%3CLINGO-SUB%20id%3D%22lingo-sub-1149720%22%20slang%3D%22en-US%22%3ERe%3A%20Configuration%20Manager%20Current%20Branch%20Antivirus%20Exclusions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1149720%22%20slang%3D%22en-US%22%3E%3CP%3EHi%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F107956%22%20target%3D%22_blank%22%3E%40Brandon%20McMillan%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThere's%20a%20typo%20in%20the%20section%3A%26nbsp%3BServer%20Side%3C%2FP%3E%3CP%3EAs%20is%3A%3C%2FP%3E%3CUL%3E%3CLI%3E%3CSPAN%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FSPAN%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5Cbin%5Cx64%5CSitecomp.ex%3C%2FLI%3E%3C%2FUL%3E%3CP%3EShould%20be%3A%3C%2FP%3E%3CUL%3E%3CLI%3E%3CSPAN%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FSPAN%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5Cbin%5Cx64%5CSitecomp.ex%3CSTRONG%3Ee%3C%2FSTRONG%3E%3C%2FLI%3E%3C%2FUL%3E%3CP%3EIt's%20not%20a%20big%20deal%20but%20the%20people%20who%20just%20copy%20and%20paste%20it%20is%20certainly%20an%20improvement.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Eregards%2C%3C%2FP%3E%3CP%3EThom%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1155743%22%20slang%3D%22en-US%22%3ERe%3A%20Configuration%20Manager%20Current%20Branch%20Antivirus%20Exclusions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1155743%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F544301%22%20target%3D%22_blank%22%3E%40Thomas_Oehen%3C%2FA%3E%2C%26nbsp%3Bthank%20you%20for%20reading%20and%20providing%20feedback.%26nbsp%3B%20I%20made%20the%20correction.%26nbsp%3B%20Thanks%20again!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1181615%22%20slang%3D%22en-US%22%3ERe%3A%20Configuration%20Manager%20Current%20Branch%20Antivirus%20Exclusions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1181615%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3EDoes%20any%26nbsp%3B%3CSTRONG%3Eauthoritative%26nbsp%3B%3C%2FSTRONG%3E%3CSPAN%3Esource%20have%20recommendation%20to%20exclude%26nbsp%3B%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%5CSCCMContentLib%20folder%2Bsubfolders%20from%26nbsp%3Bthe%20Scanning%3F%3C%2FSPAN%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3ERegards%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EAnton%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1184930%22%20slang%3D%22en-US%22%3ERe%3A%20Configuration%20Manager%20Current%20Branch%20Antivirus%20Exclusions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1184930%22%20slang%3D%22en-US%22%3E%3CP%3EHello%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F563001%22%20target%3D%22_blank%22%3E%40Anton_Elufimov%3C%2FA%3E!%26nbsp%3B%20Thank%20you%20for%20your%20inquiry.%26nbsp%3B%20As%20of%20today%2C%20I'm%20not%20aware%20of%20any%20authoritative%20sources%20for%20that%20recommendation.%26nbsp%3B%20I%20suggest%20if%20your%20AV%20product%20may%20be%20causing%20issues%20with%20the%20content%20library%20to%20test%20out%20what%20may%20work%20best%20for%20your%20environment%20while%20keeping%20it%20operationally%20secure.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1345951%22%20slang%3D%22en-US%22%3ERe%3A%20Configuration%20Manager%20Current%20Branch%20Antivirus%20Exclusions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1345951%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F107956%22%20target%3D%22_blank%22%3E%40Brandon%20McMillan%3C%2FA%3E%26nbsp%3B%26nbsp%3B%20Under%20the%20process%20exclusions%20I%20think%20you%20have%20an%20extra%20%22b%22%20in%20the%20executable%20name%3C%2FP%3E%3CP%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%3CSPAN%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5Cbin%5Cx64%5CSmssqlbbkup.exe%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1346109%22%20slang%3D%22en-US%22%3ERe%3A%20Configuration%20Manager%20Current%20Branch%20Antivirus%20Exclusions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1346109%22%20slang%3D%22en-US%22%3E%3CP%3EHey%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F211434%22%20target%3D%22_blank%22%3E%40Chris%20Sappey%3C%2FA%3E!