Антивирус для Windows Server – настраиваем список исключений

В ходе настройки политик управления клиентами любого антивирусного ПО необходимо определять список каталогов, имён процессов или даже расширений фалов, которые должны исключаться из Real-Time сканирования. Постараюсьсобрать в одном месте информацию о рекомендуемых параметрах исключений и по мере необходимости буду его корректировать.  Стоит отметить, что список составлен исходя из приложений, которые эксплуатируются в моём рабочем окружении. Список разделен по основным категориям сервисов и там где возможно есть ссылки на официальные рекомендации производителей ПО. Во всех случаях подразумевается что программное обеспечение установлено в каталоги «по умолчанию».

Общие рекомендации

 

Windows Update files

%windir%\SoftwareDistribution\Datastore\Datastore.edb
%windir%\SoftwareDistribution\Datastore\Logs\edb.chk
%windir%\SoftwareDistribution\Datastore\Logs\edb*.log
%windir%\SoftwareDistribution\Datastore\Logs\Edbres00001.jrs
%windir%\SoftwareDistribution\Datastore\Logs\Edbres00002.jrs
%windir%\SoftwareDistribution\Datastore\Logs\Res1.log
%windir%\SoftwareDistribution\Datastore\Logs\Res2.log
%windir%\SoftwareDistribution\Datastore\Logs\tmp.edb

%windir%\SoftwareDistribution\Datastore\*.edb
%windir%\SoftwareDistribution\Datastore\Logs\*.log
%windir%\SoftwareDistribution\Datastore\Logs\*.chk
%windir%\SoftwareDistribution\Datastore\Logs\*.edb

Windows Security files

%windir%\Security\Database

%windir%\Security\database\*.chk
%windir%\Security\database\*.edb
%windir%\Security\database\*.jrs
%windir%\Security\database\*.log
%windir%\Security\database\*.sdb

Group Policy related files

%SystemRoot%\System32\GroupPolicy\
%allusersprofile%\NTUser.pol
%systemroot%\system32\GroupPolicy\registry.pol

Источник: KB822158 – Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows

Контроллеры домена AD

NTDS database file %windir%\ntds\NTDS.dit
NTDS transaction log files %windir%\ntds\EDB*.log
%windir%\ntds\Edbres*.jrs
%windir%\ntds\RES1.log
%windir%\ntds\RES2.log
NTDS working files %windir%\ntds\TEMP.edb
%windir%\ntds\EDB.chk
%windir%\ntds\*.pat
FRS Working Directory files %windir%\ntfrs\jet\sys\edb.chk
%windir%\ntfrs\jet\ntfrs.jdb
%windir%\ntfrs\jet\log\*.log
%windir%\ntfrs\jet\log\*.jrs
FRS Replica_root files %windir%\sysvol\domain
%windir%\sysvol
Staging directory %windir%\sysvol\staging\domain
%windir%\sysvol\staging areas
FRS Preinstall directory %windir%\sysvol\domain\DO_NOT_REMOVE_NtFrs_PreInstall_Directory
Processes %systemroot%\System32\ntfrs.exe
%systemroot%\System32\dfsr.exe
%systemroot%\System32\dfsrs.exe

Источники:
Active Directory Directory Service Product Operations Guide
Managing Antivirus Software on Active Directory Domain Controllers

 

 

 

Сервера на базе с ОС Windows 2000 – 2008 R2 с распространенными серверными ролями

 

Cluster Service files

%QuorumDrive%\MSCS

%SystemRoot%\Cluster

DHCP files

%SystemRoot%\system32\dhcp\*.chk

%SystemRoot%\system32\dhcp\*.edb

%SystemRoot%\system32\dhcp\*.jrs

%SystemRoot%\system32\dhcp\*.log

%SystemRoot%\system32\dhcp\dhcp.mdb

%SystemRoot%\system32\dhcp\dhcp.pat
%windir%\System32\DHCP\backup\*.mdb
%windir%\System32\DHCP\backup\*.log
%windir%\System32\DHCP\backup\*.chk

