Recommended file and folder exclusions for Microsoft Forefront Client Security, Forefront Endpoint Protection 2010, and Microsoft System Center 2012 Endpoint Protection
Content provided by Microsoft
Applies to: Microsoft Forefront Client SecuritySystem Center 2012 Endpoint Protection
Microsoft Forefront Client Security, Forefront Endpoint Protection 2010, and Microsoft System Center 2012 Endpoint Protection scan the files and folders on your computer for malicious programs that are known as malware. By default, all files and folders are included when the programs scan your computer. However, you can configure Forefront Client Security, Forefront Endpoint Protection 2010, and System Center 2012 Endpoint Protection to skip certain files or folders when they scan the computer. We recommend that you do not perform a malware scan on the files for certain programs or for operating system roles. This is to help prevent the following issues:
An antimalware program could incorrectly determine that a program file is malware. This would be considered to be a false positive.
The antimalware scan operation could decrease performance for a particular program when that program tries to access its program files.
This article contains links to articles and to websites that identify files and folders for certain Microsoft products. We recommend that you exclude these files and folders from Forefront Security and System Center 2012 Endpoint Protection scan operations.
Note The information in this article also applies to other antivirus or antimalware programs that you may use. Also, if you run an antivirus or antimalware program on a computer that is running a third-party program or service, we recommend that you contact the program vendor. The program vendor can help determine whether certain files or folders should be excluded from antivirus or antimalware scan operations.
The following sections contain information about the files and folders that we recommend be excluded from scanning by antimalware programs. The information is categorized by the operating system role or by program name.