Антивирус для Windows Server – настраиваем список исключений

В ходе настройки политик управления клиентами любого антивирусного ПО необходимо определять список каталогов, имён процессов или даже расширений фалов, которые должны исключаться из Real-Time сканирования. Постараюсьсобрать в одном месте информацию о рекомендуемых параметрах исключений и по мере необходимости буду его корректировать. Стоит отметить, что список составлен исходя из приложений, которые эксплуатируются в моём рабочем окружении. Список разделен по основным категориям сервисов и там где возможно есть ссылки на официальные рекомендации производителей ПО. Во всех случаях подразумевается что программное обеспечение установлено в каталоги «по умолчанию».

Общие рекомендации

Windows Update files

%windir%\SoftwareDistribution\Datastore\Datastore.edb
%windir%\SoftwareDistribution\Datastore\Logs\edb.chk
%windir%\SoftwareDistribution\Datastore\Logs\edb*.log
%windir%\SoftwareDistribution\Datastore\Logs\Edbres00001.jrs
%windir%\SoftwareDistribution\Datastore\Logs\Edbres00002.jrs
%windir%\SoftwareDistribution\Datastore\Logs\Res1.log
%windir%\SoftwareDistribution\Datastore\Logs\Res2.log
%windir%\SoftwareDistribution\Datastore\Logs\tmp.edb
%windir%\SoftwareDistribution\Datastore\*.edb
%windir%\SoftwareDistribution\Datastore\Logs\*.log
%windir%\SoftwareDistribution\Datastore\Logs\*.chk
%windir%\SoftwareDistribution\Datastore\Logs\*.edb

Windows Security files

%windir%\Security\Database

%windir%\Security\database\*.chk
%windir%\Security\database\*.edb
%windir%\Security\database\*.jrs
%windir%\Security\database\*.log
%windir%\Security\database\*.sdb

Group Policy related files

%SystemRoot%\System32\GroupPolicy\
%allusersprofile%\NTUser.pol
%systemroot%\system32\GroupPolicy\registry.pol

Источник: KB822158 – Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows

Контроллеры домена AD

NTDS database file	%windir%\ntds\NTDS.dit
NTDS transaction log files	%windir%\ntds\EDB.log %windir%\ntds\Edbres.jrs %windir%\ntds\RES1.log %windir%\ntds\RES2.log
NTDS working files	%windir%\ntds\TEMP.edb %windir%\ntds\EDB.chk %windir%\ntds\*.pat
FRS Working Directory files	%windir%\ntfrs\jet\sys\edb.chk %windir%\ntfrs\jet\ntfrs.jdb %windir%\ntfrs\jet\log\.log %windir%\ntfrs\jet\log\.jrs
FRS Replica_root files	%windir%\sysvol\domain %windir%\sysvol
Staging directory	%windir%\sysvol\staging\domain %windir%\sysvol\staging areas
FRS Preinstall directory	%windir%\sysvol\domain\DO_NOT_REMOVE_NtFrs_PreInstall_Directory
Processes	%systemroot%\System32\ntfrs.exe %systemroot%\System32\dfsr.exe %systemroot%\System32\dfsrs.exe

Источники:
Active Directory Directory Service Product Operations Guide
Managing Antivirus Software on Active Directory Domain Controllers

Сервера на базе с ОС Windows 2000 – 2008 R2 с распространенными серверными ролями

Cluster Service files	%QuorumDrive%\MSCS %SystemRoot%\Cluster
DHCP files	%SystemRoot%\system32\dhcp\.chk %SystemRoot%\system32\dhcp\.edb %SystemRoot%\system32\dhcp\.jrs %SystemRoot%\system32\dhcp\.log %SystemRoot%\system32\dhcp\dhcp.mdb %SystemRoot%\system32\dhcp\dhcp.pat %windir%\System32\DHCP\backup\.mdb %windir%\System32\DHCP\backup\.log %windir%\System32\DHCP\backup\*.chk
DNS files	%SystemRoot%\System32\Dns\.dns %SystemRoot%\System32\Dns\.log %SystemRoot%\System32\dns.exe
WINS files	%SystemRoot%\System32\Wins
CA files	%SystemRoot%\system32\CatRoot2\.edb %SystemRoot%\system32\CatRoot2\.chk %SystemRoot%\system32\CatRoot2\.log %SystemRoot%\system32\CatRoot2\.jrs
TS/RDS Licensing files	%SystemRoot%\System32\LServer\.chk %SystemRoot%\System32\LServer\.edb %SystemRoot%\System32\LServer\.log %SystemRoot%\System32\LServer\.tmp %SystemRoot%\System32\LServer\*.jrs
Print Service files	%SystemRoot%\system32\spool\PRINTERS\.shd %SystemRoot%\system32\spool\PRINTERS\.spl

Источник: KB822158 – Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows

Сервера с Microsoft Exchange Server 2007/2010

Exchange Server Common Folders	%Winnt%\Cluster %SystemDrive%\inetpub\temp\IIS Temporary Compressed Files %SystemRoot%\IIS Temporary Compressed Files %SystemRoot%\System32\Inetsrv %SystemDrive%\inetpub\logs
Exchange Server 2010 folders	%ExchangeInstallPath%\Mailbox %ExchangeInstallPath%\GroupMetrics %ExchangeInstallPath%\TransportRoles\Logs %ExchangeInstallPath%\TransportRoles\Pickup %ExchangeInstallPath%\TransportRoles\Replay %ExchangeInstallPath%\TransportRoles\Data\Queue %ExchangeInstallPath%\TransportRoles\Data\SenderReputation %ExchangeInstallPath%\TransportRoles\Data\IpFilter %ExchangeInstallPath%\Working\OleConvertor %ExchangeInstallPath%\TransportRoles\Data\Adam %ExchangeInstallPath%\ClientAccess %ExchangeInstallPath%\Logging\POP3 %ExchangeInstallPath%\Logging\IMAP4 %ExchangeInstallPath%\UnifiedMessaging\grammars %ExchangeInstallPath%\UnifiedMessaging\Prompts %ExchangeInstallPath%\UnifiedMessaging\voicemail %ExchangeInstallPath%\UnifiedMessaging\temp %ExchangeInstallPath%\Logging %ExchangeInstallPath%\ExchangeOAB %ExchangeInstallPath%\Mailbox\MDBTEMP %SystemDrive%\DAGFileShareWitnesses\*
Exchange Server 2007 folders	%ProgramFiles%\Microsoft\Exchange Server\Mailbox %ProgramFiles%\Microsoft\Exchange Server\TransportRoles\Logs %ProgramFiles%\Microsoft\Exchange Server\TransportRoles\Pickup %ProgramFiles%\Microsoft\Exchange Server\TransportRoles\Replay %ProgramFiles%\Microsoft\Exchange Server\TransportRoles\Data\Queue %ProgramFiles%\Microsoft\Exchange Server\TransportRoles\SenderReputation %ProgramFiles%\Microsoft\Exchange Server\TransportRoles\IpFilter %ProgramFiles%\Microsoft\Exchange Server\Logging %ProgramFiles%\Microsoft\Exchange Server\ExchangeOAB %ProgramFiles%\Microsoft\Exchange Server\Working\OleConverter %ProgramFiles%\Microsoft\Exchange Server\TransportRoles\Data\Adam %ProgramFiles%\Microsoft\Exchange Server\ClientAccess %ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\grammars %ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\Prompts %ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\voicemail %ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\badvoicemail
Exchange Server 2007/2010 Processes	Cdb.exe Cidaemon.exe Clussvc.exe Dsamain.exe EdgeCredentialSvc.exe EdgeTransport.exe ExFBA.exe GalGrammarGenerator.exe Inetinfo.exe Mad.exe Microsoft.Exchange.AddressBook.Service.exe Microsoft.Exchange.AntispamUpdateSvc.exe Microsoft.Exchange.ContentFilter.Wrapper.exe Microsoft.Exchange.EdgeSyncSvc.exe Microsoft.Exchange.Imap4.exe Microsoft.Exchange.Imap4service.exe Microsoft.Exchange.Infoworker.Assistants.exe Microsoft.Exchange.Monitoring.exe Microsoft.Exchange.Pop3.exe Microsoft.Exchange.Pop3service.exe Microsoft.Exchange.ProtectedServiceHost.exe Microsoft.Exchange.RPCClientAccess.Service.exe Microsoft.Exchange.Search.Exsearch.exe Microsoft.Exchange.Servicehost.exe MSExchangeADTopologyService.exe MSExchangeFDS.exe MSExchangeMailboxAssistants.exe MSExchangeMailboxReplication.exe MSExchangeMailSubmission.exe MSExchangeRepl.exe MSExchangeTransport.exe MSExchangeTransportLogSearch.exe MSExchangeThrottling.exe Msftefd.exe Msftesql.exe OleConverter.exe Powershell.exe SESWorker.exe SpeechService.exe Store.exe TranscodingService.exe UmService.exe UmWorkerProcess.exe W3wp.exe
Exchange Server 2007/2010 File Name Extension Exclusions	.config .dia .wsb .chk .log .edb .jrs .jsl .que .lzx .ci .wid .dir .000 .001 .002 .cfg .grxml .dsc .bin .xml
	Forefront Protection for Exchange Server
Forefront Protection for Exchange Server folders	%ProgramFiles(x86)%\Microsoft Forefront Protection for Exchange Server %ProgramFiles(x86)%\Microsoft Forefront Protection for Exchange Server\Data\Archive %ProgramFiles(x86)%\Microsoft Forefront Protection for Exchange Server\Data\Quarantine %ProgramFiles(x86)%\Microsoft Forefront Protection for Exchange Server\Data\Engines\x86 %ProgramFiles(x86)%\Microsoft Forefront Protection for Exchange Server\Data\Engines\amd64 %ProgramFiles(x86)%\Microsoft Forefront Protection for Exchange Server\Data
Forefront Protection for Exchange Server processes	Adonavsvc.exe FscController.exe FscDiag.exe FscExec.exe FscImc.exe FscManualScanner.exe FscMonitor.exe FscRealtimeScanner.exe FscStarter.exe FscStatsServ.exe FscTransportScanner.exe FscUtility.exe FsEmailPickup.exe FssaClient.exe GetEngineFiles.exe PerfmonitorSetup.exe ScanEngineTest.exe SemSetup.exe FSCConfigurationServer.exe FSCEventing.exe FSCScheduledScanner.exe MultiEngineScanner.exe Kavehost.exe FSCVSSWriter.exe
Forefront Protection for Exchange Server File Name Extension Exclusions	.avc .cab .cfg .config .da1 .dat .def .dt .fdb .fdm .ide .key .klb .kli .lst .mdb .ppl .set .v3d .vdb .vdm

