Scan Exclusion Lists | Trend Micro

Scan Exclusion List for Security Agents

This exclusion list contains all of the Trend Micro products that are, by default, excluded from scanning.

Security Agent Exclusion List

Product Name	Installation Path Location
InterScan eManager 3.5x	`HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\InterScan eManager\CurrentVersion` `ProgramDirectory=`
ScanMail eManager (ScanMail for Microsoft Exchange eManager) 3.11, 5.1, 5.11, 5.12	`HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Microsoft Exchange eManager\CurrentVersion` `ProgramDirectory=`
ScanMail for Lotus Notes (SMLN) eManager NT	`HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Lotus Notes\CurrentVersion` `AppDir=` `DataDir=` `IniDir=`
InterScan Web Security Suite (IWSS)	`HKEY_LOCAL_MACHINE\Software\TrendMicro\Interscan Web Security Suite` `Program Directory= C:\Program Files\Trend Micro\IWSS`
InterScan WebProtect	`HKEY_LOCAL_MACHINE SOFTWARE\TrendMicro\InterScan WebProtect\CurrentVersion` `ProgramDirectory=`
InterScan FTP VirusWall	`HKEY_LOCAL_MACHINE SOFTWARE\TrendMicro\ InterScan FTP VirusWall\CurrentVersion` `ProgramDirectory=`
InterScan Web VirusWall	`HKEY_LOCAL_MACHINE SOFTWARE\TrendMicro\ InterScan Web VirusWall\CurrentVersion` `ProgramDirectory=`
InterScan E-Mail VirusWall	`HKEY_LOCAL_MACHINE SOFTWARE\TrendMicro\ InterScan E-Mail VirusWall\CurrentVersion` `ProgramDirectory={Installation Drive}:\INTERS~1`
InterScan NSAPI Plug-In	`HKEY_LOCAL_MACHINE SOFTWARE\TrendMicro\ InterScan NSAPI Plug-In\CurrentVersion` `ProgramDirectory=`
InterScan E-Mail VirusWall	`HKEY_LOCAL_MACHINE SOFTWARE\TrendMicro\ InterScan E-Mail VirusWall \CurrentVersion` `ProgramDirectory=`
IM Security (IMS)	`HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\IM Security\CurrentVersion` `HomeDir=` `VSQuarantineDir=` `VSBackupDir=` `FBArchiveDir=` `FTCFArchiveDir=`
ScanMail for Microsoft Exchange (SMEX)	`HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Microsoft Exchange\CurrentVersion` `TempDir=` `DebugDir=` `HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Microsoft Exchange\RealTimeScan\ScanOption` `BackupDir=` `MoveToQuarantineDir=` `HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Microsoft Exchange\RealTimeScan\ScanOption\Advance` `QuarantineFolder=` `HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Microsoft Exchange\RealTimeScan\IMCScan\ScanOption` `BackupDir=` `MoveToQuarantineDir=` `HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Microsoft Exchange\RealTimeScan\IMCScan\ScanOption\Advance` `QuarantineFolder=`
ScanMail for Microsoft Exchange (SMEX)	`HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Microsoft Exchange\ManualScan\ScanOption` `BackupDir=` `MoveToQuarantineDir=` `HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Microsoft Exchange\QuarantineManager` `QMDir=` `Get exclusion.txt file path from HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Microsoft Exchange\CurrentVersion\HomeDir` `Go to HomeDir path (for example, C:\Program Files\Trend Micro\Messaging Security Agent\)` `Open exclusion.txt` `C:\Program Files\Trend Micro\Messaging Security Agent\Temp\` `C:\Program Files\Trend Micro\Messaging Security Agent\storage\quarantine\` `C:\Program Files\Trend Micro\Messaging Security Agent\storage\backup\` `C:\Program Files\Trend Micro\Messaging Security Agent\storage\archive\` `C:\Program Files\Trend Micro\Messaging Security Agent\SharedResPool`

Scan Exclusion Lists for Messaging Security Agent (Advanced Only)

By default, when the Messaging Security Agent is installed on a Microsoft Exchange server (2000 or later) it will not scan Microsoft Exchange databases, Microsoft Exchange log files, Virtual server folders, or the M:\ drive. The exclusion list is saved in:

HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc.

ExcludeExchangeStoreFiles=C:\Program
                     Files\Exchsrvr\mdbdata\

priv1.stm|C:\Program
                     Files\Exchsrvr\mdbdata\

priv1.edb|C:\Program
                     Files\Exchsrvr\mdbdata\

pub1.stm|C:\Program
                     Files\Exchsrvr\mdbdata\pub1.edb

ExcludeExchangeStoreFolders=C:\Program
                     Files\Exchsrvr\mdbdata\

|C:\Program Files\Exchsrvr\Mailroot\vsi
                     1\Queue\

|C:\Program Files\Exchsrvr\Mailroot\vsi
                     1\PickUp\

|C:\Program Files\Exchsrvr\Mailroot\vsi
                     1\BadMail\

For other Microsoft Exchange recommended folders, please add them to scan exclusion list manually. See http://support.microsoft.com/kb/245822/.

SBS 2003 Exclusions

For SBS 2003, manually add the following:

Microsoft Exchange exclusions
Microsoft Exchange Server Database	`C:\Program Files\Exchsrvr\MDBDATA`
Microsoft Exchange MTA files	`C:\Program Files\Exchsrvr\Mtadata`
Microsoft Exchange Message tracking log files	`C:\Program Files\Exchsrvr\server_name.log`
Microsoft Exchange SMTP Mailroot	`C:\Program Files\Exchsrvr\Mailroot`
Microsoft Exchange working files	`C:\Program Files\Exchsrvr\MDBDATA`
Site Replication Service	`C:\Program Files\Exchsrvr\srsdata` `C:\Program Files\Exchsrvr\conndata`

IIS Exclusions
IIS System Files	`C:\WINDOWS\system32\inetsrv`
IIS Compression Folder	`C:\WINDOWS\IIS Temporary Compressed Files`

Domain Controller Exclusions
Active Directory database files	`C:\WINDOWS\NTDS`
SYSVOL	`C:\WINDOWS\SYSVOL`
NTFRS Database Files	`C:\WINDOWS\ntfrs`

Windows SharePoint Services Exclusions
Temporary SharePoint folder	`C:\windows\temp\FrontPageTempDir`

Client Desktop Folder Exclusions
Windows Update Store	`C:\WINDOWS\SoftwareDistribution\DataStore`

Additional Exclusions
Removable Storage Database (used by SBS Backup)	`C:\Windows\system32\NtmsData`
SBS POP3 connector Failed Mail	`C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\Failed Mail`
SBS POP3 connector Incoming Mail	`C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\Incoming Mail`
Windows Update Store	`C:\WINDOWS\SoftwareDistribution\DataStore`
DHCP Database Store	`C:\WINDOWS\system32\dhcp`
WINS Database Store	`C:\WINDOWS\system32\wins`