Kaseya Community

Home » Discussion Forums » Scripts & Agent Procedures » Symantec Exclusion

Learn more about how AuthAnvil can protect and enhance your Kaseya experience

Similar Posts

Symantec 10 Radmin exclusions

by
on Nov 28, 2006

Exclusions (Server)

by
on Jul 19, 2009

KES - Exclusions

by
on Nov 28, 2007

Exporting Exclusions

by
on Oct 12, 2016

Exclusions Not Working

by
on Dec 21, 2016
Details
  • 1 Reply
  • 0 Subscribers
  • Postedover 11 years ago

Symantec Exclusion

  • LegacyPoster
    Posted by
    on Dec 24, 2008 5:40 PM
    I am looking to right a script so that in symantec multi tier (corperate edition, endpoint) I can exclude files and folders. i.e. I want to use radmin on all sites but it flags up a warning message every day that its been found, alotugh it does nothing about it. I dont want this to come up on all of my customers sites.

    Legacy Forum Name: Symantec Exclusion,
    Legacy Posted By Username: Dean Osborne
  • LegacyPoster
    Posted by
    on Dec 30, 2008 6:22 AM
    The locations to exclude are located in the registry. The easiest way to achiving this is to create a .reg file which includes all the files/folders to be excluded.

    script:

    
Script Name: SAV Exclude Directories WKS
    
Script Description: This script configures Symantec AV to excluded listed directories from scanning.
    

    
IF True 
    
THEN
    
   Set Registry Value
    
     Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\Storages\Filesystem\RealTimeScan\ExcludedByExtensions
    
     Parameter 2 : 1
    
     Parameter 3 : REG_DWORD
    
         OS Type : 0
    
   Get Variable
    
     Parameter 1 : 10
    
     Parameter 2 : 
    
     Parameter 3 : Agent
    
         OS Type : 0
    
   Write File
    
     Parameter 1 : #Agent#\NoScan.reg
    
     Parameter 2 : VSASharedFiles\SAVNoScan.reg
    
         OS Type : 0
    
   Execute Shell Command
    
     Parameter 1 : c:\windows\regedit.exe /s #Agent#\SAVNoScan.reg
    
     Parameter 2 : 1
    
         OS Type : 0
    
ELSE


    .reg file would look something like this:

    
Windows Registry Editor Version 5.00
    

    
[HKEY_LOCAL_MACHINE\SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion\Storages\Filesystem\RealTimeScan\NoScanDir]
    
@=dword:00000000
    
"c:\\program files\\logitech\\setpoint\\x86"=dword:00000001


    Your best bet for the registry file is to manually add the files/folders on one computer, then export the key.

    Also, this is likely to only work for unmanaged SAV clients. Managed SAV clients may get this information from the parent server.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Lmhansen