Today, I was having this issue with a client, who has Forefront Real time client installed on their MOSS 2007 Server and were having issues with the replication. During working on this issue I found following information, which can be helpful as general guidelines for using Anti Virus with MOSS 2007.
The generic consideration will be given in the context of a MOSS 2007 platform is installed.
As MOSS 2007 installation requires pre-requisites software, the document will describe as well exclusions for those software.
Windows server 2003
· The %systemroot% is normally the C:\WINDOWS or C:\WINNT directory depending on your OS
· %systemroot%\System32\Spool (and all the sub-folders and files)
· Any Network Drives that are mapped
Refer to the following article for information:
KB822158 - Virus scanning recommendations for computers that are running Windows Server 2003, Windows 2000, or Windows XP http://support.microsoft.com/kb/822158
Internet Information Server
· The IIS compression directory (default compression directory is %systemroot%\IIS Temporary Compressed Files)
· %systemroot%\system32\inetsrv folder
· Files that have the .log extension
Refer to the following knowledge base articles for reference:
KB817442 - IIS 6.0: Antivirus Scanning of IIS Compression Directory May Result in 0-Byte File http://support.microsoft.com/kb/817442
KB821749 - Antivirus software may cause IIS to stop unexpectedly http://support.microsoft.com/kb/821749
· Exclude .MDF, .LDF, .NDF, .TRN, .BAK and .SLS
· Exclude sqlmangr.exe and sqlservr.exe
· SQL folder and databases files (or database file types) from scanning for performance reasons:
KB309422 - Guidelines for choosing antivirus software to run on the computers that are running SQL Server http://support.microsoft.com/kb/309422
WSS3.0 / MOSS 2007
· Drive:\Program Files\Microsoft Office Servers\12.0
· Drive:\Program Files\Common Files\Microsoft Shared\web server extensions\12
· Drive:\DOCUME~1\ALLUSE~1\APPLICATION DATA\MICROSOFT\FIREWALL CLIENT\*
· Drive:\DOCUMENTS AND SETTINGS\
· Drive:\Documents and Settings\\
· W3wp.exe, cbd.exe, cidaemon.exe, owstimer.exe (WSS)
(where Drive: is the drive letter where you installed SharePoint Portal Server)
Also, ‘c:\windows\temp\contentdeployment’ to temporarily store deployment files (.cab). This should perhaps be excluded as well.
· Drive:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Operations Manager
· Drive:\Program Files\Microsoft Operations Manager 2005
where Drive: is the drive letter where profiles are located
Trend Micro(TM) PortalProtect(TM) 1.7 for Microsoft(TM) SharePoint(TM) 2007
· Temp folder: C:\Program Files\Trend Micro\PortalProtect\temp
· Quarantine folder, whose default location is:
Drive:\Program Files\Trend Micro\PortalProtect\Quarantine
· Backup folder, whose default location is:
Drive:\Program Files\Trend Micro\PortalProtect\Backup
Just to make you aware that there is a SharePoint version of Forefront Security available from Microsoft. To know more about Forefront for Sharepoint please visit:
Hope this helps. Any comments welcome.