Antivirus exclusions not working

I’m having some vexing exclusion issues with antivirus disregarding the exclusions I’m setting up via File Groups. Even if I specify the path down to the file AV will block or quarantine it. Is there a way to actually enforce exclusions so the files within the excluded folders are not tampered with? I’m having this problem with a handful of endpoints, but for troubleshooting purposes I’m focusing on one that’s running Client Security

2018-10-17 07_49_00-IT and Security Manager - File Groups Variables.jpg

@wayne.clement ,

We thank you for bringing this to our attention. The Comodo Client Security version needs to be updated to from the machine you mentioned. The special exclusions (*) you made is designed to indeed exclude the contents of the entire folder (except the last line) This should work unless there is a parent process that resides on a different location that might not yet be excluded or the profile is not yet propagated on the devices. We’ll create a support ticket to further assist you with the whitelisting process.

Hello @wayne.clement
In addition to what @Jimmy mentioned, I would like to add the following advice when you make changes to the File Groups. Any changes you make in the ‘whitelist file group’ will NOT propagate automatically to the profiles that include it. You will need to ‘re-deploy’ the Profile. Re-deploy here entails making a simple change on the Profile and saving it. Then undoing the previous change and saving it again.

Thanks Rick, I believe that’s what was causing the problem. Thank you everyone for your help!

Hi Rick, I didn’t know that the profile would need to be redeployed this is good to know. What is the best way to redeploy the profile without running into issues?

Hi @libretech
Simply make a change in a setting that does not put the endpoints in a ‘disadvantage’ and then revert it back after a few minutes.

@Rick_C Ok I thought you meant to remove the profile from the machines and then add the profile back.

That’s one way to do it also @libretech