extension | All files with the extension, anywhere on the machine | .test |
File | A specific file identified by the full path | /var/log/test.log /var/log/*.log /var/log/install.?.log |
Folder | All files under the specified folder (recursively) | /var/log/ /var/*/ |
Process | A specific process (specified either by the full path or file name) and all files opened by it | /bin/cat cat c?t |
File, folder, and process exclusions support the following wildcards:
Wildcard | Description | Example | Matches | Does not match |
---|---|---|---|---|
* | Matches any number of any characters including none (note that when this wildcard is used inside a path it will substitute only one folder) | /var/*/*.log | /var/log/system.log | /var/log/nested/system.log |
? | Matches any single character | file?.log | file1.log file2.log | file123.log |
How to configure the list of exclusions
From the management console
For more information on how to configure exclusions from JAMF, Intune, or another management console, see Set preferences for Microsoft Defender ATP for Mac.
Mcafee Security My Account Page
From the user interface
Open the Microsoft Defender ATP application and navigate to Manage settings > Add or Remove Exclusion.., as shown in the following screenshot:
Select the type of exclusion that you wish to add and follow the prompts.
Validate exclusions lists with the EICAR test file
You can validate that your exclusion lists are working by using
curl
to download a test file.In the following Bash snippet, replace
test.txt
with a file that conforms to your exclusion rules. For example, if you have excluded the .testing
extension, replace test.txt
with test.testing
. If you are testing a path, ensure that you run the command within that path.If Microsoft Defender ATP for Mac reports malware, then the rule is not working. If there is no report of malware, and the downloaded file exists, then the exclusion is working. You can open the file to confirm that the contents are the same as what is described on the EICAR test file website.
If you do not have Internet access, you can create your own EICAR test file. Write the EICAR string to a new text file with the following Bash command:
You can also copy the string into a blank text file and attempt to save it with the file name or in the folder you are attempting to exclude.
Allow threats
In addition to excluding certain content from being scanned, you can also configure the product not to detect some classes of threats (identified by the threat name). You should exercise caution when using this functionality, as it can leave your device unprotected.
To add a threat name to the allowed list, execute the following command:
The threat name associated with a detection on your device can be obtained using the following command:
Where Is My Mcafee Folder
For example, to add
EICAR-Test-File (not a virus)
(the threat name associated with the EICAR detection) to the allowed list, execute the following command: