Knowledge Center

VirusScan Enterprise exclusions for Symantec Backup Exec
Technical Articles ID:   KB68701
Last Modified:  8/24/2016


McAfee VirusScan Enterprise (VSE) 8.x

Symantec Backup Exec


This article provides guidance to implement the suggested settings from the Veritas article General recommendations for virus scanner exclusions working with NetBackup (https://www.veritas.com/support/en_US/article.TECH152328) into VirusScan Enterprise.

Backup programs such as Backup Exec touch a large number of files. This can cause performance issues if each read and write operation triggers a scan by the VirusScan Enterprise On-Access Scanner. This article explains how to add Low Risk Processes policies and exclusions for Backup Exec in VirusScan Enterprise.


Add Low Risk Processes policies and exclusions for Backup Exec, and add Access Protection exclusions for Backup Exec:

  1. Click Start, Programs, McAfee, VirusScan Console.
  2. Double-click On-Access Scanner.
  3. Select All Processes.

    If All Processes is not available, skip to step 6.
  4. Click Processes.
  5. Select Use different settings for high-risk and low-risk processes.
  6. Select Low-Risk Processes.
  7. In the Processes tab, click Add.
  8. Click Browse and navigate to each of the following Low-Risk Processes and click Open:  

    C:\Program Files\Symantec\Backup Exec\beremote.exe
    C:\Program Files\Symantec\Backup Exec\beserver.exe
    C:\Program Files\Symantec\Backup Exec\bengine.exe
    C:\Program Files\Symantec\Backup Exec\benetns.exe 
    C:\Program Files\Symantec\Backup Exec\pvlsvr.exe
    C:\Program Files\Symantec\Backup Exec\BackupExec.exe
    C:\Program Files\Symantec\Backup Exec\backupexecmanagementservice.exe
    C:\Program Files\Symantec\Backup Exec\bedbg.exe
    C:\Program Files\Symantec\Backup Exec\pdvfsservice.exe
    C:\Program Files\Symantec\Backup Exec\spad.exe 
    C:\Program Files\Symantec\Backup Exec\spoold.exe
    C:\Program Files\Symantec\Backup Exec\pddb\bin\pg_ctl.exe 

  9. When all of the above processes have been added, with Low-Risk Processes selected, select the Scan items tab.
  10. Deselect When writing to disk and When reading from disk.  
    IMPORTANT: Be advised that adding processes to the Low Risk profile, and applying step 10 for that profile, means that files accessed by those listed processes are not scanned by the On-Access scanner. Ensure that you only add fully trusted processes to this list.

To exclude Backup Exec paths from scanning:

  1. Click Start, Programs, McAfee, VirusScan Console.
  2. Double-click On-Access Scanner.
  3. Select Default Processes.
  4. In the Exclusions tab, click Exclusions, Add.
  5. Under What to exclude, select By name/location.
  6. Click Browse to select:

    C:\Program Files\Symantec\Backup Exec\

  7. Add two asterisks (**) to the path as wildcards after each path has been added.


    C:\Program Files\Symantec\Backup Exec\**
  8. Select Also exclude subfolders.
  9. Under When to exclude, select On read and On write.

To configure McAfee not to scan files opened for backup:
  1. Click Start, Programs, McAfee, VirusScan Console.
  2. Double-click On-Access Scanner.
  3. Select Default Processes.
  4. In the Scan Items tab, under Scan files, deselect Opened for backup.
  5. Repeat this for Low-Risk Processes and High-Risk Processes.
  6. Click OK.

    NOTE:  Disable the Opened for Backup option on Media Servers and Remote Agents. This can be done locally or using ePolicy Orchestrator.

To configure McAfee to allow Backup Exec to use tftp:
The Access Protection rule "Anti-virus Standard Protection --> Prevent use of tftp.exe" is disabled by default. If it is enabled, the following exclusions must be added:
  1. Click Start, Programs, McAfee, VirusScan Console.
  2. Double-click Access Protection.
  3. Select Anti-virus Standard Protection.
  4. Select Prevent use of tftp.exe, and click Edit.
  5. In the Processes to exclude: box, add the Backup Exec process names separated by a comma:

    BackupExec.exe, beremote.exe, benetns.exe, pvlsvr.exe, bengine.exe, backupexecmanagementservice.exe, beserver.exe, bedbg.exe, pdvfsservice.exe, spad.exe, spoold.exe, pg_ctl.exe  
    For a complete current list of processes to add, see section B, Processes to Exclude in https://www.veritas.com/support/en_US/article.TECH152328

  6. Click OK to save and close both windows.

Rate this document

Beta Translate with

Select a desired language below to translate this page.


This article is available in the following languages:

English United States

Glossary of Technical Terms

 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.