M-Files and Virus Scanning

Note: This content is no longer updated. For the latest content, please go to the user guide for M-Files Online. For information on the supported product versions, refer to our lifecycle policy.

M-Files is compatible with all commonly used virus scanning products.

It is important to make sure that the virus scanners on the end users' computers do not do scheduled scanning for the virtual M-Files drive (the M: drive by default). A scheduled scan for the M-Files drive loads all the content from the M-Files server to the user's client and unnecessarily puts strain on both the network and the server.

Additionally, for best performance, you can disable any real-time scanning for the virtual M-Files drive (the M: drive by default) and the M-Files installation folder (C:\Program Files\M-Files\ by default). The exclusion of these locations from real-time scans can prevent unnecessary system load and possible conflicts between M-Files and the anti-virus software.

Note: If you use McAfee security products, also refer to this article.

Excluding the M-Files drive and installation folder from virus scanning

To exclude the M-Files drive and the installation folder from virus scanning, add their paths to the appropriate exclusion lists or exception lists in the anti-virus software. For example with Symantec Endpoint Protection Manager (SEPM), this is done with an exceptions policy. Other commonly used anti-virus software products can use terminology such as "excluded items list", "exclude objects", or "exclude from scanning".

There are typically separate exclusion lists for scheduled scanning and real-time scanning.

Excluding the M-Files Client process from virus scanning

If your anti-virus software supports excluding processes by name, it is usually a good idea to exclude the MFClient.exe process from any real-time scanning on the client computers. By default, the path to MFClient.exe is C:\Program Files\M-Files\<version>\Bin\x64\MFClient.exe. With SEPM, for instance, this can be done with the instructions in the Symantec knowledge base article How to create an application exception in the Symantec Endpoint Protection Manager.

The exclusion of the MFClient.exe process from real-time scanning can improve performance. This is because it prevents the virus scanner to scan the same files twice: once when the application opens the file and another time when MFClient.exe does an internal open operation on the same file.

Excluding M-Files server processes and vault data from virus scanning

On the M-Files server machine, make sure that these processes are excluded from real-time virus scanning:

Process name	Default location
MFServer.exe	C:\Program Files\M-Files\`<version>`\Bin\x64\
MFServerAux.exe	C:\Program Files\M-Files\`<version>`\Bin\x86\
MFIndexer.exe	C:\Program Files\M-Files\`<version>`\Bin\x64\
MFIndexingManager.exe	C:\Program Files\M-Files\`<version>`\Bin\x64\
MFDataExport.exe	C:\Program Files\M-Files\`<version>`\Bin\x64\
mf-grpc-web-server.exe	C:\Program Files\M-Files\`<version>`\Server\Web\GRPC\

In addition, make sure that these folders are excluded from virus scanning:

The M-Files installation folder, which is located in C:\Program Files\M-Files\ by default
The vault data folder, which is located in C:\Program Files\M-Files\Server Vaults\ by default

If these processes and folders are not excluded from virus scanning on the M-Files server machine, users can experience poor vault performance or it can cause faulty backups of the vault data.

Excluding Microsoft Windows processes

Make sure that the pdfSaver.exe process is excluded from real-time virus scanning. The default location of the process is C:\Program Files\Tracker Software\PDF-XChange Standard. The exclusion of the pdfSaver.exe process from real-time scanning improves the performance when the user converts documents to PDF.

Antimalware Support

M-Files Server supports antimalware checks on Windows Server 2016 and newer. Files uploaded to the M-Files server can be scanned for viruses and malware before they are saved in the repository. This requires an anti-virus software compatible with Windows Antimalware Scan Interface (AMSI), such as Windows Defender, and that real-time scanning is enabled.

To take the antimalware checks into use, add these values to the Windows registry of the M-Files Server computer:


Key	HKEY_LOCAL_MACHINE\SOFTWARE\Motive\M-Files\`<version>`\Server\MFServer
Value name	EnableAntimalwareScanner
Value type	REG_DWORD
Value	1
Description	Enables antimalware scanning on Windows 10, Windows Server 2016, and newer.


Key	HKEY_LOCAL_MACHINE\SOFTWARE\Motive\M-Files\`<version>`\Server\MFServer
Value name	TreatAntimalwareScannerErrorsAsTransferBlockingErrors
Value type	REG_DWORD
Description	Specifies whether file transfers to M-Files Server are blocked if the antimalware software is not available or has not been properly configured. The default value is 0.
Value	0	Do not block file transfers if antimalware software is not available or is misconfigured.
Value	1	Block file transfers if antimalware software is not available or is misconfigured.

For the changes to take effect, you must restart the M-Files Server service.