cancel
Showing results for 
Search instead for 
Did you mean: 
susja
Level 10
Report Inappropriate Content
Message 1 of 8

Exclude some directories from scanning

Jump to solution


Hello,

I'm using VirusScan Enterprise 8.8.

I'm using command line of it and I start it by running batch file. Now I need to exclude 2 directories from scan because they have encrypted files and it breaks my parser.

I'm using this line and it works for me:

scan32.exe" /Task {ED73BEB7-1E8F-45AC-ABBC-A749AF6E2710}  %* /ANALYZE   /MANY /ALL /CLEAN /DAM /NC /NOEXPIRE /PLAD /PROGRAM /SUB /STREAMS /UNZIP /THREADS=4 /TIMEOUT=15 /APPEND  /AUTOEXIT

I have to exclude these 2 directories:

d:\Tecan Installation Files\*  and c:\Windows\SoftwareDistribution\Download\*

I changed my line to this:

scan32.exe" /Task {ED73BEB7-1E8F-45AC-ABBC-A749AF6E2710}  %* /ANALYZE /EXCLUDE d:\Tecan Installation Files\* c:\Windows\SoftwareDistribution\Download\*  /MANY /ALL /CLEAN /DAM /NC /NOEXPIRE /PLAD /PROGRAM /SUB /STREAMS /UNZIP /THREADS=4 /TIMEOUT=15 /APPEND  /AUTOEXIT

My question:

Should it work? Is my syntax correct to provide the path to directory using option /EXCLUDE ?

Thanks in advance

1 Solution

Accepted Solutions

Re: Exclude some directories from scanning

Jump to solution

susja wrote:



I'm using this line and it works for me:


scan32.exe" /Task {ED73BEB7-1E8F-45AC-ABBC-A749AF6E2710}  %* /ANALYZE   /MANY /ALL /CLEAN /DAM /NC /NOEXPIRE /PLAD /PROGRAM /SUB /STREAMS /UNZIP /THREADS=4 /TIMEOUT=15 /APPEND  /AUTOEXIT


I have to exclude these 2 directories:


d:\Tecan Installation Files\*  and c:\Windows\SoftwareDistribution\Download\*


Alternatively, you will need to define the exclusions in the actual job.

Step 1) Look up in the registry

     [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection\Tasks\{ED73BEB7-1E8F-45AC-ABBC-A749AF6E2710}]

     "szTaskName"="On-Demand Scan"

The name (On-Demand Scan) will vary depending on your unique system.  This identifies which job to modify in step 2.

Step 2) Open the VirusScan Console

     Add the exclusions to "On-Demand Scan" (or the named job you found based on {ED73BEB7-1E8F-45AC-ABBC-A749AF6E2710}] in step 1)

You will need to try and exclude:

d:\Tecan Installation Files\

c:\Windows\SoftwareDistribution\Download\

or possibly:

d:\Tecan Installation Files\**

c:\Windows\SoftwareDistribution\Download\**

Hope this is Helpful.

Ron Metzger

7 Replies
susja
Level 10
Report Inappropriate Content
Message 2 of 8

Re: Exclude some directories from scanning

Jump to solution

Well ... I just tried and it did not work i.e. it still scanned those directories

Is my syntax wrong?

Any suggestion?

Thanks

susja
Level 10
Report Inappropriate Content
Message 3 of 8

Re: Exclude some directories from scanning

Jump to solution

Again ... I put those 2 directories I have to exclude into text file and provided this option:

scan32.exe ..... /EXCLUDE C:\McAfee\Exclude.txt ...

But it didn't work again.

Any ideas?

Re: Exclude some directories from scanning

Jump to solution

susja wrote:



Again ... I put those 2 directories I have to exclude into text file and provided this option:


scan32.exe ..... /EXCLUDE C:\McAfee\Exclude.txt ...


But it didn't work again.


Any ideas?



Try:

scan32.exe ..... /EXCLUDE=C:\McAfee\Exclude.txt ...