%26nbsp%3B%20Thank%20you%20for%20bringing%20that%20to%20my%20attention.%26nbsp%3B%20I%20made%20the%20correction.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1480162%22%20slang%3D%22en-US%22%3ERe%3A%20Configuration%20Manager%20Current%20Branch%20Antivirus%20Exclusions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1480162%22%20slang%3D%22en-US%22%3E%3CP%3EFor%203rd%20party%20updates%2C%20our%20AV%20is%20stopping%20as%20because%20of%20this%20location%3A%26nbsp%3BC%3A%5CProgram%20Files%5CUpdate%20Services%5CSchema%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1657475%22%20slang%3D%22en-US%22%3ERe%3A%20Configuration%20Manager%20Current%20Branch%20Antivirus%20Exclusions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1657475%22%20slang%3D%22en-US%22%3E%3CP%3EHey%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F50272%22%20target%3D%22_blank%22%3E%40yannara%20_%3C%2FA%3E%26nbsp%3B!%26nbsp%3B%20Thank%20you%20for%20your%20response.%26nbsp%3B%20Many%20apologies%20on%20the%20delay%20in%20responding%20to%20your%20comment.%26nbsp%3B%20I%20have%20not%20come%20across%20anything%20similar%20to%20your%20scenario%2C%20so%20if%20you're%20still%20having%20this%20issue%20I%20would%20suggest%20to%20open%20a%20case%20with%20our%20CSS%20team%20to%20investigate%20further.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2111155%22%20slang%3D%22fr-FR%22%3ERe%3A%20Configuration%20Manager%20Current%20Branch%20Antivirus%20Exclusions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2111155%22%20slang%3D%22fr-FR%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIn%20the%20WSUS%20section%2C%20I%20think%20that%20%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%20'WSUS'UpdateServiceDBFiles%20should%20be%20%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%20'WSUS'UpdateServicesDBFiles%2C%20as%20specified%20in%20the%20Microsoft%20docs%20about%20Windows%20Defender%20Exclusions.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ELooks%3C%2FP%3E%3CP%3EJf%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2111822%22%20slang%3D%22en-US%22%3ERe%3A%20Configuration%20Manager%20Current%20Branch%20Antivirus%20Exclusions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2111822%22%20slang%3D%22en-US%22%3E%3CP%3EHey%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F952032%22%20target%3D%22_blank%22%3E%40JFD84%3C%2FA%3E%2C%26nbsp%3Bthank%20you%20for%20the%20feedback!%26nbsp%3B%20I%20will%20make%20the%20correction.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-884831%22%20slang%3D%22en-US%22%3EConfiguration%20Manager%20Current%20Branch%20Antivirus%20Exclusions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-884831%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20everybody!%26nbsp%3B%20My%20name%20is%20Brandon%20McMillan%20and%20I%20am%20a%20Microsoft%20Endpoint%20Configuration%20Manager%20(ConfigMgr)%20CE%20at%20Microsoft.%20ConfigMgr%20Current%20Branch%26nbsp%3Bhas%20been%20the%20standard%20service-based%20model%26nbsp%3Bsince%20December%202015%20with%20the%20release%20of%20version%201511.%20%26nbsp%3BYou%20may%20have%20noticed%20that%20with%20the%20continuous%20improvements%2C%20your%20antivirus%20exclusions%20also%20need%20to%20be%20kept%20up%20to%20date.%20%26nbsp%3BI%20hope%20this%20will%20provide%20you%20with%20important%20antivirus%20exclusions%20you%20could%20consider%20implementing%20within%20a%20Current%20Branch%20environment.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThis%20blog%20will%20provide%20a%20comprehensive%20list%20of%20the%20following%20referenced%20Microsoft%20Support%20and%20Microsoft%20Docs%20articles%20we%20have%20released%20along%20with%20other%20recommendations%20you%20could%20consider%20for%20your%20environment.%26nbsp%3B%20Please%20reference%20the%20following%20articles%20for%20further%20guidance.