Источники:
File-Level Antivirus Scanning on Exchange 2007
File-Level Antivirus Scanning on Exchange 2010

Сервера SharePoint Server 2007/2010

SharePoint Common Folders	%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files %SystemRoot%\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files %SystemRoot%\system32\LogFiles %SystemRoot%\Temp\WebTempDir
SharePoint 2007 Folders	%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\12\Logs %ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\12\Data\Applications Drive:\Documents and Settings\All Users\Application Data\Microsoft\SharePoint\Config %ProgramFiles%\Microsoft Office Servers\12.0\Data %ProgramFiles%\Microsoft Office Servers\12.0\Logs %ProgramFiles%\Microsoft Office Servers\12.0\Bin %ProgramFiles(x86)%\Microsoft Office Servers\12.0\Data %ProgramFiles(x86)%\Microsoft Office Servers\12.0\Logs
SharePoint 2010 Folders	%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\14\Logs %ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\14\Data\Applications %ProgramData%\Microsoft\SharePoint %ProgramFiles%\Microsoft Office Servers\14.0\Data %ProgramFiles%\Microsoft Office Servers\14.0\Logs %ProgramFiles%\Microsoft Office Servers\14.0\Bin %ProgramFiles%\Microsoft Office Servers\14.0\Synchronization Service %ProgramFiles(x86)%\Microsoft Office Servers\14.0\Data %ProgramFiles(x86)%\Microsoft Office Servers\14.0\Logs

Источник: KB952167 – Certain folders may have to be excluded from antivirus scanning when you use a file-level antivirus program in SharePoint

Сервера с компонентами Internet Information Server (IIS)

IIS Temporary Compressed Files	%SystemRoot%\IIS Temporary Compressed Files %SystemDrive%\inetpub\temp\IIS Temporary Compressed Files
IIS Log Files	%SystemDrive%\inetpub\logs %systemroot%\System32\LogFiles %systemroot%\SysWow64\LogFiles
IIS Processes	%systemroot%\system32\inetsrv\w3wp.exe %systemroot%\SysWOW64\inetsrv\w3wp.exe

Источник: A 0-byte file may be returned when compression is enabled on a server that is running IIS

Сервера Microsoft Internet Security and Acceleration (ISA) Server

ISA Server Folders	%ProgramFiles%\Microsoft ISA Server %ProgramFiles%\ISA Server\Adam Data %ProgramFiles%\ISA Server\ISA logs
ISA Server processes	dsamain.exe wspsrv.exe mspadmin.exe isastg.exe w3prefch.exe sqlsvr.exe