DNS files

%SystemRoot%\System32\Dns\*.dns

%SystemRoot%\System32\Dns\*.log
%SystemRoot%\System32\dns.exe

WINS files

%SystemRoot%\System32\Wins

CA files

%SystemRoot%\system32\CatRoot2\*.edb

%SystemRoot%\system32\CatRoot2\*.chk

%SystemRoot%\system32\CatRoot2\*.log

%SystemRoot%\system32\CatRoot2\*.jrs

TS/RDS Licensing files

%SystemRoot%\System32\LServer\*.chk

%SystemRoot%\System32\LServer\*.edb

%SystemRoot%\System32\LServer\*.log

%SystemRoot%\System32\LServer\*.tmp

%SystemRoot%\System32\LServer\*.jrs

Print Service files

%SystemRoot%\system32\spool\PRINTERS\*.shd

%SystemRoot%\system32\spool\PRINTERS\*.spl

Источник: KB822158 – Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows

 

 

 

 

 

 

Сервера с Microsoft Exchange Server 2007/2010

 

Exchange Server
Common
Folders
%Winnt%\Cluster
%SystemDrive%\inetpub\temp\IIS Temporary Compressed Files
%SystemRoot%\IIS Temporary Compressed Files
%SystemRoot%\System32\Inetsrv
%SystemDrive%\inetpub\logs
Exchange Server 2010 folders %ExchangeInstallPath%\Mailbox
%ExchangeInstallPath%\GroupMetrics
%ExchangeInstallPath%\TransportRoles\Logs
%ExchangeInstallPath%\TransportRoles\Pickup
%ExchangeInstallPath%\TransportRoles\Replay
%ExchangeInstallPath%\TransportRoles\Data\Queue
%ExchangeInstallPath%\TransportRoles\Data\SenderReputation
%ExchangeInstallPath%\TransportRoles\Data\IpFilter
%ExchangeInstallPath%\Working\OleConvertor
%ExchangeInstallPath%\TransportRoles\Data\Adam
%ExchangeInstallPath%\ClientAccess
%ExchangeInstallPath%\Logging\POP3
%ExchangeInstallPath%\Logging\IMAP4
%ExchangeInstallPath%\UnifiedMessaging\grammars
%ExchangeInstallPath%\UnifiedMessaging\Prompts
%ExchangeInstallPath%\UnifiedMessaging\voicemail
%ExchangeInstallPath%\UnifiedMessaging\temp
%ExchangeInstallPath%\Logging
%ExchangeInstallPath%\ExchangeOAB
%ExchangeInstallPath%\Mailbox\MDBTEMP
%SystemDrive%\DAGFileShareWitnesses\*

Exchange Server 2007 folders

%ProgramFiles%\Microsoft\Exchange Server\Mailbox
%ProgramFiles%\Microsoft\Exchange Server\TransportRoles\Logs

%ProgramFiles%\Microsoft\Exchange Server\TransportRoles\Pickup
%ProgramFiles%\Microsoft\Exchange Server\TransportRoles\Replay
%ProgramFiles%\Microsoft\Exchange Server\TransportRoles\Data\Queue
%ProgramFiles%\Microsoft\Exchange Server\TransportRoles\SenderReputation
%ProgramFiles%\Microsoft\Exchange Server\TransportRoles\IpFilter

%ProgramFiles%\Microsoft\Exchange Server\Logging
%ProgramFiles%\Microsoft\Exchange Server\ExchangeOAB
%ProgramFiles%\Microsoft\Exchange Server\Working\OleConverter

%ProgramFiles%\Microsoft\Exchange Server\TransportRoles\Data\Adam

%ProgramFiles%\Microsoft\Exchange Server\ClientAccess

%ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\grammars
%ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\Prompts
%ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\voicemail
%ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\badvoicemail

