Example (single profile)	Risk
You want to exclude C:\MyFolder from being scanned for: Read + Write + Subfolders.	Any process can Read data and Write data to C:\MyFolder, or its subfolders. NOTE: There is nothing to prevent subfolders from being created if they do not exist, and no scan occurs for those operations. This type of exclusion carries a high amount of risk with it.
You want to exclude C:\MyFolder from being scanned for: Read + Write.	Any process can Read data and Write data to C:\MyFolder, and no scan occurs for those operations. This type of exclusion carries a moderate amount of risk with it.

The amount of risk for the exclusions in these examples is impossible to quantify. But, the high and moderate qualitative assessments are provided as a guide.

You can make the above exclusions much more secure by taking advantage of the additional scanning profiles that VirusScan has available. These profiles are called High-Risk Processes and Low-Risk Processes, plus you still have the Default profile. The actual names of these profiles are to help you understand their intended use. The details of their configuration are entirely under your control.

When you choose to configure different scanning policies for high-risk, low-risk, and default processes, you expand VirusScan's ability to decide what to scan and what not to scan. You gain two more scanning profiles, which add flexibility to reduce the risk of having an exclusion.

The profiles contain lists of process names. The Default profile has no list, which means any process not defined in the high risk or low risk list is treated as a member of the Default processes profile. You control what process names are members of each scanning profile; you can keep or delete the McAfee-defined profiles.

Because each scanning profile has its own list of processes, you can configure the profiles to have their own scanning configuration. So, the scanning configuration applies to any file activity that members of that profile perform.
 

Example (multiple profiles)	Risk
You want to exclude C:\MyFolder from being scanned. Only MyProcess.exe needs the exclusion. The Low Risk profile is used for this example. The process MyProcess.exe is added to the Low Risk profile process list. The exclusion is added to this profile to exclude C:\MyFolder.  (This example includes Read + Write + Subfolders)	This means MyProcess.exe can read data or write data to C:\MyFolder or its subfolders, and no scan occurs for those operations. It also means if any other process reads or writes data to C:\MyFolder or its subfolders, a scan does occur for their operations. This type of exclusion carries a very low amount of risk with it. Risk increases as more process names are added to the Low Risk profile's processes list.
You want to exclude C:\MyFolder from being scanned. Only MyProcess.exe needs the exclusion. The High Risk profile is used for this example. The process MyProcess.exe is added to the High Risk profile process list. We add the exclusion to this profile to exclude C:\MyFolder. (This example includes Write only).	This means MyProcess.exe can write data to C:\MyFolder, and no scan occurs for those operations. It also means if any other process reads or writes data to C:\MyFolder, a scan does occur for their operations. If MyProcess.exe reads data from this folder, a scan does occur. This type of exclusion carries a very low amount of risk with it.  NOTE: It does not matter that the High Risk profile is being used - 'High Risk' is just the name of the profile. Risk increases as more process names are added to the High Risk profile's processes list.