Источник: Considerations when using antivirus software on ISA Server

Сервера Microsoft Forefront Threat Management Gateway (TMG) 2010

TMG installation folder	%ProgramFiles%\Microsoft Forefront Threat Management Gateway
TMG SQL Express and SRS installation folders	%ProgramFiles%\Microsoft SQL Server\MSSQL10.ISARS %ProgramFiles%\Microsoft SQL Server\MSSQL10.MSFW
TMG Malware scanning cache	%SystemRoot%\Temp\ScanStorage
TMG Log Queue	%ProgramFiles%\Microsoft Forefront Threat Management Gateway\Logs
TMG Report Summary Generator	%ProgramFiles%\Microsoft Forefront Threat Management Gateway\dailysum.exe
TMG Report Generator	%ProgramFiles%\Microsoft Forefront Threat Management Gateway\isarepgen.exe
TMG Diagnostic Logging Viewer	%ProgramFiles%\Microsoft Forefront Threat Management Gateway\isadlviewer.exe
TMG Managed Control Service	%ProgramFiles%\Microsoft Forefront Threat Management Gateway\IsaManagedCtrl.exe
TMG Storage Service	%ProgramFiles%\Microsoft Forefront Threat Management Gateway\isastg.exe
TMG Administration Component	%ProgramFiles%\Microsoft Forefront Threat Management Gateway\mspadmin.exe
TMG Firewall Service	%ProgramFiles%\Microsoft Forefront Threat Management Gateway\wspsrv.exe
TMG Web Content Download Service	%ProgramFiles%\Microsoft Forefront Threat Management Gateway\w3prefch.exe
SQL 2008 Express and SQL 2008 Reporting Services	%ProgramFiles%\Microsoft SQL Server\MSSQL10.ISARS\MSSQL\Binn\sqlservr.exe %ProgramFiles%\Microsoft SQL Server\MSSQL10.ISARS\MSSQL\Binn\ReportingServicesService.exe %ProgramFiles%\Microsoft SQL Server\MSSQL10.MSFW\MSSQL\Binn\sqlservr.exe
Active Directory Lightweight Directory Services	%WinDir%\System32\dsamain.exe
Other executable processes (from default FEP Rule Template from SCCM 2012)	IsaApplianceInit.exe IsaMgmt.exe MsFpcSqmAgent.exe NicsRestorer.exe NLBClear.exe UpdateAgent.exe VpnHelpr.exe tmgpolicysuite.exe tmgbpacmd.exe tmgbpa.exe bpa2visio.exe tmgbpapack.exe tmgdatapackager.exe
TMG cache files	*.cdat

Источник: Considerations when using antivirus software on FF Edge Products

Сервера баз данных SQL Server 2005 – 2008 R2

Full-Text catalog data SQL Server 2005 – 2008 R2	%ProgramFiles%\Microsoft SQL Server\MSSQL.1\MSSQL\FTData %ProgramFiles%\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\FTData %ProgramFiles%\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\FTData
Analysis Services data SQL Server 2005 – 2008 R2	%ProgramFiles%\Microsoft SQL Server\MSSQL.2\OLAP\Data %ProgramFiles%\Microsoft SQL Server\MSSQL10.MSSQLSERVER\OLAP\Data %ProgramFiles%\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Data
Analysis Services backup files SQL Server 2005 – 2008 R2	%ProgramFiles%\Microsoft SQL Server\MSSQL.2\OLAP\Backup %ProgramFiles%\Microsoft SQL Server\MSSQL10.MSSQLSERVER\OLAP\Backup %ProgramFiles%\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Backup
Analysis Services log files SQL Server 2005 – 2008 R2	%ProgramFiles%\Microsoft SQL Server\MSSQL.2\OLAP\Log %ProgramFiles%\Microsoft SQL Server\MSSQL10.MSSQLSERVER\OLAP\Log %ProgramFiles%\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Log
SQL Server 2005 Processes	%ProgramFiles%\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLServr.exe %ProgramFiles%\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\Bin\ReportingServicesService.exe %ProgramFiles%\Microsoft SQL Server\MSSQL.2\OLAP\Bin\MSMDSrv.exe
SQL Server 2008 Processes	%ProgramFiles%\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLServr.exe %ProgramFiles%\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\Bin\ReportingServicesService.exe %ProgramFiles%\Microsoft SQL Server\MSAS10.MSSQLSERVER\OLAP\Bin\MSMDSrv.exe
SQL Server 2008 R2 Processes	%ProgramFiles%\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLServr.exe %ProgramFiles%\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\Bin\ReportingServicesService.exe %ProgramFiles%\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Bin\MSMDSrv.exe
File Types	.mdf .ldf .ndf .bak .trn .trc .sqlaudit .sql