Exchange Server 2007/2010 Processes

Cdb.exe
Cidaemon.exe
Clussvc.exe
Dsamain.exe
EdgeCredentialSvc.exe
EdgeTransport.exe
ExFBA.exe
GalGrammarGenerator.exe
Inetinfo.exe
Mad.exe
Microsoft.Exchange.AddressBook.Service.exe
Microsoft.Exchange.AntispamUpdateSvc.exe
Microsoft.Exchange.ContentFilter.Wrapper.exe
Microsoft.Exchange.EdgeSyncSvc.exe
Microsoft.Exchange.Imap4.exe
Microsoft.Exchange.Imap4service.exe
Microsoft.Exchange.Infoworker.Assistants.exe
Microsoft.Exchange.Monitoring.exe
Microsoft.Exchange.Pop3.exe
Microsoft.Exchange.Pop3service.exe
Microsoft.Exchange.ProtectedServiceHost.exe
Microsoft.Exchange.RPCClientAccess.Service.exe
Microsoft.Exchange.Search.Exsearch.exe
Microsoft.Exchange.Servicehost.exe
MSExchangeADTopologyService.exe
MSExchangeFDS.exe
MSExchangeMailboxAssistants.exe
MSExchangeMailboxReplication.exe
MSExchangeMailSubmission.exe
MSExchangeRepl.exe
MSExchangeTransport.exe
MSExchangeTransportLogSearch.exe
MSExchangeThrottling.exe
Msftefd.exe
Msftesql.exe
OleConverter.exe
Powershell.exe
SESWorker.exe
SpeechService.exe
Store.exe
TranscodingService.exe
UmService.exe
UmWorkerProcess.exe
W3wp.exe

Exchange Server 2007/2010

File Name Extension Exclusions

.config
.dia
.wsb
.chk
.log
.edb
.jrs

.jsl 
.que
.lzx
.ci
.wid
.dir
.000
.001
.002
.cfg
.grxml

.dsc
.bin
.xml

  Forefront Protection for Exchange Server

Forefront Protection for Exchange Server folders

%ProgramFiles(x86)%\Microsoft Forefront Protection for Exchange Server

%ProgramFiles(x86)%\Microsoft Forefront Protection for Exchange Server\Data\Archive

%ProgramFiles(x86)%\Microsoft Forefront Protection for Exchange Server\Data\Quarantine
%ProgramFiles(x86)%\Microsoft Forefront Protection for Exchange Server\Data\Engines\x86

%ProgramFiles(x86)%\Microsoft Forefront Protection for Exchange Server\Data\Engines\amd64

%ProgramFiles(x86)%\Microsoft Forefront Protection for Exchange Server\Data

Forefront Protection for Exchange Server processes

Adonavsvc.exe
FscController.exe
FscDiag.exe
FscExec.exe
FscImc.exe
FscManualScanner.exe
FscMonitor.exe
FscRealtimeScanner.exe
FscStarter.exe
FscStatsServ.exe
FscTransportScanner.exe
FscUtility.exe
FsEmailPickup.exe
FssaClient.exe
GetEngineFiles.exe
PerfmonitorSetup.exe
ScanEngineTest.exe
SemSetup.exe

FSCConfigurationServer.exe
FSCEventing.exe     
FSCScheduledScanner.exe
MultiEngineScanner.exe
Kavehost.exe
FSCVSSWriter.exe

Forefront Protection for Exchange Server File Name Extension Exclusions

.avc
.cab
.cfg
.config
.da1
.dat
.def
.dt
.fdb
.fdm
.ide
.key
.klb
.kli
.lst
.mdb
.ppl
.set
.v3d
.vdb
.vdm

Источники:
File-Level Antivirus Scanning on Exchange 2007
File-Level Antivirus Scanning on Exchange 2010

 

 

 

 

 

Сервера SharePoint Server 2007/2010

SharePoint Common Folders

%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions
%SystemRoot%\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files
%SystemRoot%\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files
%SystemRoot%\system32\LogFiles
%SystemRoot%\Temp\WebTempDir

SharePoint 2007 Folders

%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\12\Logs
%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\12\Data\Applications
Drive:\Documents and Settings\All Users\Application Data\Microsoft\SharePoint\Config
%ProgramFiles%\Microsoft Office Servers\12.0\Data
%ProgramFiles%\Microsoft Office Servers\12.0\Logs
%ProgramFiles%\Microsoft Office Servers\12.0\Bin
%ProgramFiles(x86)%\Microsoft Office Servers\12.0\Data
%ProgramFiles(x86)%\Microsoft Office Servers\12.0\Logs

SharePoint 2010 Folders

%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\14\Logs
%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\14\Data\Applications
%ProgramData%\Microsoft\SharePoint
%ProgramFiles%\Microsoft Office Servers\14.0\Data
%ProgramFiles%\Microsoft Office Servers\14.0\Logs
%ProgramFiles%\Microsoft Office Servers\14.0\Bin
%ProgramFiles%\Microsoft Office Servers\14.0\Synchronization Service
%ProgramFiles(x86)%\Microsoft Office Servers\14.0\Data
%ProgramFiles(x86)%\Microsoft Office Servers\14.0\Logs

Источник: KB952167 – Certain folders may have to be excluded from antivirus scanning when you use a file-level antivirus program in SharePoint


Сервера с компонентами Internet Information Server (IIS)

IIS Temporary Compressed Files

%SystemRoot%\IIS Temporary Compressed Files
%SystemDrive%\inetpub\temp\IIS Temporary Compressed Files

IIS Log Files %SystemDrive%\inetpub\logs
%systemroot%\System32\LogFiles
%systemroot%\SysWow64\LogFiles
IIS Processes %systemroot%\system32\inetsrv\w3wp.exe
%systemroot%\SysWOW64\inetsrv\w3wp.exe

Источник: A 0-byte file may be returned when compression is enabled on a server that is running IIS

 

 


Сервера Microsoft Internet Security and Acceleration (ISA) Server

 

ISA Server Folders

%ProgramFiles%\Microsoft ISA Server
%ProgramFiles%\ISA Server\Adam Data
%ProgramFiles%\ISA Server\ISA logs

ISA Server processes

dsamain.exe
wspsrv.exe
mspadmin.exe
isastg.exe
w3prefch.exe
sqlsvr.exe

Источник: Considerations when using antivirus software on ISA Server

 

Сервера Microsoft Forefront Threat Management Gateway (TMG) 2010

 

TMG installation folder

%ProgramFiles%\Microsoft Forefront Threat Management Gateway

TMG SQL Express and SRS installation folders %ProgramFiles%\Microsoft SQL Server\MSSQL10.ISARS
%ProgramFiles%\Microsoft SQL Server\MSSQL10.MSFW
TMG Malware scanning cache %SystemRoot%\Temp\ScanStorage
TMG Log Queue %ProgramFiles%\Microsoft Forefront Threat Management Gateway\Logs
TMG Report Summary Generator %ProgramFiles%\Microsoft Forefront Threat Management Gateway\dailysum.exe
TMG Report Generator %ProgramFiles%\Microsoft Forefront Threat Management Gateway\isarepgen.exe
TMG Diagnostic Logging Viewer %ProgramFiles%\Microsoft Forefront Threat Management Gateway\isadlviewer.exe
TMG Managed Control Service %ProgramFiles%\Microsoft Forefront Threat Management Gateway\IsaManagedCtrl.exe
TMG Storage Service %ProgramFiles%\Microsoft Forefront Threat Management Gateway\isastg.exe
TMG Administration Component %ProgramFiles%\Microsoft Forefront Threat Management Gateway\mspadmin.exe
TMG Firewall Service %ProgramFiles%\Microsoft Forefront Threat Management Gateway\wspsrv.exe
TMG Web Content Download Service %ProgramFiles%\Microsoft Forefront Threat Management Gateway\w3prefch.exe
SQL 2008 Express and SQL 2008 Reporting Services

%ProgramFiles%\Microsoft SQL Server\MSSQL10.ISARS\MSSQL\Binn\sqlservr.exe
%ProgramFiles%\Microsoft SQL Server\MSSQL10.ISARS\MSSQL\Binn\ReportingServicesService.exe
%ProgramFiles%\Microsoft SQL Server\MSSQL10.MSFW\MSSQL\Binn\sqlservr.exe

Active Directory Lightweight Directory Services %WinDir%\System32\dsamain.exe
Other executable processes (from default FEP Rule Template from SCCM 2012) IsaApplianceInit.exe
IsaMgmt.exe
MsFpcSqmAgent.exe
NicsRestorer.exe
NLBClear.exe
UpdateAgent.exe
VpnHelpr.exe
tmgpolicysuite.exe
tmgbpacmd.exe
tmgbpa.exe
bpa2visio.exe
tmgbpapack.exe
tmgdatapackager.exe

TMG cache files

*.cdat

Источник: Considerations when using antivirus software on FF Edge Products

 

 

Сервера баз данных SQL Server 2005 – 2008 R2

Full-Text catalog data SQL Server 2005 – 2008 R2

%ProgramFiles%\Microsoft SQL Server\MSSQL.1\MSSQL\FTData

%ProgramFiles%\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\FTData

%ProgramFiles%\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\FTData

 

Analysis Services data SQL Server 2005 – 2008 R2

%ProgramFiles%\Microsoft SQL Server\MSSQL.2\OLAP\Data

%ProgramFiles%\Microsoft SQL Server\MSSQL10.MSSQLSERVER\OLAP\Data

%ProgramFiles%\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Data

 

Analysis Services backup files SQL Server 2005 – 2008 R2

%ProgramFiles%\Microsoft SQL Server\MSSQL.2\OLAP\Backup

%ProgramFiles%\Microsoft SQL Server\MSSQL10.MSSQLSERVER\OLAP\Backup

%ProgramFiles%\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Backup

Analysis Services log files SQL Server 2005 – 2008 R2

%ProgramFiles%\Microsoft SQL Server\MSSQL.2\OLAP\Log

%ProgramFiles%\Microsoft SQL Server\MSSQL10.MSSQLSERVER\OLAP\Log

%ProgramFiles%\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Log

SQL Server 2005

Processes

%ProgramFiles%\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLServr.exe

%ProgramFiles%\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\Bin\ReportingServicesService.exe

%ProgramFiles%\Microsoft SQL Server\MSSQL.2\OLAP\Bin\MSMDSrv.exe

SQL Server 2008

Processes

%ProgramFiles%\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLServr.exe

%ProgramFiles%\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\Bin\ReportingServicesService.exe

%ProgramFiles%\Microsoft SQL Server\MSAS10.MSSQLSERVER\OLAP\Bin\MSMDSrv.exe

SQL Server 2008 R2 Processes

%ProgramFiles%\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLServr.exe

%ProgramFiles%\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\Bin\ReportingServicesService.exe

%ProgramFiles%\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Bin\MSMDSrv.exe

File Types

*.mdf
*.ldf
*.ndf
*.bak
*.trn

*.trc

*.sqlaudit

*.sql

Примечание: если используются именованные экземпляры SQL Server, то выделенное красным цветом нужно заменять на имя экземпляра.
Источники
:

Guidelines for choosing antivirus software to run on the computers that are running SQL Server
File Locations for Default and Named Instances of SQL Server 2005
File Locations for Default and Named Instances of SQL Server 2008
File Locations for Default and Named Instances of SQL Server 2008 R2   


Сервера баз данных

 

Oracle databases files

*.ora

*.ctl

Clipper, dBase, FoxPro, etc files

*.dbf
*.cdx
*.fdb
*.edb
*.ib
*.gdi
*.gdb

 

 

Сервера виртуализации Microsoft Hyper-V

 

Default virtual HDD directory

%PUBLIC%\Documents\Hyper-V\Virtual Hard Disks

Default VM configuration directory

%ProgramData%\Microsoft\Windows\Hyper-V

Default Snapshot files directory %ProgramData%\Microsoft\Windows\Hyper-V\Snapshots
Live Migration with CSV %SystemDrive%\ClusterStorage

