Showing results for 
Search instead for 
Did you mean: 
Level 7

VSE exceptions


I am getting flustered with VSE exceptions and really hoping for some help. For example, according to MS when running IIS I should have the following excluded:

Process Exclusions

  • %systemroot%\system32\inetsrv\w3wp.exe
  • %systemroot%\SysWOW64\inetsrv\w3wp.exe

Should I put them in low risk or default on scan exclusions? Do I need to specify the path?

Is there a McAfee document that would have all exclusions gathered according to its liking, high, low risk, default? Microsoft sent me to McAfee, McAfee sends me to Microsoft….

BTW my low risk excludes read and write scan.

Thank you

0 Kudos
1 Reply
Level 7

Re: VSE exceptions

Hello Aneta,

     I want to simplify the On-Access Scanner categories for you.  For this explanation, please think about Low, High, And Default as Categories 1(Low), 2(High), and Catch-All(Default).  The Process list is what determines what category VSE will apply.  In your problem, you will want to put w3wp.exe in Category 1 (Low).  Now, ANYTHING that process does, VSE will scan it in accordance to how Category 1 is configured.  So, if you turn off every option under "Scan Items", you essentially just whitelisted w3wp.exe.  If your security model accepts this approach, then no exclusions are needed.  Should you need to enable scanning options under "Scan Items", then you will want to add the exclusions to that categories Exclusions section.

Recommended reading:

Consolidated list of VirusScan Enterprise exclusion articles

Technical Articles ID:  KB66909

How to manage file and folder exclusions in VirusScan Enterprise 8.x using wildcards

Technical Articles ID:  KB50998

Understanding High-Risk, Low-Risk, and Default processes configuration and usage

Technical Articles ID:  KB55139



0 Kudos