Antivirus exceptions for SCCM

Antivirus exceptions for SCCM

Antivirus exceptions for SCCM

Antivirus exceptions for SCCM

I installed recently a SCCM 1702. With the agent, the anti-virus was installed on the different servers and workstations. SCCM now uses the Windows servicing model. It is therefore necessary to configure the exceptions to the levels of the anti-virus scans if you want to avoid certain problems.

What are the exceptions to configure?

Exceptions anti-virus software on ConfigMgr site server

  • %allusersprofile%\NTUser.pol
  • %systemroot%\system32\GroupPolicy\registry.pol
  • %windir%\Security\database\*.chk
  • %windir%\Security\database\*.edb
  • %windir%\Security\database\*.jrs
  • %windir%\Security\database\*.log
  • %windir%\Security\database\*.sdb
  • %windir%\SoftwareDistribution\Datastore\Datastore.edb
  • %windir%\SoftwareDistribution\Datastore\Logs\edb.chk
  • %windir%\SoftwareDistribution\Datastore\Logs\edb*.log
  • %windir%\SoftwareDistribution\Datastore\Logs\Edbres00001.jrs
  • %windir%\SoftwareDistribution\Datastore\Logs\Edbres00002.jrs
  • %windir%\SoftwareDistribution\Datastore\Logs\Res1.log
  • %windir%\SoftwareDistribution\Datastore\Logs\Res2.log
  • %windir%\SoftwareDistribution\Datastore\Logs\tmp.edb
  • Path : \Microsoft Configuration Manager\Inboxes\*.*
  • C:\Windows\TEMP\BootImages
  • C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Bin\sqlservr.exe
  • C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe

File exclusions

  • .mdf
  • .ldf
  • .ndf
  • .bak
  • .trn
  • .trc
  • .sqlaudit
  • .sql

How to configure SCCM

In the SCCM console, click Assets and compliance, and then in endpoint protection, click Antimalware Policies.

Configure antivirus exceptions for SCCM

Open the default rule or other. In the menu click Exclude Settings and then click Set on Excluded files and folders.

Configure antivirus exceptions for SCCM Configure exclusions

Add the exception and click Add. Perform the same operation for the other exceptions. File extensions will be processed later.

Configure antivirus exceptions for SCCM Enter file exception
Configure antivirus exceptions for SCCM Enter file exception

Click OK and then click Set in excluded file type.

Configure antivirus exceptions for SCCM

Add the different exclusions listed above and then click OK.

Configure antivirus exceptions for SCCM

Exceptions are now configured. The policy can now be deployed without a problem.

One thought on “Antivirus exceptions for SCCM

Leave a Reply to TYRA Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.