Processes

%SystemRoot%\system32\vmwp.exe
%SystemRoot%\system32\vmms.exe
%SystemRoot%\system32\vmicsvc.exe

File Types

*.xml
*.vhd
*.vfd
*.avhd
*.iso
*.vsv
*.bin

 

Источники:

KB2628135 – A System Center Virtual Machine Manager 2008 P2V fails with ‘A device attached to the system is not functioning (0x8007001F)’

KB961804 – Virtual machines are missing in the Hyper-V Manager Console or when you create or start a virtual machine, you receive one of the following error codes: "0x800704C8", "0×80070037" or "0x800703E3"

TechNet Articles – Hyper-V: Anti-virus Exclusions for Hyper-V Hosts


Компоненты Microsoft System Center Virtual Machine Manager

VMM Agent 2008 R2

%ProgramFiles%\Microsoft System Center Virtual Machine Manager 2008 R2\bin\vmmAgent.exe

VMM Agent 2012

%ProgramFiles%\Microsoft System Center 2012\Virtual Machine Manager\bin\vmmAgent.exe

VMM Server 2012

%ProgramFiles%\Microsoft System Center 2012\Virtual Machine Manager\bin\vmmservice.exe

 

Компоненты Microsoft System Center Data Protection Manager

 

DPM 2007-2012 Common Server Files

%WinDir%\Microsoft.net\Framework\v2.0.50727\csc.exe

DPM 2007-2012 Common Agent Files

%ProgramFiles%\Microsoft Data Protection Manager\DPM\bin\dpmra.exe

DPM 2007-2010 Common Server Files

%ProgramFiles%\Microsoft DPM\DPM\XSD

%ProgramFiles%\Microsoft DPM\DPM\Temp\MTA
%ProgramFiles%\Microsoft DPM\DPM\Volumes
%ProgramFiles%\Microsoft DPM\DPM\bin\dpmra.exe

DPM Server 2012

%ProgramFiles%\Microsoft System Center 2012\DPM\DPM\XSD

%ProgramFiles%\Microsoft System Center 2012\DPM\DPM\Temp\MTA
%ProgramFiles%\Microsoft System Center 2012\DPM\DPM\Volumes
%ProgramFiles%\Microsoft System Center 2012\DPM\DPM\bin\dpmra.exe

Источники:
System Center Data Protection Manager 2007 – Running Antivirus Software on the DPM Server
System Center Data Protection Manager 2010 – Running Antivirus Software on the DPM Server

 


Компоненты Microsoft System Center Operation Manager 2007

 

Processes (Server/Agent)

%ProgramFiles%\System Center Operations Manager 2007\MonitoringHost.exe

Folders (Server/Agent)

%ProgramFiles%\System Center Operations Manager 2007\Health Service State\Health Service Store\

File Types (Server/Agent)

*.chk
*.log
*.edb

Источник: Recommendations for antivirus exclusions that relate to MOM 2005 and to Operations Manager 2007

 


Компоненты Microsoft System Center Operation Manager 2012

 

 

Processes (Server)

%ProgramFiles%\System Center 2012\Operations Manager\Server\monitoringhost.exe

Processes (Agent)

%ProgramFiles%\System Center Operations Manager\Agent\monitoringhost.exe

Folders (Server)

%ProgramFiles%\System Center 2012\Operations Manager\Server\Health Service State\Health Service Store\

Folders (Agent)

%ProgramFiles%\System Center Operations Manager\Agent\Health Service State\Health Service Store\

File Types (Server/Agent)

*.chk
*.log
*.edb

Источник (с исправлениями): Thoughts on OpsMgr and System Center 2012 – OM12: Antivirus exclusions

 

 

Компоненты Microsoft System Configuration Manager

 

