Encryption: How to exclude the Endpoint Encryption File System from an anti-virus on-access scanner

Summary

Under certain conditions, an anti-virus scanner can lock the Endpoint Encryption File System. This can cause data corruption as Endpoint Encryption attempts to to write data to the file system. To avoid this, exclude the Endpoint Encryption File System from scanning.

Configure the On-Access Scanner to exclude the Endpoint Encryption File System located in \Device\SafeBootFSVolumes\Disk0\

McAfee VirusScan Enterprise 8.0i/8.5i:

 

 

  1. Open the VirusScan Console.
  2. Right click On-Access Scanner and select Properties.
  3. In the left pane, select All Processes.
  4. In the right pane, click the Detection tab.
  5. Click Exclusions.
  6. Click Add.
  7. In the What to exclude field, type the location of the folder to exclude: \Device\SafeBootFSVolumes\Disk0\
  8. Select the option Also exclude subfolders.
  9. Click OK to close the Add dialog.
  10. Click OK to close the Exclusions dialog.
  11. Click Apply then close the VirusScan On-Access Properties dialog.

 

McAfee VirusScan Enterprise 8.7i:

  1. Open the VirusScan Console.
  2. Right click On-Access Scanner and select Properties.
  3. In the left pane, select Default Processes.
  4. In the right, pane click the Exclusions tab.
  5. Click Exclusions.
  6. Click Add.
  7. In the What to exclude section, type the location of the folder to exclude: \Device\SafeBootFSVolumes\Disk0\
  8. Select the option Also exclude subfolders.
  9. Click OK to close the Add dialog.
  10. Click OK to close the Set Exclusions dialog.
  11. Click Apply then close the On-Access Properties dialog.

For other Anti-Virus applications please consult the application help function for instructions on setting folder exclusions.

 

Reviewed 22/12/2014

Posted in Encryption, Services, Support and tagged , , , .