My first real “Tuesday Technical Tip”:
I’m currently using Microsoft Security Essentials on some machines on one site, with quite favourable results so far.
From the GUI there is no way to exclude network paths from real time scanning. On these machines I want to exclude certain network files which hold my playout system audio and databases.
The answer lies on this Microsoft page
You can do this via the registry, by editing this registry key :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\Exclusions\Paths
Right click > New DWord value
Set the value to be 0
Set the name to be the share you are trying to exclude.
\\server\share : 0
Also here you’ll find the file type exclusions. I set up exclusions as per my playout system vendors recommendations.
The Microsoft page states you may have to change the permissions on the key by taking the ownership of the key from advanced tab and give write permissions to yourself.
This appears true – I exported the relevant keys to a reg file to import into other workstations, but had to first use regedit to edit the permissions to give me write access.
Page edited 2nd June 2020 to replace dead link to archive.org version (note the whole content of this post from 2010 is likely obsolete – use the information at your own discretion.)
BH
October 4, 2012 — 8:02 pm
Not sure when it was added but the latest version of Microsoft Security Essentials does allow adding these paths via the GUI.
StygianAgenda
August 27, 2015 — 9:52 pm
While “BH” is absolutely correct in his statement, how the GUI behaves for performing additional exclusions is dependent upon whether a system is a stand-alone machine, or if it is a policy managed domain member. My case is the latter.
Due to being a domain member, the GUI controls for adding exclusions is greyed out, and unresponsive. So, I used your example and added the exclusion I needed (D:\VMs\) to the registry, manually. So far though, it’s not showing up within the GUI, even after rebooting. I’ll play around with this a bit and see what I can come up with. It may end up requiring me to submit a ticket to get my systems added to a separate policy group that allows for control of the scan-exclusions… I probably need to do that anyway, because our TS team is using both McAfee VSCan Enterprise along with Microsoft ‘System Center Endpoint Protection’ (the enterprise version of Security Essentials), and it may very well be that either my VM folder is being caught up by one, the other, or both.