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CA%20href%3D%22http%3A%2F%2Fsupport.microsoft.com%2Fkb%2F822158%2Fen-us%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E822158%3C%2FA%3E%3A%20Virus%20scanning%20recommendations%20for%20Enterprise%20computers%20that%20are%20running%20currently%20supported%20versions%20of%20Windows%20-%20Last%20Review%3A%20Jan%2012%2C%202021%3C%2FLI%3E%0A%3CLI%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Ftroubleshoot%2Fmem%2Fconfigmgr%2Frecommended-antivirus-exclusions%3Fsource%3Ddocs%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EDocs%20Article%3A%3C%2FA%3E%26nbsp%3BRecommended%20antivirus%20exclusions%20for%20Configuration%20Manager%20Site%20Servers%2C%20Site%20Systems%2C%20and%20Clients%20-%20Last%20Review%3A%20Jan%2012%2C%202021%3C%2FLI%3E%0A%3CLI%3E%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F309422%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E309422%3C%2FA%3E%3A%20How%20to%20choose%20antivirus%20software%20to%20run%20on%20computers%20that%20are%20running%20SQL%20Server%20-%20Last%20Review%3A%20Jan%2025%2C%202021%3C%2FLI%3E%0A%3CLI%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-US%2Ftroubleshoot%2Fwindows-server%2Fhigh-availability%2Fnot-cluster-aware-antivirus-software-cause-issue%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EDocs%20Article%3C%2FA%3E%3A%20Antivirus%20software%20that%20is%20not%20cluster-aware%20may%20cause%20problems%20with%20Cluster%20Services%20-%20Last%20Review%3A%20Oct%2024%2C%202020%3C%2FLI%3E%0A%3CLI%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Ftroubleshoot%2Fiis%2F0-byte-file-compression-enabled%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EDocs%20Article%3A%3C%2FA%3E%20A%200-byte%20file%20may%20be%20returned%20when%20compression%20is%20enabled%20on%20a%20server%20that%20is%20running%20IIS%20-%20Last%20Review%3A%20Mar%2030%2C%202020%3C%2FLI%3E%0A%3CLI%3E%3CA%20href%3D%22http%3A%2F%2Fsupport.microsoft.com%2Fkb%2F900638%2Fen-us%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E900638%3C%2FA%3E%3A%20Multiple%20symptoms%20occur%20if%20an%20antivirus%20scan%20occurs%20while%20the%20Wsusscan.cab%20file%20or%20the%20Wsusscn2.cab%20file%20is%20copied%20-%20Last%20Review%3A%20Jan%2025%2C%202021%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CSTRONG%3EUpdate%3A%20Feb%202%2C%202021%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EAdded%20%3CSTRONG%3E%3CEM%3EPowerBI%20Report%20Server%3C%2FEM%3E%3C%2FSTRONG%3E%20paths%20and%20recommendations%20under%20%3CEM%3ESQL%20Reporting%20Services%20Exclusions.%3C%2FEM%3E%3C%2FLI%3E%0A%3CLI%3ECorrection%20on%26nbsp%3B%3CSPAN%3E%3CSTRONG%3E%3CEM%3EUpdateServicesDBFiles%3C%2FEM%3E%3C%2FSTRONG%3E%20path%20under%20%3CEM%3EWSUS%20Exclusions%3C%2FEM%3E%3C%2FSPAN%3E.%26nbsp%3B%20Many%20thanks%20to%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F952032%22%20target%3D%22_blank%22%3E%40JFD84%3C%2FA%3E%26nbsp%3Bfor%20the%20feedback.%3C%2FLI%3E%0A%3CLI%3EReview%2Fupdated%20antivirus%20references%20and%20links.%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CSTRONG%20style%3D%22font-family%3A%20inherit%3B%22%3EIMPORTANT%3A%3C%2FSTRONG%3E%3CSPAN%20style%3D%22font-family%3A%20inherit%3B%22%3E%20Antivirus%20real-time%20protection%20can%20cause%20many%20problems%20on%20Configuration%20Manager%20site%20servers%2C%20site%20systems%2C%20and%20clients.%26nbsp%3B%20We%20recommend%20to%20always%20%3C%2FSPAN%3E%3CSTRONG%20style%3D%22font-family%3A%20inherit%3B%22%3Etest%3C%2FSTRONG%3E%3CSPAN%20style%3D%22font-family%3A%20inherit%3B%22%3E%20before%20implementing%20any%20of%20these%20changes%20in%20a%20production%20environment.%20We%20strongly%20encourage%20you%20to%20evaluate%20the%20risks%20that%20are%20associated%20with%20implementing%20these%20changes.%20We%20recommend%20that%20you%20temporarily%20apply%20these%20procedures%20to%20evaluate%20a%20system.%20If%20you%20choose%20to%20implement%20these%20changes%20in%20your%20environment%2C%20ensure%20you%20take%20any%20additional%20precautions%20necessary.%20Please%20refer%20to%20your%20antivirus%20vendor%E2%80%99s%20documentation%20for%20further%20guidance%20and%20recommendations.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20recommendations%20for%20each%20section%20are%20separated%20between%20%22%3CEM%3EOperational%3C%2FEM%3E%22%20and%20%22%3CEM%3EPerformance%3C%2FEM%3E%22%20levels.