Re: Trend Micro Folder/File Exclusions (SBS2003 R2)

Hi Mark:

Listed below are the items and their default locations - your
installation may be different.

Exchange
Exchange Server Database = C:\Program Files\Exchsrvr\Mdbdata (check
location see note above)
Exchange MTA files = C:\Program Files\Exchsrvr\Mtadata
Exchange Message tracking log files = C:\Program
Files\Exchsrvr\server_name.log
Exchange SMTP Mailroot = C:\Program Files\Exchsrvr\Mailroot
Exchange working files = C:\Program Files\Exchsrvr\Mdbdata
C:\Program Files\Exchsrvr\Conndata
Site Replication Service (not normally used in SBS but should be
excluded anyway) =
C:\Program Files\Exchsrvr\srsdata

IIS related Exclusions
IIS System Files = C:\WINDOWS\system32\inetsrv
IIS Compression Folder = C:\WINDOWS\IIS Temporary Compressed Files

Domain Controller related exclusions
Active Directory database files = C:\WINDOWS\NTDS
SYSVOL C:\WINDOWS\SYSVOL
NTFRS Database Files = C:\WINDOWS\ntfrs

Windows SharePoint Services
Temporary SharePoint space = C:\windows\temp\Frontpagetempdir

Service Related Data Bases
DHCP Database Store = C:\WINDOWS\system32\dhcp
WINS Database Store = C:\WINDOWS\system32\wins
X:\Program Files\Microsoft SQL Server\MSSQL$SBSMONITORING\Data
X:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data
X:\Program Files\Microsoft SQL Server\MSSQL\Data


Additional Exclusions
Removable Storage Database (used by SBS Backup) =
C:\Windows\System32\ntmsdata
SBS POP3 connector Failed Mail = C:\Program Files\Microsoft Windows
Small Business Server\Networking\POP3\Failed Mail
SBS POP3 connector Incoming Mail = C:\Program Files\Microsoft Windows
Small Business Server\Networking\POP3\Incoming Mail
Windows Update Store = C:\WINDOWS\SoftwareDistribution\DataStore
X:\urlcache
X:\pagefile.sys

AV Progam Exclusions
x:\Folder where AV puts quarrentined files
X:\<AV application folder>

Desktop Folder Exclusions
These folders need to be excluded in the desktops and notebooks
clients.
Windows Update Store = C:\WINDOWS\SoftwareDistribution\DataStore

SBS Licensing Exclusions
File - %windir%\system32\licstr.cpa
Folder - %windir%\windows\system32\lls
NOTE: Run the License Wiz and backup the licenses to a secure folder.

Terminal Services Licensing Exclusions
C:\WINDOWS\System32\LServer
Should contain the following TS related stuff:

edb.log
edb.chk
res1.log
res2.log
TLSLic.edb
temp.edb

Also, Refer to the MS KB Articles
815623
822158
245822
284947

Per 822158
The Windows Update or Automatic Update database file
%windir%\SoftwareDistribution\Datastore\datastore.edb

The transaction log files. These files are located in the following
folder
%windir%\SoftwareDistribution\Datastore\Logs\edb*.log
Note The wildcard character indicates that there may be several files.
. Res1.log
. Res2.log
. Edb.chk
. Tmp.edb

Per 815623
In summary, the targeted and excluded list of folders for a SYSVOL
tree that is placed in its default location would look similar to the
following:
1. %systemroot%\sysvol
Exclude
2. %systemroot%\sysvol\domain
Scan
3. %systemroot%\sysvol\domain\DO_NOT_REMOVE_NtFrs_PreInstall_Directory
Exclude
4. %systemroot%\sysvol\domain\Policies
Scan
5. %systemroot%\sysvol\domain\Scripts
Scan
6. %systemroot%\sysvol\staging
Exclude
7. %systemroot%\sysvol\staging areas
Exclude
8. %systemroot%\sysvol\sysvol
Exclude

If any one of these folder or files have been moved or placed in a
different location, scan or exclude the equivalent element.

. DFS
The same resources that are excluded for a SYSVOL replica set must
also be excluded when FRS is used to replicate shares that are mapped to the
DFS root and link targets on Windows 2000 or Windows Server 2003-based
member computers or domain controllers.

Aren't you sorry you asked?

--
Larry



"Mark Storm" <markstorm@xxxxxxxx> wrote in message
news:b9259$47504de7$463d94b2$24974@xxxxxxxxxxx
I need some advice in regards to which folders/files need to be excluded
from scanning with Trend Micro CSM ver 3.6? I just rebuilt my SBS server
with R2 Premium, have the latest Trend-Micro 3.6 installed, and would like
to set it up right this time. Asking for thoughts on how to handle the
whole exclusion thing? In addition to the SBS Prem install we run an
office practice-management product (proprietary database), several apps
that write to SQL and QuickBooks Premier 2007. Thanks in advance!

Mark



.

Relevant Pages

  • RE: Windows server 2003 SP1
    ... Open Exchange System Manager ... check "the database can be overwritten..." ... Do the same for the public folder store ...
    (microsoft.public.windows.server.sbs)
  • Re: Have database mismatch, can I move NTDS.dit and Exchange to new identical server?
    ... Check the physical location of the Winnt\NTDS\ folder. ... Check the permissions on the \Winnt\NTDS folder. ... as it may not be the database that is the ... MCSA + Exchange ...
    (microsoft.public.win2000.active_directory)
  • Re: cant mount information store
    ... then moved the E00.log file into a different folder and both databases ... I then reinstalled exchange and then installed exchange 2003> sp2. ... > error -1216 because it encountered references to a database, ... > Information Store First Storage Group: ...
    (microsoft.public.windows.server.sbs)
  • Re: Antivirus exclude folders?
    ... Active Directory database files = C:\WINDOWS\NTDS ... Entire SYSVOL folder may be overkill. ... Windows SharePoint Services ... scan or exclude the equivalent element. ...
    (microsoft.public.windows.server.sbs)
  • Re: TS Member Server
    ... All locations are SBS defaults. ... Exchange* ... *Windows SharePoint Services* ... X:\<AV application folder> ...
    (microsoft.public.windows.server.sbs)