My advise would be to set the proces as a Low risk and leave writing, reading as tick, Open for backup you can leave it ticked or unticked as the files will be scanned when moving across.
If you have problem identifying the process that yo need to set as a low risk, then process monitor is your best friend
thank you. and is it necessary to add the directory on exluding directory or it's not necessary, just add process as a low risk is enough ?
Directory is necessary to add into exclusion other wise McAfee will scan that directory. If you have complete process list and directory than add into low risk as McAfee defined Low Risk for application related exclusion.
Another best option for scanning, remove file on read and opened for back from General policies and select only for Write.
so if I understand, uncheck the scaning mode for read access (and check for write and backup) in default rule ploicies is not a good solution (for securirty reason ?)
Never Uncheck Scan on Read Access. It should not even be an option anymore. Without Scan on Read Access, you might as well not have AV running.
Unchecking read access, 10 years ago, helped performance, but since malware, suchas Conficker has been released in the wild, you must maintain scanning on read access. (It turns out that a program/malware can be downloaded (scan on write, right?) to the hard drive and executed before the Scan on Write is done. Scan on Read catches this and stops the execution as expected.)
So, try to Leave Checked 'Scan on Read' if you possibly can.
Configure High/Low Risk Processes and define your Corporate application as Low Risk Process. Keep checked Scan on Read/Write. Whether you want 'Opened for backup' is optional. Likewise uncheck Scan Archives as they should get scanned on extraction as long as Scan on Read and Write is checked. Also, you may want to define whether ScriptScan is active on your Corporate apps as well under the Low Risk Processes.
Just because you can place your Corporate apps in the Low Risk Processes, doesn't mean that they cannot be co-opted by malware from other sources. Remember to periodically (weekly?) do an On-Demand Scan of these files to reduce the likelyhood of the looser On-Access (low risk) policies missing something.
Using High/Low Risk Processes is designed to provide better security/better performance (respectively) compared to the defaults, giving greater administrator control. But with that greater control means greater administrator responsibility.
Finally, Exclusions (from scanning) should not be done if at all possible; should be rare; and only done if you can directly show a need where High/Low Risk Processes will not work.
Check the Best Practices Guides to read further. Also, WWarren has written some excellent forum discussions on this topic.