Exchange Aware Anti-virus for SBS 2008

342165 pts.
Tags:
Antivirus
Exchange Anti-Virus
GFI
SBS 2008
Hi, I am looking for an anti-virus program that is exchange aware to run on a SBS 2008 server that is used as a file server as well as a mail server. I already have “GFI MailSecurity” installed for scanning email messages but I want to install something that will scan the rest of the server without affecting the exchange server. Can anyone recommend a specific AV? Thanks Wayne [Br class="height5" />[small]Tags:[/small] SBS 2008

Software/Hardware used:
SBS 2008

Answer Wiki

Thanks. We'll let you know when a new response is added.

We are changing all our customers over to Sunbelt’s Vipre. You will need to make scan exclusions regardless of what product you use.
Listed below are the items and their default locations – your installation may be different.

Exchange
1. Exchange Server Database = C:\Program Files\Exchsrvr\Mdbdata (check location see note above)
2. Exchange MTA files = C:\Program Files\Exchsrvr\Mtadata
3. Exchange Message tracking log files = C:\Program Files\Exchsrvr\server_name.log
4. Exchange SMTP Mailroot = C:\Program Files\Exchsrvr\Mailroot
5. Exchange working files = C:\Program Files\Exchsrvr\Mdbdata
6. C:\Program Files\Exchsrvr\Conndata
7. Site Replication Service (not normally used in SBS but should be excluded anyway) = C:\Program Files\Exchsrvr\srsdata
8. SBS POP3 connector Failed Mail = C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\Failed Mail
9. SBS POP3 connector Incoming Mail = C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\Incoming Mail

IIS related Exclusions
1. IIS System Files = C:\WINDOWS\system32\inetsrv
2. IIS Compression Folder = C:\WINDOWS\IIS Temporary Compressed Files
3. C:\inetpub

SQL
1. Data Files
1. *.mdf
2. *.ldf
3. *.ndf
2. Backup Files
1. *.bak
2. *.trn

Domain Controller related exclusions
1. Active Directory database files = C:\WINDOWS\NTDS SYSVOL
2. C:\WINDOWS\SYSVOL NTFRS
3. Database Files = C:\WINDOWS\ntfrs

Windows SharePoint Services
Temporary SharePoint space = C:\windows\temp\Frontpagetempdir

SBS Service Related Data Bases
1. X:\Program Files\Microsoft SQL Server\MSSQL$SBSMONITORING\Data
2. X:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data
3. X:\Program Files\Microsoft SQL Server\MSSQL\Data

AV Progam Exclusions
1. X:\Folder where AV puts quarantined files
2. X:\<AV application folder>

Desktop Folder Exclusions
These folders need to be excluded in the desktops and notebooks clients.
Windows Update Store = C:\WINDOWS\SoftwareDistribution\DataStore

DFS
The same resources that are excluded for a SYSVOL replica set must also be excluded when FRS is used to replicate shares that are mapped to the DFS root and link targets on Windows 2000 or Windows Server 2003 based member computers or domain controllers.

SBS Licensing Exclusions
1. File – %windir%\system32\licstr.cpa
2. Folder – %windir%\windows\system32\lls

NOTE: Run the License Wiz and backup the licenses to a secure folder.

Terminal Services Licensing Exclusions
C:\WINDOWS\System32\LServer

Should contain the following TS related stuff:

1. edb.log
2. edb.chk
3. res1.log
4. res2.log
5. TLSLic.edb
6. temp.edb

Also, Refer to the MS KB Articles
815623
822158
245822
284947

Additional Exclusions
1. Removable Storage Database (used by SBS Backup) = C:\Windows\System32\ntmsdata
2. X:\urlcache
3. X:\pagefile.sys
4. DHCP Database Store = C:\Windows\System32\DHCP
5. WINS Database Store = C:\Windows\System32\WINS

Per 822158 –
The Windows Update or Automatic Update database file
%windir%\SoftwareDistribution\Datastore\datastore.edb
The transaction log files. These files are located in the following folder %windir%\SoftwareDistribution\Datastore\Logs\edb*.log
Note: The wildcard character indicates that there may be several files.
. Res1.log
. Res2.log
. Edb.chk
. Tmp.edb
Per 815623
In summary, the targeted and excluded list of folders for a SYSVOL tree that is placed in its default location would look similar to the following:
1. %systemroot%\sysvol Exclude
2. %systemroot%\sysvol\domain Scan
3. %systemroot%\sysvol\domain\DO_NOT_REMOVE_NtFrs_PreInstall_Directory Exclude
4. %systemroot%\sysvol\domain\Policies Scan
5. %systemroot%\sysvol\domain\Scripts Scan
6. %systemroot%\sysvol\staging Exclude
7. %systemroot%\sysvol\staging areas Exclude
8. %systemroot%\sysvol\sysvol Exclude

Files
1. cdb.exe
2. cidaemon.exe
3. store.exe
4. mad.exe
5. mssearch.exe
6. inetinfo.exe
7. w3wp.exe
8. ntds.dit
9. edb*.log (notice the wild card – there can be several)
10. res1.log or edbres00001.jrs in Vista and 2k8
11. res2.log or edbres00002.jrs in Vista and 2k8
12. tmp.edb
13. edb.chk

If any one of these folders or files have been moved or placed in a different location, scan or exclude the equivalent element.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following