Interoperability with antivirus scanners


Article ID: 180452


Updated On:


Workspace Virtualization (formerly SVS)




Interoperability with antivirus scanners

Workspace Virtualization contains functionality to guarantee that antivirus scanners and other file utility applications can scan the native file system. These applications are added to an ignore list so they do not see virtualized data when they run. This guarantees that all files are properly scanned. You might also want to add other programs to the ignore list so that they view the file system data without any Virtualization. For example, if an inventory program sees a file twice (virtualized and unvirtualized), it might count the file twice.

We recommend that you use this feature for your antivirus scanner. The Workspace Virtualization Agent does not affect the run-time protection feature of antivirus software. Antivirus products properly scan virtualized files when they are opened. Any measures that the antivirus product takes against a file occur on the native file system. However, there is an issue with manual antivirus scanning. If a file exists in the base and in a virtual software layer, these files overlay each other. A manual scan only sees and scans one of the files. The scan does not see the version in the native file system and the version in the virtual layer.

To add applications to the ignore list

  1. In the Windows registry editor , in the HKLM\System\CurrentControlSet\Services\FSLX\Parameters\FSL key, create a Multi-String Value called ProgramIgnoreList.

  2. Double-click ProgramIgnoreList.

  3. Enter the complete path for the executable file that you want to ignore and click OK.

    The path can be hard-coded (c:\windows\scan.exe) or can contain a variable ([_B_]WINDIR[_E_]\scan.exe).

  4. Restart the computer.

See How the Workspace Virtualization Agent affects security