%20%26nbsp%3B%3CEM%3EOperational%3C%2FEM%3E%20recommendations%20are%26nbsp%3B%3CSTRONG%3Ehighly%3C%2FSTRONG%3E%26nbsp%3Bencouraged%20to%20be%20added%20to%20your%20exclusions%20list.%26nbsp%3B%20%3CEM%3EPerformance%3C%2FEM%3E%20recommendations%20should%20only%20be%20considered%20if%20you%20are%20experiencing%20such%20issues%20that%20may%20be%20a%20result%20of%20your%20antivirus%20product.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20following%20information%20will%20cover%20what%20could%20be%20recommended%20for%26nbsp%3Byour%20environment.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EDetails%20on%20the%20variables%20referenced%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%20can%20be%20multiple%20drives%20in%20some%20environments%2C%20so%20it%26nbsp%3Bis%20best%20to%20use%20a%20wildcard%20if%20possible%20for%20the%20antivirus%20solution%20you%20have%20deployed%20throughout%20your%20environment.%26nbsp%3B%20Please%20refer%20to%20your%20vendor%E2%80%99s%20documentation%20for%26nbsp%3Bfurther%20instructions.%3C%2FLI%3E%0A%3CLI%3E%26nbsp%3B%3CEM%3E%3CFONT%20color%3D%22%230000FF%22%3E%3CINSTANCENAME%3E%3C%2FINSTANCENAME%3E%3C%2FFONT%3E%3C%2FEM%3E%3CEM%3E%26nbsp%3B%3C%2FEM%3Eis%20the%20name%20of%20the%20SQL%20instance%26nbsp%3Byou%20are%20using%20in%20your%20environment.%26nbsp%3B%20Please%20be%20aware%20if%20you%20use%20any%20named%20SQL%20instances%20or%20the%20default%2C%20%22MSSQLServer%22.%3C%2FLI%3E%0A%3CLI%3E%26nbsp%3B%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E%26nbsp%3Bis%20the%20version%20of%20SQL%20you%20are%20using%20in%20your%20environment.%20%26nbsp%3BThis%20may%20also%20differ%20between%20each%20SQL%20service%20referenced%20between%20versions%20SQL%20Server%202005-2008%20R2%20and%20SQL%20Server%202012%20or%20higher.%20%26nbsp%3BPlease%20be%20aware%20of%20what%20version%20you%20have%20installed.%20%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F309422%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EKB309422%3C%2FA%3E%26nbsp%3Band%20the%26nbsp%3Barticle%20below%20can%20provide%20you%20with%20more%20details.%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F321185%2Fhow-to-determine-the-version%2C-edition-and-update-level-of-sql-server-and-its-components%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EHow%20to%20determine%20the%20version%2C%20edition%20and%20update%20level%20of%20SQL%20Server%20and%20its%20components%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3ECore%20Exclusions%20for%20Supported%20Versions%20of%20Windows%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CU%3E%3CEM%3EOperational%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%25allusersprofile%25%5CNTUser.pol%3C%2FLI%3E%0A%3CLI%3E%25userprofile%25%5CNTUser.dat%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSecurity%5CDatabase%5C*.chk%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSecurity%5CDatabase%5C*.cmtx%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSecurity%5CDatabase%5C*.csv%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSecurity%5CDatabase%5C*.edb%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSecurity%5CDatabase%5C*.jrs%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSecurity%5CDatabase%5C*.log%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSecurity%5CDatabase%5C*.sdb%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSecurity%5CDatabase%5C*.xml%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSoftwareDistribution%5CDatastore%5CDatastore.edb%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSoftwareDistribution%5CDatastore%5CLogs%5Cedb.chk%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSoftwareDistribution%5CDatastore%5CLogs%5Cedb*.jrs%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSoftwareDistribution%5CDatastore%5CLogs%5Cedb*.log%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSoftwareDistribution%5CDatastore%5CLogs%5Ctmp.edb%3C%2FLI%3E%0A%3CLI%3E%25SystemRoot%25%5CSystem32%5CGroupPolicy%5CMachine%5CRegistry.pol%3C%2FLI%3E%0A%3CLI%3E%25SystemRoot%25%5CSystem32%5CGroupPolicy%5CMachine%5CRegistry.tmp%3C%2FLI%3E%0A%3CLI%3E%25SystemRoot%25%5CSystem32%5CGroupPolicy%5CUser%5CRegistry.pol%3C%2FLI%3E%0A%3CLI%3E%25SystemRoot%25%5CSystem32%5CGroupPolicy%5CUser%5CRegistry.tmp%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EFor%20further%20information%20regarding%20recommended%20exclusions%20for%20server%20roles%20such%20as%20a%20Domain%20Controller%2C%20DFS%2C%20DHCP%2C%20or%20DNS%2C%20please%20refer%20to%20the%20article%20below.