Posts Tagged Virus scanning recommendations for Windows OS

Virus scanning recommendations for Windows OS

Posted by on Thursday, 8 April, 2010

Virus scanning recommendations for computers that are running currently supported versions of Windows

Turn off scanning of Windows Update or Automatic Update related files

  • Turn off scanning of the Windows Update or Automatic Update database file (Datastore.edb). This file is located in the following folder:

%windir%\SoftwareDistribution\Datastore

  • Turn off scanning of the log files that are located in the following folder:

%windir%\SoftwareDistribution\Datastore\Logs

Specifically, exclude the following files:

  • Res*.log
  • Res*.jrs
  • Edb.chk
  • Tmp.edb

The wildcard character (*) indicates that there may be several files.

Turn off scanning of Windows Security files

  • Add the following files in the %windir%\Security\Database path of the exclusions list:
    • *.edb
    • *.sdb
    • *.log
    • *.chk
    • *.jrs

Note If these files are not excluded, antivirus software may prevent proper access to these files, and security databases can become corrupted. Scanning these files can prevent the files from being used or may prevent a security policy from being applied to the files. These files should not be scanned because antivirus software may not correctly treat them as proprietary database files.

Turn off scanning of Group Policy related files

  • Group Policy user registry information. These files are located in the following folder:

%allusersprofile%\

Specifically, exclude the following file:

NTUser.pol

  • Group Policy client settings file. This file is located in the following folder:

%Systemroot%\System32\GroupPolicy\

Specifically, exclude the following file:

Registry.pol

For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:

951059 (http://support.microsoft.com/kb/951059/ ) On a Windows Server 2003-based computer, registry-based policy settings are unexpectedly removed after a user logs on to the computer

930597 (http://support.microsoft.com/kb/930597/ ) Some registry-based policy settings are lost and error messages are logged in the Application log on a Windows XP-based computer or on a Windows Vista-based computer