CM 2007-2012 Common Server Files

%ProgramFiles%\Microsoft Configuration Manager\Install.map
%ProgramFiles%\Microsoft Configuration Manager\inboxes
%ProgramFiles%\Microsoft Configuration Manager\Logs
%ProgramFiles%\SMS_CCM\ServiceData
%ProgramFiles(x86)%\Microsoft Configuration Manager\inboxes
%ProgramFiles(x86)%\Microsoft Configuration Manager\Logs
%ProgramFiles(x86)%\SMS_CCM\ServiceData
<DriveLetter>:\SMS_CCM\ServiceData
<DriveLetter>:\SMSSIG$
<DriveLetter>:\SMSPKGSIG
<DriveLetter>:\SMSPKG
<DriveLetter>:\SMSPKG<DriveLetter>$

CM 2007-2012 Common Agent Files

%SystemRoot%\System32\CCM\Cache
%SystemRoot%\ccmcache
%SystemRoot%\CCM\Logs

CM Server 2012 Files

<DriveLetter>:\SCCMContentLib
%SMS_LOG_PATH%
%SMS_ADMIN_UI_PATH%

CM Server Processes

Smsexec.exe
Ccmexec.exe
CmRcService.exe
Sitecomp.exe
Smswriter.exe
Smssqlbbkup.exe

Примечание: значение <DriveLetter> должно быть заменено на конкретные буквы дисков используемых установленным экземпляром SCCM, поэтому желательно чтобы в организации существовала какая-то стандартизация в этом плане.

Источник:
KB327453 – Antivirus programs may contribute to file backlogs in SMS 2.0, SMS 2003 and Configuration Manager 2007
ConfigMgr 2007 Antivirus Scan and Exclusion Recommendations
Anti-virus scan exclusions for Configuration Manager 2012

 

 

Компоненты Lync Server 2010

 

 

Lync Server 2010 processes

ASMCUSvc.exe
AVMCUSvc.exe
DataMCUSvc.exe
DataProxy.exe
FileTransferAgent.exe
IMMCUSvc.exe
MasterReplicatorAgent.exe
MediaRelaySvc.exe
MediationServerSvc.exe
MeetingMCUSvc.exe
MRASSvc.exe
OcsAppServerHost.exe
QmsSvc.exe
ReplicaReplicatorAgent.exe
RTCArch.exe
RtcCdr.exe
RTCSrv.exe

IIS processes

%systemroot%\system32\inetsrv\w3wp.exe
%systemroot%\SysWOW64\inetsrv\w3wp.exe

SQL Server processes

%ProgramFiles%\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLServr.exe
%ProgramFiles%\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\Bin\ReportingServicesService.exe
%ProgramFiles%\Microsoft SQL Server\MSAS10.MSSQLSERVER\OLAP\Bin\MSMDSrv.exe

Directories and files

%systemroot%\System32\LogFiles
%systemroot%\SysWow64\LogFiles
%systemroot%\Windows\Assembly\GAC_MSIL
%programfiles%\Microsoft Lync Server 2010
%programfiles%\commonfiles\Microsoft Lync Server 2010
%SystemDrive%\RtcReplicaRoot

Источник: Specifying Antivirus Scanning Exclusions

 

Компоненты App-V

 

 

Clients Windows XP or Windows Server 2003

%USERPROFILE%\Application Data\SoftGrid Client
%ALLUSERSPROFILE%\Application Data\Microsoft\Application Virtualization Client
%ALLUSERSPROFILE%\Documents\SoftGrid Client

Clients Windows Vista, Windows Server 2008 or later

%USERPROFILE%\AppData\Local\SoftGrid Client
%USERPROFILE%\AppData\Roaming\SoftGrid Client
%PROGRAMDATA%\Microsoft\Application Virtualization Client\SoftGrid Client

Источник: Recommended antivirus or antimalware exclusions when troubleshooting Application Virtualization (App-V) client issues

 

Дополнительные ссылки:

Вы можете задать вопрос по статье специалисту.

Получите эффективное решение IT-задач Вашей компании.

Помните, что все действия Вы выполняете на свой страх и риск и загрузка неверных данных может повлечь за собой крах системы и потерю информации. Администрация сайта не несет ответственность за Ваши действия.