Примечание: если используются именованные экземпляры SQL Server, то выделенное красным цветом нужно заменять на имя экземпляра.
Источники:
Guidelines for choosing antivirus software to run on the computers that are running SQL Server
File Locations for Default and Named Instances of SQL Server 2005
File Locations for Default and Named Instances of SQL Server 2008
File Locations for Default and Named Instances of SQL Server 2008 R2

Сервера баз данных

Oracle databases files

*.ora

*.ctl

Clipper, dBase, FoxPro, etc files

*.dbf
*.cdx
*.fdb
*.edb
*.ib
*.gdi
*.gdb

Сервера виртуализации Microsoft Hyper-V

Default virtual HDD directory	%PUBLIC%\Documents\Hyper-V\Virtual Hard Disks
Default VM configuration directory	%ProgramData%\Microsoft\Windows\Hyper-V
Default Snapshot files directory	%ProgramData%\Microsoft\Windows\Hyper-V\Snapshots
Live Migration with CSV	%SystemDrive%\ClusterStorage
Processes	%SystemRoot%\system32\vmwp.exe %SystemRoot%\system32\vmms.exe %SystemRoot%\system32\vmicsvc.exe
File Types	.xml .vhd .vfd .avhd .iso .vsv *.bin

Источники:

KB2628135 – A System Center Virtual Machine Manager 2008 P2V fails with ‘A device attached to the system is not functioning (0x8007001F)’

KB961804 – Virtual machines are missing in the Hyper-V Manager Console or when you create or start a virtual machine, you receive one of the following error codes: "0x800704C8", "0×80070037" or "0x800703E3"

TechNet Articles – Hyper-V: Anti-virus Exclusions for Hyper-V Hosts

Компоненты Microsoft System Center Virtual Machine Manager

VMM Agent 2008 R2	%ProgramFiles%\Microsoft System Center Virtual Machine Manager 2008 R2\bin\vmmAgent.exe
VMM Agent 2012	%ProgramFiles%\Microsoft System Center 2012\Virtual Machine Manager\bin\vmmAgent.exe
VMM Server 2012	%ProgramFiles%\Microsoft System Center 2012\Virtual Machine Manager\bin\vmmservice.exe

Компоненты Microsoft System Center Data Protection Manager

DPM 2007-2012 Common Server Files	%WinDir%\Microsoft.net\Framework\v2.0.50727\csc.exe
DPM 2007-2012 Common Agent Files	%ProgramFiles%\Microsoft Data Protection Manager\DPM\bin\dpmra.exe
DPM 2007-2010 Common Server Files	%ProgramFiles%\Microsoft DPM\DPM\XSD %ProgramFiles%\Microsoft DPM\DPM\Temp\MTA %ProgramFiles%\Microsoft DPM\DPM\Volumes %ProgramFiles%\Microsoft DPM\DPM\bin\dpmra.exe
DPM Server 2012	%ProgramFiles%\Microsoft System Center 2012\DPM\DPM\XSD %ProgramFiles%\Microsoft System Center 2012\DPM\DPM\Temp\MTA %ProgramFiles%\Microsoft System Center 2012\DPM\DPM\Volumes %ProgramFiles%\Microsoft System Center 2012\DPM\DPM\bin\dpmra.exe

Источники:
System Center Data Protection Manager 2007 – Running Antivirus Software on the DPM Server
System Center Data Protection Manager 2010 – Running Antivirus Software on the DPM Server

Компоненты Microsoft System Center Operation Manager 2007

Processes (Server/Agent)	%ProgramFiles%\System Center Operations Manager 2007\MonitoringHost.exe
Folders (Server/Agent)	%ProgramFiles%\System Center Operations Manager 2007\Health Service State\Health Service Store\
File Types (Server/Agent)	.chk .log *.edb

Источник: Recommendations for antivirus exclusions that relate to MOM 2005 and to Operations Manager 2007

Компоненты Microsoft System Center Operation Manager 2012

Processes (Server)	%ProgramFiles%\System Center 2012\Operations Manager\Server\monitoringhost.exe
Processes (Agent)	%ProgramFiles%\System Center Operations Manager\Agent\monitoringhost.exe
Folders (Server)	%ProgramFiles%\System Center 2012\Operations Manager\Server\Health Service State\Health Service Store\
Folders (Agent)	%ProgramFiles%\System Center Operations Manager\Agent\Health Service State\Health Service Store\
File Types (Server/Agent)	.chk .log *.edb