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EReference%3A%26nbsp%3B%3CA%20href%3D%22http%3A%2F%2Fsupport.microsoft.com%2Fkb%2F822158%2Fen-us%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E822158%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EConfigMgr%26nbsp%3BCore%20Installation%20Exclusions%20(All%20Versions)%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CU%3E%3CEM%3EOperational%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5CInboxes%5C%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5CInstall.map%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5CLogs%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EReference%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Ftroubleshoot%2Fmem%2Fconfigmgr%2Frecommended-antivirus-exclusions%3Fsource%3Ddocs%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EDocs%20Article%3A%20Recommended%20antivirus%20exclusions%20for%20Configuration%20Manager%20Site%20Servers%2C%20Site%20Systems%2C%20and%20Clients%3C%2FA%3E%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fcore-infrastructure-and-security%2Fupdated-system-center-2012-configuration-manager-antivirus%2Fba-p%2F884371%22%20target%3D%22_blank%22%3EConfiguration%20Manager%202012%20Antivirus%20Exclusions%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EConfigMgr%20Core%20Installation%20Exclusions%20(Current%20Branch%20Versions)%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CU%3E%3CEM%3EOperational%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5Ccd.latest%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5CEasySetupPayload%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CU%3E%3CEM%3EPerformance%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5CAdminUIContentPayload%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5CAdminUIContentStaging%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5CCMUClient%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5CCMUStaging%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5CISVTemp%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5CPilotingUpgrade%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5CRLAStaging%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EReference%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Ftroubleshoot%2Fmem%2Fconfigmgr%2Frecommended-antivirus-exclusions%3Fsource%3Ddocs%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EDocs%20Article%3A%20Recommended%20antivirus%20exclusions%20for%20Configuration%20Manager%20Site%20Servers%2C%20Site%20Systems%2C%20and%20Clients%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EConfigMgr%20Management%20Point%20Exclusions%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3EThe%20following%20recommendations%20are%20dependent%20on%20the%20state%20of%20the%20system%20when%20the%20Management%20Point%20role%20is%20assigned.%26nbsp%3B%20Please%20review%20the%20current%20state%20of%20your%20environment%20to%20determine%20which%20of%20the%20following%20paths%20should%20be%20excluded.