I am Dale Hayter, a Microsoft and VMware certified Technical Consultant.

My blog has been built up over the years from my experience of working on an IT helpdesk and also from being out on-site.

Microsoft Exchange 2010 / 2013 Anti-Virus Exclusions

When running Anti-Virus software on an Exchange 2010 / 2013 server its important to setup some exclusions on various processes, folders and file types. Otherwise you can run into performance issues or even Anti-Virus software deleting Exchange log files.

I normally exclude the whole of the Exchange server installation folder.

C:\Program Files\Microsoft\Exchange Server\

I then exclude the inetpub log folder which is defaulted to the root of the C drive. Also the temp folder in here.

C:\inetpub\logs\
c:\inetpub\temp\

Also exclude the Database Location and Log file folders.

L:\Exchange Log Files\

You then need to exclude the IIS system files

C:\Windows\System32\Inetsrv

If you have a DAG, exclude the witness location and the cluster quorum location.

C:\DagFileShareWitnesses
C:\Windows\Cluster

Then exclude the queue folder. Since I’ve already excluded the Exchange install folder this is already done.

You then should exclude the following processes.

Cdb.exe
Microsoft.Exchange.Pop3service.exe
MSExchangeRepl.exe
Cidaemon.exe
Microsoft.Exchange.ProtectedServiceHost.exe
MSExchangeSubmission.exe
Clussvc.exe
Microsoft.Exchange.RPCClientAccess.Service.exe
MSExchangeTransport.exe
Dsamain.exe
Microsoft.Exchange.Search.Service.exe
MSExchangeTransportLogSearch.exe
EdgeCredentialSvc.exe
Microsoft.Exchange.Servicehost.exe
MSExchangeThrottling.exe
EdgeTransport.exe
Microsoft.Exchange.Store.Service.exe
Msftefd.exe
ExFBA.exe
Microsoft.Exchange.Store.Worker.exe
Msftesql.exe
hostcontrollerservice.exe
Microsoft.Exchange.TransportSyncManagerSvc.exe
OleConverter.exe
Inetinfo.exe
Microsoft.Exchange.UM.CallRouter.exe
Powershell.exe
Microsoft.Exchange.AntispamUpdateSvc.exe
MSExchangeDagMgmt.exe
ScanEngineTest.exe
Microsoft.Exchange.ContentFilter.Wrapper.exe
MSExchangeDelivery.exe
ScanningProcess.exe
Microsoft.Exchange.Diagnostics.Service.exe
MSExchangeFrontendTransport.exe
TranscodingService.exe
Microsoft.Exchange.Directory.TopologyService.exe
MSExchangeHMHost.exe
UmService.exe
Microsoft.Exchange.EdgeSyncSvc.exe
MSExchangeHMWorker.exe
UmWorkerProcess.exe
Microsoft.Exchange.Imap4.exe
MSExchangeLESearchWorker.exe
UpdateService.exe
Microsoft.Exchange.Imap4service.exe
MSExchangeMailboxAssistants.exe
W3wp.exe
Microsoft.Exchange.Monitoring.exe
MSExchangeMailboxReplication.exe
Microsoft.Exchange.Pop3.exe
MSExchangeMigrationWorkflow.exe

Then exclude the following file extensions :

.config
.dia
.wsb
.chk
.edb
.jrs
.jsl
.log
.que
.lzx
.ci
.dir
.wid
.000
.001
.002
.cfg
.grxml
.dsc
.txt

If your using Sophos I’ve made a txt file that you can use to import the file path and process exclusions in one go. Saves a lot of time. Download it from here

SAVExchange

Source : Microsoft