Источник (с исправлениями): Thoughts on OpsMgr and System Center 2012 – OM12: Antivirus exclusions

Компоненты Microsoft System Configuration Manager

CM 2007-2012 Common Server Files	%ProgramFiles%\Microsoft Configuration Manager\Install.map %ProgramFiles%\Microsoft Configuration Manager\inboxes %ProgramFiles%\Microsoft Configuration Manager\Logs %ProgramFiles%\SMS_CCM\ServiceData %ProgramFiles(x86)%\Microsoft Configuration Manager\inboxes %ProgramFiles(x86)%\Microsoft Configuration Manager\Logs %ProgramFiles(x86)%\SMS_CCM\ServiceData <DriveLetter>:\SMS_CCM\ServiceData <DriveLetter>:\SMSSIG$ <DriveLetter>:\SMSPKGSIG <DriveLetter>:\SMSPKG <DriveLetter>:\SMSPKG<DriveLetter>$
CM 2007-2012 Common Agent Files	%SystemRoot%\System32\CCM\Cache %SystemRoot%\ccmcache %SystemRoot%\CCM\Logs
CM Server 2012 Files	<DriveLetter>:\SCCMContentLib %SMS_LOG_PATH% %SMS_ADMIN_UI_PATH%
CM Server Processes	Smsexec.exe Ccmexec.exe CmRcService.exe Sitecomp.exe Smswriter.exe Smssqlbbkup.exe

Примечание: значение <DriveLetter> должно быть заменено на конкретные буквы дисков используемых установленным экземпляром SCCM, поэтому желательно чтобы в организации существовала какая-то стандартизация в этом плане.

Источник:
KB327453 – Antivirus programs may contribute to file backlogs in SMS 2.0, SMS 2003 and Configuration Manager 2007
ConfigMgr 2007 Antivirus Scan and Exclusion Recommendations
Anti-virus scan exclusions for Configuration Manager 2012

Компоненты Lync Server 2010

Lync Server 2010 processes	ASMCUSvc.exe AVMCUSvc.exe DataMCUSvc.exe DataProxy.exe FileTransferAgent.exe IMMCUSvc.exe MasterReplicatorAgent.exe MediaRelaySvc.exe MediationServerSvc.exe MeetingMCUSvc.exe MRASSvc.exe OcsAppServerHost.exe QmsSvc.exe ReplicaReplicatorAgent.exe RTCArch.exe RtcCdr.exe RTCSrv.exe
IIS processes	%systemroot%\system32\inetsrv\w3wp.exe %systemroot%\SysWOW64\inetsrv\w3wp.exe
SQL Server processes	%ProgramFiles%\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLServr.exe %ProgramFiles%\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\Bin\ReportingServicesService.exe %ProgramFiles%\Microsoft SQL Server\MSAS10.MSSQLSERVER\OLAP\Bin\MSMDSrv.exe
Directories and files	%systemroot%\System32\LogFiles %systemroot%\SysWow64\LogFiles %systemroot%\Windows\Assembly\GAC_MSIL %programfiles%\Microsoft Lync Server 2010 %programfiles%\commonfiles\Microsoft Lync Server 2010 %SystemDrive%\RtcReplicaRoot

Источник: Specifying Antivirus Scanning Exclusions

Компоненты App-V

Clients Windows XP or Windows Server 2003	%USERPROFILE%\Application Data\SoftGrid Client %ALLUSERSPROFILE%\Application Data\Microsoft\Application Virtualization Client %ALLUSERSPROFILE%\Documents\SoftGrid Client
Clients Windows Vista, Windows Server 2008 or later	%USERPROFILE%\AppData\Local\SoftGrid Client %USERPROFILE%\AppData\Roaming\SoftGrid Client %PROGRAMDATA%\Microsoft\Application Virtualization Client\SoftGrid Client

Источник: Recommended antivirus or antimalware exclusions when troubleshooting Application Virtualization (App-V) client issues

Дополнительные ссылки:

Источник: ИТ Блог Алексея Максимова

About these ads

Информационный ресурс. Консультация онлайн

Антивирус для Windows Server – настраиваем список исключений

Получите квалифицированное обслуживание и качественную поддержку от наших специалистов.

Хотите знать больше Компания «Professional IT Solutions — IT аутсорсинг»