%3C%2FP%3E%0A%3CP%3E%3CU%3E%3CEM%3EOperational%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5CMP%5COUTBOXES%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CSMS_CCM%5CLogs%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CSMS_CCM%5CPolReqStaging%5CPOL00000.pol%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CSMS_CCM%5CServiceData%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CSMS%5CLogs%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CSMS%5CMP%5COUTBOXES%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CSMS_CCM%5CLogs%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CSMS_CCM%5CPolReqStaging%5CPOL00000.pol%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CSMS_CCM%5CServiceData%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CSMS%5CLogs%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CSMS%5CMP%5COUTBOXES%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CCCM%5CLogs%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EReference%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Ftroubleshoot%2Fmem%2Fconfigmgr%2Frecommended-antivirus-exclusions%3Fsource%3Ddocs%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EDocs%20Article%3A%20Recommended%20antivirus%20exclusions%20for%20Configuration%20Manager%20Site%20Servers%2C%20Site%20Systems%2C%20and%20Clients%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EConfigMgr%20Content%20Library%20Exclusions%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CU%3E%3CEM%3EOperational%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CSMS_DP%24%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CSMSPKG%26lt%3B%3CEM%3EDriveLetter%26gt%3B%3C%2FEM%3E%24%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CSMSPKG%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CSMSPKGSIG%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CSMSSIG%24%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CCCM%5CServiceData%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CU%3E%3CEM%3EPerformance%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CSCCMContentLib%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5C%3CCONFIGMGR%3E%3C%2FCONFIGMGR%3E%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3EEx.%20D%3A%5CSCCMBackup%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5C%3CCONFIGMGR%3E%3C%2FCONFIGMGR%3E%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3EEx.%20D%3A%5CSCCMSource%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FUL%3E%0A%3CP%3EReference%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Ftroubleshoot%2Fmem%2Fconfigmgr%2Frecommended-antivirus-exclusions%3Fsource%3Ddocs%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EDocs%20Article%3A%20Recommended%20antivirus%20exclusions%20for%20Configuration%20Manager%20Site%20Servers%2C%20Site%20Systems%2C%20and%20Clients%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EConfigMgr%20Imaging%20Exclusions%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CU%3E%3CEM%3EOperational%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CConfigMgr_OfflineImageServicing%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CTEMP%5CBootImages%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CU%3E%3CEM%3EPerformance%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%25SystemDrive%25%5C_SMSTaskSequence%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EReference%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fcore-infrastructure-and-security%2Fupdated-system-center-2012-configuration-manager-antivirus%2Fba-p%2F884371%22%20target%3D%22_blank%22%3EConfiguration%20Manager%202012%20Antivirus%20Exclusions%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EConfigMgr%20Process%20Exclusions%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CU%3E%3CEM%3EOperational%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CP%3E%3CEM%3EClient%20Side%3C%2FEM%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%25windir%25%5CCCM%5CCcmexec.exe%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CCCM%5CCmRcService.exe%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CCCM%5CCcmrepair.exe%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CCCMSetup%5CCcmsetup.exe%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CEM%3EServer%20Side%3C%2FEM%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%25windir%25%5CCCM%5CCcmexec.exe%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSMS_CCM%5CCcmexec.exe%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5Cbin%5Cx64%5CCmupdate.exe%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5Cbin%5Cx64%5CSitecomp.exe%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5Cbin%5Cx64%5CSmsexec.exe%