Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
1795 Views 1 Reply Latest reply: Sep 2, 2013 5:43 AM by nick.marchini RSS
alexfav Newcomer 1 posts since
Aug 29, 2013
Currently Being Moderated

Aug 29, 2013 4:08 AM

SCCM 2012 exclusions for VirusScan Enterprise

Hi, I'm having some issues with VSE on a Windows 2008 R2 server hosting SCCM 2012. Every morning the MCShield service spikes to between 90 and 100% CPU utilisation, which I'm guessing is due to something being missed in the folder/file type exclusion list for the server. Does anyone have a definitive list of what should be excluded on this type of server?

  • nick.marchini Newcomer 3 posts since
    Aug 22, 2013
    Currently Being Moderated
    1. Sep 2, 2013 5:45 AM (in response to alexfav)
    Re: SCCM 2012 exclusions for VirusScan Enterprise

    There is a list here https://blogs.technet.com/b/systemcenterpfe/archive/2013/01/11/updated-system-ce nter-2012-configuration-manager-antivirus-exclusions-with-more-details.aspx?Redi rected=true

     

    Scroll down to the section titled "General Antivirus Exclusions and Additional Information for System Center 2012 Configuration Manager Endpoint Protection"

     

    General Antivirus Exclusions and Additional Information for System Center 2012 Configuration Manager Endpoint Protection

    Additionally per my other post showing how to import various templates for different servers, here is the general list of file/folder exclusions exported from the Endpoint Protection System Center 2012 Configuration Manager template"

    %allusersprofile%\NTUser.pol
    %systemroot%\system32\GroupPolicy\registry.pol
    %windir%\Security\database\*.chk
    %windir%\Security\database\*.edb
    %windir%\Security\database\*.jrs
    %windir%\Security\database\*.log
    %windir%\Security\database\*.sdb
    %windir%\SoftwareDistribution\Datastore\Datastore.edb
    %windir%\SoftwareDistribution\Datastore\Logs\edb.chk
    %windir%\SoftwareDistribution\Datastore\Logs\edb*.log
    %windir%\SoftwareDistribution\Datastore\Logs\Edbres00001.jrs
    %windir%\SoftwareDistribution\Datastore\Logs\Edbres00002.jrs
    %windir%\SoftwareDistribution\Datastore\Logs\Res1.log
    %windir%\SoftwareDistribution\Datastore\Logs\Res2.log
    %windir%\SoftwareDistribution\Datastore\Logs\tmp.edb
    %programfiles%\Microsoft Configuration Manager\Inboxes\*.* (shortened list for blog sake)
    %programfiles(x86)%\Microsoft Configuration Manager\Inboxes\*.* (shortened list for blog sake)

    These entries above were taken directly from one of the included templates in System Center 2012 Configuration Manager

     

    Message was edited by: nick.marchini on 9/2/13 5:45:45 AM CDT

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points