I have seen this question asked and answered in some articles and blog posts, however, after teaching the Concepts and Admin Workshop for the new version of the product recently, and getting more familiar with the new Endpoint Protection feature in System Center 2012 Configuration Manager, and I discoverd a feature in Endpoint Protection that lets you see what the default exclusions should be for System Center 2012 Configuration Manager (as well as many other server types). The trick is to import the Antimalware Policy Template which I will walk you through here:
From the System Center 2012 Configuration Manager Console, click on the Assets and Compliance Workspace:
Next under Endpoint Protection in the navigation pane, Right Click on Antimalware Policies, and select Import:
From the list of templates to import, select "SCEP 12_Default_CfgMgr2012.xml", then Click Open:
This will import the template named "Endpoint Protection Configuration Manager 2012":
Next, click on the Exclusion settings, and then click the Set button next to the Excluded file and folders settings:
This will bring up the recommended files and folders to exclude from Antivirus scanning for System Center 2012 Configuration Manager:
You will need to expand the column and scroll to see it all, however, there is the list of exclusions needed. There are many other templates to import from there as well, and if you need multiple to apply to the same group of systems, you can import the ones you need, and then multi select them and right click and select Merge. This will allow you to combine multiple Antimalware Policies together for more efficient management of the policies.
I hope you found this useful.
Cliff HughesMicrosoft Premier Field Engineer
Thank you, this is very useful and I had not seen this covered in my class!
I noticed this on another blog. The template is missing the "Machine" directory for the registry.pol. •%systemroot%\system32\GroupPolicy\Machine\registry.pol
Thank You so much. I have been trudging through site after site and blog after blog looking for information on this. This made deployment to my sccm servers so much easier!