Did configure the VSE Exchange Exclusions???
I reckon it must be the different path that causes Virusscan to not match exclusion against the file path it receives from the operating system. Your exclusion could be someting like \Exchsrv\(something)\*.* and this is not matching against \Device\Harddisk\etc.
Try using a more general relative exclusion like **\folder1\folder2\file or exclude based on filename pattern or type (*.log ,for example) so it does not contain any absolute path. I recommend you review KB54812 in this respect, and also exclusions master article https://kc.mcafee.com/corporate/index?page=content&id=KB66909&actp=search&viewlo cale=en_US&searchid=1300724040418
For Exchange exclusions please review: https://kc.mcafee.com/corporate/index?page=content&id=KB51471&actp=search&viewlo cale=en_US&searchid=1300724040418
I actually put the exclusion for my L: drive and \Device\Harddisk\etc actually one of my folder within L drive. What is surprising VSE still scanning within my L drive. I already checked log file %VSEDEFLOGDIR% however couldn't any prove that state scanning was perform. However on the Virus Scan show event scanning files within L drive.
Very very strange..Please advice me on this.
There is VirusScan Profiler 1.1 to see which files are most scanned. It enables making statistics on top X file scanned. However I'm not sure how big a value you can enter in the filtering field to see deep enough, and thus you may not see whether that particular file is being scanned or not that you are interested in. Nevertheless you can download it from McAfee portal it may come handy later on.
A quick and dirty way of making VirusScan log all files that it scan is by making this registry change:
VSE8.5/8.7 - HKLM\SOFTWARE\McAfee\VSCore\VerboseLogging
bLogToFile : REG_DWORD : 0 = off, 1 =on
szLogFileName : REG_SZ : filename
bLimitSize : REG_DWORD : 0 = no size limit, 1 = file size is limited
dwMaxLogSizeMB : REG_DWORD : max file size in megabytes
LogFileFormat : REG_DWORD : 0 = ANSI, 1=UTF8, 2=UTF16.
Stop/Restart McShield service to make changes.
When you experience the issue, open OnAccessScanLog.txt file and see if the files that you wanted to exclude were being scanned actually (with their actualy path that may or may not matches path used in your exclusion).
Revert the registry changes back to where they were previously once you are ready with testing.