SBS 2008 Antivirus Exclusions

Home \ Tech Blog \SBS 2008 Antivirus Exclusions

SBS 2008 Antivirus Exclusions

Mark Berry July 24, 2010

SBS does so many things that there are lots of antivirus exclusions to make. Starting from my old SBS 2003 list, and working through the extensive research in this post, I came up with the following list for my SBS 2008 exclusions.

C:\pagefile.sys
C:\inetpub\temp\IIS Temporary Compressed Files\
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data\
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\FTData\
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Data\
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.3\MSSQL\Data\
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.3\MSSQL\FTData\
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\Data\Applications\
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\LOGS\
C:\Program Files\Microsoft\Exchange Server\
C:\ProgramData\Microsoft\SharePoint\Config\
C:\ProgramData\NTUser.pol
C:\Windows\IIS Temporary Compressed Files\ (update 9/30/2010: new location already added above)
C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\
C:\Windows\ntds\
C:\Windows\ntfrs\
C:\Windows\security\database\
C:\Windows\SoftwareDistribution\DataStore\
C:\Windows\system32\CertLog\
C:\Windows\system32\dhcp\
C:\Windows\System32\GroupPolicy\registry.pol
C:\Windows\System32\inetsrv\
C:\Windows\System32\LogFiles\
C:\Windows\sysvol\
C:\Windows\Temp\WebTempDir\
C:\WSUS\
F:\Program Files\Microsoft\Exchange Server\Mailbox\
F:\Windows\SYSMSI\SSEE\MSSQL.2005\MSSQL\DATA
S:\
T:\

Notes

My Exchange and SharePoint data are on drive F:.
S: and T: are external backup drives.
I chose to exclude SQL data folders rather than file extensions.
In general if there were lots of exclusions recommended in one folder, I excluded the whole folder.
I decided not to exclude all the extra Exchange-specific extensions recommended at the end of this TechNet article “in case directory exclusions fail or files are moved from their default locations.” Also, as far as I know, VIPRE Antivirus does not do process scanning (yet), so I skipped the Process Exclusions as well .
Somewhere I heard or read that you should exclude the Certificate Manager files (C:\Windows\system32\CertLog\), though I don’t see that documented online.

Tags: antivirus, sbs

This entry was posted on Saturday, July 24th, 2010 at 7:16 pm and is filed under IT Administration. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

5 Comments

Chuck Wiggins | August 22, 2010 at 8:31 am
Great Post!!! Thanks
Stephen J. Galbincea | August 27, 2010 at 2:05 pm
Great list – exactly what I was looking for, thank you.
Toby Nelson | October 25, 2010 at 5:49 pm
Like wise. Thanks!
Malik Mesellem | March 25, 2011 at 2:51 am
Saves me a lot of work! Thanks
ssstofff | November 16, 2011 at 5:18 am
thanks for great post!
so they program whatever, and we can exclude whatever …

About

Welcome to MCB Systems!

MCB Systems is a San Diego-based provider of software and information technology services.

Our software services include customization and programming to make software work for you.

Our proactive I.T. services help businesses control costs by providing a fixed monthly bill for routine I.T. services.

We take a consulting approach that listens first and provides solutions tailored to your business.

This Tech Blog is geared towards programmers and I.T. professionals, but end users may be interested to glimpse what goes on "behind the scenes" in developing software and keeping their computing environments stable and secure. Also visit the main Company Blog.

Blog author Mark Berry owns MCB Systems.

Contact MCB Systems today to discuss your technology needs!