Then, inside Exclude.txt

d:\Tecan Installation Files\

c:\Windows\SoftwareDistribution\Download\

or possibly:

d:\Tecan Installation Files\**

c:\Windows\SoftwareDistribution\Download\**

Let us know how this works (and which one works).

Ron Metzger

Re: Exclude some directories from scanning

Jump to solution

susja wrote:



I'm using this line and it works for me:


scan32.exe" /Task {ED73BEB7-1E8F-45AC-ABBC-A749AF6E2710}  %* /ANALYZE   /MANY /ALL /CLEAN /DAM /NC /NOEXPIRE /PLAD /PROGRAM /SUB /STREAMS /UNZIP /THREADS=4 /TIMEOUT=15 /APPEND  /AUTOEXIT


I have to exclude these 2 directories:


d:\Tecan Installation Files\*  and c:\Windows\SoftwareDistribution\Download\*


Alternatively, you will need to define the exclusions in the actual job.

Step 1) Look up in the registry

     [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection\Tasks\{ED73BEB7-1E8F-45AC-ABBC-A749AF6E2710}]

     "szTaskName"="On-Demand Scan"

The name (On-Demand Scan) will vary depending on your unique system.  This identifies which job to modify in step 2.

Step 2) Open the VirusScan Console

     Add the exclusions to "On-Demand Scan" (or the named job you found based on {ED73BEB7-1E8F-45AC-ABBC-A749AF6E2710}] in step 1)

You will need to try and exclude:

d:\Tecan Installation Files\

c:\Windows\SoftwareDistribution\Download\

or possibly:

d:\Tecan Installation Files\**

c:\Windows\SoftwareDistribution\Download\**

Hope this is Helpful.

Ron Metzger

c14us
Level 7
Report Inappropriate Content
Message 6 of 8

Re: Exclude some directories from scanning

Jump to solution

Well I've never excluded other than via policies in ePO, and here there are an important diffenrce between files and folders. It could be the same for the command syntax, try it anyway

Folders should end with a \

Files end with other symbols

ex.

When you define c:\Windows\SoftwareDistribution\Download\* you exclude files. When you use c:\Windows\SoftwareDistribution\Download\ it's interpretiated as an folder.

Regards

susja
Level 10
Report Inappropriate Content
Message 7 of 8

Re: Exclude some directories from scanning

Jump to solution

Thank you both for suggestion.

I don't run ePO hence I have to do it myself on each PC (but only once)

First I tried to use /EXCLUDE and it didn't work for me no matter for syntax I used. I'm using scan32.exe which comes with VS Enterprise. On other discussion someone mentioned that it's not 'formally' supported to run from command line. For that reason McAfee has another component to use. In my case I could not get it hence I'm using what I have. I'm using it and provide options like ... /ANALYZE   /MANY /ALL /CLEAN /DAM /NC /NOEXPIRE ... and it works for me.

That's why I'm not surprised that this /EXCLUDE option didn't work for me.

Using alternative suggestion and providing files I want to exclude in the VS console in Exclusion Tab worked for me. Thanks for that suggestion. I'm all set now.

Just for my curiousity: When I did full scan I noticed a few file that were not scanned because McAfee said they are encrypted. All those file I put in 'exclusion' list to avoid to see that messages BUT in general: why someone wants to exclude something? Isn't it better to scan everything that could be scanned?

Thanks

c14us
Level 7
Report Inappropriate Content
Message 8 of 8

Re: Exclude some directories from scanning

Jump to solution

Just for my curiousity: When I did full scan I noticed a few file that were not scanned because McAfee said they are encrypted. All those file I put in 'exclusion' list to avoid to see that messages BUT in general: why someone wants to exclude something? Isn't it better to scan everything that could be scanned?

 

Yes. In the perfect world everything should be scanned. But VSE do have to get it's hand on all files by a layered technic, and will cause some interference and slowdown, no matter what design you'll make. So to keep stability and performance of OS and applications it's unfortunately a necessity to exclude some data