Exchange Aware Anti-virus for SBS 2008

1146455 pts.
Exchange security
SBS 2008
Hi, I am looking for an anti-virus program that is exchange aware to run on a SBS 2008 server that is used as a file server as well as a mail server. I already have “GFI MailSecurity” installed for scanning email messages but I want to install something that will scan the rest of the server without affecting the exchange server. Can anyone recommend a specific AV? Thanks Wayne [Br class="height5" />[small]Tags:[/small] SBS 2008

Software/Hardware used:
SBS 2008

Answer Wiki

Thanks. We'll let you know when a new response is added.

We are changing all our customers over to Sunbelt’s Vipre. You will need to make scan exclusions regardless of what product you use.
Listed below are the items and their default locations – your installation may be different.

1. Exchange Server Database = C:\Program Files\Exchsrvr\Mdbdata (check location see note above)
2. Exchange MTA files = C:\Program Files\Exchsrvr\Mtadata
3. Exchange Message tracking log files = C:\Program Files\Exchsrvr\server_name.log
4. Exchange SMTP Mailroot = C:\Program Files\Exchsrvr\Mailroot
5. Exchange working files = C:\Program Files\Exchsrvr\Mdbdata
6. C:\Program Files\Exchsrvr\Conndata
7. Site Replication Service (not normally used in SBS but should be excluded anyway) = C:\Program Files\Exchsrvr\srsdata
8. SBS POP3 connector Failed Mail = C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\Failed Mail
9. SBS POP3 connector Incoming Mail = C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\Incoming Mail

IIS related Exclusions
1. IIS System Files = C:\WINDOWS\system32\inetsrv
2. IIS Compression Folder = C:\WINDOWS\IIS Temporary Compressed Files
3. C:\inetpub

1. Data Files
1. *.mdf
2. *.ldf
3. *.ndf
2. Backup Files
1. *.bak
2. *.trn

Domain Controller related exclusions
1. Active Directory database files = C:\WINDOWS\NTDS SYSVOL
3. Database Files = C:\WINDOWS\ntfrs

Windows SharePoint Services
Temporary SharePoint space = C:\windows\temp\Frontpagetempdir

SBS Service Related Data Bases
1. X:\Program Files\Microsoft SQL Server\MSSQL$SBSMONITORING\Data
2. X:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data
3. X:\Program Files\Microsoft SQL Server\MSSQL\Data

AV Progam Exclusions
1. X:\Folder where AV puts quarantined files
2. X:\<AV application folder>

Desktop Folder Exclusions
These folders need to be excluded in the desktops and notebooks clients.
Windows Update Store = C:\WINDOWS\SoftwareDistribution\DataStore

The same resources that are excluded for a SYSVOL replica set must also be excluded when FRS is used to replicate shares that are mapped to the DFS root and link targets on Windows 2000 or Windows Server 2003 based member computers or domain controllers.

SBS Licensing Exclusions
1. File – %windir%\system32\
2. Folder – %windir%\windows\system32\lls

NOTE: Run the License Wiz and backup the licenses to a secure folder.

Terminal Services Licensing Exclusions

Should contain the following TS related stuff:

1. edb.log
2. edb.chk
3. res1.log
4. res2.log
5. TLSLic.edb
6. temp.edb

Also, Refer to the MS KB Articles

Additional Exclusions
1. Removable Storage Database (used by SBS Backup) = C:\Windows\System32\ntmsdata
2. X:\urlcache
3. X:\pagefile.sys
4. DHCP Database Store = C:\Windows\System32\DHCP
5. WINS Database Store = C:\Windows\System32\WINS

Per 822158 –
The Windows Update or Automatic Update database file
The transaction log files. These files are located in the following folder %windir%\SoftwareDistribution\Datastore\Logs\edb*.log
Note: The wildcard character indicates that there may be several files.
. Res1.log
. Res2.log
. Edb.chk
. Tmp.edb
Per 815623
In summary, the targeted and excluded list of folders for a SYSVOL tree that is placed in its default location would look similar to the following:
1. %systemroot%\sysvol Exclude
2. %systemroot%\sysvol\domain Scan
3. %systemroot%\sysvol\domain\DO_NOT_REMOVE_NtFrs_PreInstall_Directory Exclude
4. %systemroot%\sysvol\domain\Policies Scan
5. %systemroot%\sysvol\domain\Scripts Scan
6. %systemroot%\sysvol\staging Exclude
7. %systemroot%\sysvol\staging areas Exclude
8. %systemroot%\sysvol\sysvol Exclude

1. cdb.exe
2. cidaemon.exe
3. store.exe
4. mad.exe
5. mssearch.exe
6. inetinfo.exe
7. w3wp.exe
8. ntds.dit
9. edb*.log (notice the wild card – there can be several)
10. res1.log or edbres00001.jrs in Vista and 2k8
11. res2.log or edbres00002.jrs in Vista and 2k8
12. tmp.edb
13. edb.chk

If any one of these folders or files have been moved or placed in a different location, scan or exclude the equivalent element.

Discuss This Question:  

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: