Showing results for 
Show  only  | Search instead for 
Did you mean: 

VirusScan *inclusions*... Possible to exclude 'everything but X'


Query I got recently with regard to VSEL, is 'I want to scan everything in these 3 folders, and nothing else'.  Example folders:




Aside from *possibly* looking at regex to cover all 3, the only other option I can think of is to manually exclude all of the parent folders, and all subfolders that arent in this list, ie if we had:








I would need to exclude everything in /blah/2 that wasnt 'data' (to start with), but could run into the situation where new folders were added, so cant just exclude what is already there.  Is it possible to exclude:

/blah/2/![data]      #ie regex that excludes everything if it isnt the subfolder 'data'.....    note I may have my regex wrong here as it has been a while, but you get the idea!  could be a (^(expr)) that I am looking for...

Am I thinking about this too much?  Am I missing a potentially simple answer to this?

Any sanity check or clarification appreciated!!!!!


4 Replies
Level 14
Report Inappropriate Content
Message 2 of 5

Re: VirusScan *inclusions*... Possible to exclude 'everything but X'

When setting exclusions, there are two wildcard exclusion symbols used in VirusScan Enterprise from version 8.0 onwards:

  • Single asterisk: *
  • Double asterisk: **

The sections below explain how to use these wildcards correctly.

NOTE: Exclusions are not case sensitive, however, if you are using environment variables in the exclusion, it is best practice to type these in lower case.

  • Directory exclusions
    A single asterisk * wildcard can be used to denote single directory names.
        For example, the exclusion: c:\directory1\*\directory2\ would exclude all of the following folders:
    • Trailing backslashes are mandatory for folder exclusions to work successfully.
    • Without the ending backslash VirusScan Enterprise and ePolicy Orchestrator will treat the entry as a file exclusion.
    • If no backslash is used, the Include subfolders option remains grayed out from VirusScan Enterprise 8.8 and ePolicy Orchestrator 4.6.
              Earlier versions would inadvertently allow selecting this option even when no backslash was used.
  • File exclusions
    A single asterisk * wildcard can be used to denote partial filename matches or wildcard extension matches, for example:


Do not use trailing backslashes for filename matches. Failure to do so will result in VirusScan excluding the wrong items. To clarify this important point, examine these two examples:


The first exclusion would be treated as a filename, the second as a directory.

Double Asterisk

  • Directory exclusions
        Double asterisks ** allow a wider folder exclusion called a Multiple Depth Exclusion. These are exclusions where the same target folder name may occur multiple times in subfolders originating from a common folder.
        Example: A thumbnail directory called thumbs can exist under one or more subfolders at any depth in the folder structure of a photo application:
        c:\program files\photo-program\library\animals\thumbs\
        c:\program files\photo-program\library\clothes\tshirts\thumbs\
        c:\program files\photo-program\library\clothes\trousers\thumbs\
        c:\program files\photo-program\library\clothes\trousers\green\thumbs\
        The example below uses a double asterisk to exclude the contents of any folder named thumbs under the library folder of the photo application:
        c:\program files\photo-program\library\**\thumbs\
    NOTE: Include a trailing backslash to ensure that VSE handles thumbs as a folder and not a file.


  • Extension exclusions
        McAfee recommends that you use exclude item by file type to exclude all files with a specific extension, such as those created and used exclusively by a single application. This excludes only the required file types and has the least impact on system performance.
        A common error when configuring exclusions for file extensions is to exclude extensions in the same way as file and folder exclusions. For example, if an application writes data to files with the extensions SRTT and SRTS, it may at first seem logical to create the exclusions below:
        **\*.SRTT (to exclude all files with SRTT extension in any directory or sub-directory)
        **\*.SRTS (to exclude all files with SRTS extension in any directory or sub-directory)
        These exclusions work, but can have a negative impact on performance. A large list of individual exclusions is also more difficult to manage. In this example it is far more efficient to add a new exclusion for SRT only.
        **\*.SRT (exclude all files with an extension starting with SRT in any directory or sub-directory)


    • There is a three-character limit to excluded file extensions.
    • The three-letter extension limitation is automatically enforced when you enter the extension to exclude.
    • All files with extensions starting with SRT will be excluded  despite the three-character limitation. In this example this includes .SRTT and .SRTS.

The question (?) mark is used for single character replacement within filenames and folders. This wildcard character gives you a finer degree control over exclusions.

  • Directory exclusions
        You might need to exclude a series of sequentially named sub-folders without excluding the contents of the parent folder.
        C:\program files\application\cache\tmp1\
        C:\program files\application\cache\tmp2\
        C:\program files\application\cache\tmp3\
        C:\program files\application\cache\tmp4\
        The best method for this exclusion would be to create the exclusion below:
        c:\program files\application\cache\tmp?\
    This excludes any folders below the cache folder that match tmp? (In this example, tmp1, tmp2, tmp3 and tmp4).
  • File extension exclusions
    You can use the wildcard for any of the three characters, so the following would be valid:


While it is possible to use two ? wildcards as shown below, McAfee does not recommend this because the scope of the exclusion is too broad:



Re: VirusScan *inclusions*... Possible to exclude 'everything but X'


1) A little advice, and I am being serious here.  When copying verbatim from a knowledgebase article (one which I have referenced many times, with a copy saved locally - KB50998), I would make it clear that you are indeed doing that. 

2) The KB in question relates to VSE, and not VSEL.  The VSEL documentation specifically mentions regex, whereas VSE documentation does not.  Although the regex examples are quite basic, I was hoping more for a conversation of what was possible

3) Im not seeing how the above article directly relates to my intial question of what is essentially excluded exclusions.  I hold my hands up here, I may be missing something - could you explain?


Level 7
Report Inappropriate Content
Message 4 of 5

Re: VirusScan *inclusions*... Possible to exclude 'everything but X'

Did you ever figure this out? I agree totally with what you said.

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 5

Re: VirusScan *inclusions*... Possible to exclude 'everything but X'

This isn't possible. The product is designed to scan everything except for what you exclude - not the other way around. 

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community