SBS 2008 Antivirus Exclusions

SBS does so many things that there are lots of antivirus exclusions to make. Starting from my old SBS 2003 list, and working through the extensive research in this post, I came up with the following list for my SBS 2008 exclusions.

C:\pagefile.sys
C:\inetpub\temp\IIS Temporary Compressed Files\
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data\
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\FTData\
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Data\
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.3\MSSQL\Data\
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.3\MSSQL\FTData\
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\Data\Applications\
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\LOGS\
C:\Program Files\Microsoft\Exchange Server\
C:\ProgramData\Microsoft\SharePoint\Config\
C:\ProgramData\NTUser.pol
C:\Windows\IIS Temporary Compressed Files\  (update 9/30/2010:  new location already added above)
C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\
C:\Windows\ntds\
C:\Windows\ntfrs\
C:\Windows\security\database\
C:\Windows\SoftwareDistribution\DataStore\
C:\Windows\system32\CertLog\
C:\Windows\system32\dhcp\
C:\Windows\System32\GroupPolicy\registry.pol
C:\Windows\System32\inetsrv\
C:\Windows\System32\LogFiles\
C:\Windows\sysvol\
C:\Windows\Temp\WebTempDir\
C:\WSUS\
F:\Program Files\Microsoft\Exchange Server\Mailbox\
F:\Windows\SYSMSI\SSEE\MSSQL.2005\MSSQL\DATA
S:\
T:\

Notes

• My Exchange and SharePoint data are on drive F:.
• S: and T: are external backup drives.
• I chose to exclude SQL data folders rather than file extensions.
• In general if there were lots of exclusions recommended in one folder, I excluded the whole folder.
• I decided not to exclude all the extra Exchange-specific extensions recommended at the end of this TechNet article “in case directory exclusions fail or files are moved from their default locations.” Also, as far as I know, VIPRE Antivirus does not do process scanning (yet), so I skipped the Process Exclusions as well .
• Somewhere I heard or read that you should exclude the Certificate Manager files (C:\Windows\system32\CertLog\), though I don’t see that documented online.