When an user manually start an On-demand Scan using the Start/Programs/McAfee/On-demand Scan menu it will use a default configuration which is present on the regkey HKEY_Current_User\Software\McAfee\DesktopProtection\DefaultTask. So far as I know at this time you cannot manage this setting via ePO. So this seems to me a good FMR (feature modification request) that you can suggest to McAfee for a future version of the product. More information about how to submit FMR is available at https://kc.mcafee.com/corporate/index?page=content&id=KB60021&actp=search&search id=1274046397150
A ***workaround that should help you is below:
*** So far as I know McAfee does not support registry tampering, so, please test this in your lab before implementing it in your production environment, because this implementation is at your own risk.
In a test machine:
1. Click Start/Programs/McAfee/On-Demand Scan.
2. Change the settings according to your needs (including all of the exclusions that you want to deploy to other systems).
3. When you are done click on the button named "Save as Default".
4. Open the regedit.exe
5. Right click on the regkey "HKEY_Current_User\Software\McAfee\DesktopProtection\DefaultTask" and click "Export". Give name and save it in a temp folder. Note that the format of this file is .REG.
6. Run this .reg file on the systems that you need to deploy this custom configuration. There are a couple of methods to deploy it like:
- Using Group Policies;
- Batch files/scripts
- 3rd tools.
7. Once you have imported this .reg file to another machine running Virusscan, check on this other machine if your exclusions were loaded correctly when you launch a manual On-Demand Scan via Start/programs/McAfee/On-demand Scan.
Hope this helps.