Antivirus exceptions for SCCM
Antivirus exceptions for SCCM
I installed recently a SCCM 1702. With the agent, the anti-virus was installed on the different servers and workstations. SCCM now uses the Windows servicing model. It is therefore necessary to configure the exceptions to the levels of the anti-virus scans if you want to avoid certain problems.
What are the exceptions to configure?
Exceptions anti-virus software on ConfigMgr site server
- %allusersprofile%\NTUser.pol
- %systemroot%\system32\GroupPolicy\registry.pol
- %windir%\Security\database\*.chk
- %windir%\Security\database\*.edb
- %windir%\Security\database\*.jrs
- %windir%\Security\database\*.log
- %windir%\Security\database\*.sdb
- %windir%\SoftwareDistribution\Datastore\Datastore.edb
- %windir%\SoftwareDistribution\Datastore\Logs\edb.chk
- %windir%\SoftwareDistribution\Datastore\Logs\edb*.log
- %windir%\SoftwareDistribution\Datastore\Logs\Edbres00001.jrs
- %windir%\SoftwareDistribution\Datastore\Logs\Edbres00002.jrs
- %windir%\SoftwareDistribution\Datastore\Logs\Res1.log
- %windir%\SoftwareDistribution\Datastore\Logs\Res2.log
- %windir%\SoftwareDistribution\Datastore\Logs\tmp.edb
- Path : \Microsoft Configuration Manager\Inboxes\*.*
- C:\Windows\TEMP\BootImages
- C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Bin\sqlservr.exe
- C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
File exclusions
- .mdf
- .ldf
- .ndf
- .bak
- .trn
- .trc
- .sqlaudit
- .sql
How to configure SCCM
In the SCCM console, click Assets and compliance, and then in endpoint protection, click Antimalware Policies.
Open the default rule or other. In the menu click Exclude Settings and then click Set on Excluded files and folders.
Add the exception and click Add. Perform the same operation for the other exceptions. File extensions will be processed later.
Click OK and then click Set in excluded file type.
Add the different exclusions listed above and then click OK.
Exceptions are now configured. The policy can now be deployed without a problem.
One thought on “Antivirus exceptions for SCCM”
thank you very much for trips and how