Microsoft Anti-Virus Exclusion List

Microsoft Anti-Virus Exclusion List

One place on the web where you can find an updated list of ALL the AV exclusions you might want to configure for Windows Server. Feel free to add to the list, it is the wiki way!

HINT: Subscribe to the RSS feed for this wiki page to get auto-notification when it is updated!

Enterprise Configuration Recommendations:

Windows: 

  • KB822158 Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows

Windows / Active Directory: 

Cluster:

Hyper-V, System Center Virtual Machine Manager (SCVMM):

Virtual PC / Virtual Server:

Forefront: Considerations when using antivirus software on FF Edge Products

FRS:

SQL:

IIS:

DHCP:

SCOM / MOM:

Configuration Manager 2007:

Configuration Manager 2012:

Exchange:

SharePoint:

 

Team Foundation Server 2010/2012/2013:

Dynamics CRM:  

SMS

ISA:

Windows Update:

WSUS (Windows Server Update Services):

SBS:

 MED-V

System Center:

Data Protection Manager:

App-V

Lync 2010
Dynamics AX

        For versions up to AX 2009 exclude:
  1. All the AOD, AOI, ADD, ADI, KHD & KHI files, or
  2. alternatively, the whole application folder

       See for instance:        http://blogs.msdn.com/b/czdaxsup/archive/2010/05/13/ax-application-files-locked-by-another-process.aspx

Note: Doing this helps make sure that the files are not locked when the AOS must use them. However, if these files become infected, your antivirus software will not be able to detect the infection.
   
BizTalk Server
See recommendations in BizTalk performance optimization guides:

Mentioned executables used by BizTalk includes EntSSO.exe, MSDTC.exe, BTSNTSvc.exe, BTSNTSvc64.exe, SQLServr.exe, but also others as IIS, Customer WCF services, MSMQ, Rule Engine, SQL Agent, SSIS, SSNS and other applications used in integration scenarios.



Other great compilations

 

Leave a Comment
  • Please add 4 and 1 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Sort by: Published Date | Most Recent | Most Useful
Comments
  • msbrian1 edited Revision 69. Comment: Added link to AV Exclusion document in "Other great compilations" section

  • Richard Mueller edited Revision 68. Comment: Changed tag "w2k8r2" to "Windows Server 2008 R2"

  • Balaji M Kundalam edited Revision 66. Comment: Updated a link

  • GoonCommando edited Revision 61. Comment: List is not specific to "Windows" but to all Microsoft products so I renamed the list to accurately reflect that

  • Pronichkin edited Revision 60. Comment: Added link for ConfigMgr

  • Ed Price - MSFT edited Revision 59. Comment: We're no longer including "(en-US)" in the title because of the difficulties it causes. But please still include "en-US" in the tags! Thanks!

  • Ed Price - MSFT edited Revision 56. Comment: We're no longer using "(en-US)" in the title, but please still include the "en-US" tag! Thanks!

  • Borgquite edited Revision 55. Comment: More formatting

  • Borgquite edited Revision 54. Comment: Fixed formatting

  • Borgquite edited Revision 53. Comment: Virtual PC / VIrtual Server additions

Page 1 of 3 (24 items) 123
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
Comments
  • Ed Price - MSFT edited Revision 19. Comment: I'm going to Format Town. I'll send you a postcard.

  • Ed Price - MSFT edited Revision 21. Comment: White space

  • Jeff Patterson - MSFT edited Revision 25. Comment: Added link to App-V AV KB.  

  • Travis Plunk [MSFT] edited Revision 27. Comment: Wsusscan.cab and Wsusscn2.cab  are related to windows update and not WSUS

  • Great List, really useful!

  • Excellent list.

  • For Service Manager 2010/2012 I would recommand the following excpetions:

    By folder exceptions:

    %programfiles%\Microsoft System Center\Service Manager 2010 or

    %programfiles%\Microsoft System Center\Service Manager 2012

    By proces exceptions:

    Microsoft.Mom.SDK.Servicehost.exe (Microsoft System Center Data Access Service)

    Microsoft.Mom.ConfigServicehost.exe (Microsoft System Center Configuration Service)

    HealthService.exe (System Center Management)

  • %programfiles%\Citrix

  • Borgquite edited Revision 35. Comment: Added extra article for SCVMM / Hyper-V - includes some extra recommendations

  • Borgquite edited Revision 36. Comment: Tidied up a bit

  • Borgquite edited Revision 37. Comment: More tidying up

  • Borgquite edited Revision 38. Comment: Got rid of another dead link

  • nice, thanks.

  • An Anti-virus vendor told me that, since they're using the Microsoft API's (the same used by MS Anti virus products), there is no longer a real need for exclusions. How far can I go into trusing this API implementation to avoid application crashes/problems?

  • tonysoper_MSFT edited Revision 39. Comment: + HV

Page 1 of 3 (38 items) 123