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5Cbin%5Cx64%5CSmssqlbkup.exe%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20Configuration%20Manager%5Cbin%5Cx64%5CSmswriter.exe%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CSMS_%3CSQLFQDN%3E%5Cbin%5Cx64%5CSmssqlbkup.exe%3C%2FSQLFQDN%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EReference%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Ftroubleshoot%2Fmem%2Fconfigmgr%2Frecommended-antivirus-exclusions%3Fsource%3Ddocs%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EDocs%20Article%3A%20Recommended%20antivirus%20exclusions%20for%20Configuration%20Manager%20Site%20Servers%2C%20Site%20Systems%2C%20and%20Clients%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EConfigMgr%20Client%20Exclusions%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CU%3E%3CEM%3EOperational%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%25windir%25%5CCCM%5C*.sdf%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CCCM%5CLogs%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CCCM%5CServiceData%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CCCMCache%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CCCMSetup%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CU%3E%3CEM%3EPerformance%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%25windir%25%5CCCM%5CSystemTemp%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EReference%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Ftroubleshoot%2Fmem%2Fconfigmgr%2Frecommended-antivirus-exclusions%3Fsource%3Ddocs%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EDocs%20Article%3A%20Recommended%20antivirus%20exclusions%20for%20Configuration%20Manager%20Site%20Servers%2C%20Site%20Systems%2C%20and%20Clients%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3ESQL%20Server%20Exclusions%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CU%3E%3CEM%3EOperational%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3ESQL%20Server%26nbsp%3BProcess%20Exclusions%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%26nbsp%3BSQL%20Server%5C%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E.%3CFONT%20color%3D%22%230000FF%22%3E%3CEM%3E%3CINSTANCENAME%3E%3C%2FINSTANCENAME%3E%3C%2FEM%3E%3C%2FFONT%3E%5CMSSQL%5CBinn%5CSQLServr.exe%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%5C%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E.%3CFONT%20color%3D%22%230000FF%22%3E%3CEM%3E%3CINSTANCENAME%3E%3C%2FINSTANCENAME%3E%3C%2FEM%3E%3C%2FFONT%3E%5COLAP%5CBin%5CMSMDSrv.exe%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3ESQL%20Server%20data%20files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E*.ldf%3C%2FLI%3E%0A%3CLI%3E*.mdf%3C%2FLI%3E%0A%3CLI%3E*.ndf%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3ESQL%26nbsp%3BServer%20backup%20files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E*.bak%3C%2FLI%3E%0A%3CLI%3E*.trn%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3ESQL%20Audit%20files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E*.sqlaudit%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3ESQL%20Query%20files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E*.sql%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3ESQL%20Trace%20files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E*.trc%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3EAnalysis%26nbsp%3BServices%20data%20files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%5C%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E.%3CFONT%20color%3D%22%230000FF%22%3E%3CEM%3E%3CINSTANCENAME%3E%3C%2FINSTANCENAME%3E%3C%2FEM%3E%3C%2FFONT%3E%5COLAP%5CBackup%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%5C%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E.%3CFONT%20color%3D%22%230000FF%22%3E%3CEM%3E%3CINSTANCENAME%3E%3C%2FINSTANCENAME%3E%3C%2FEM%3E%3C%2FFONT%3E%5COLAP%5CData%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%5C%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E.%3CFONT%20color%3D%22%230000FF%22%3E%3CEM%3E%3CINSTANCENAME%3E%3C%2FINSTANCENAME%3E%3C%2FEM%3E%3C%2FFONT%3E%5COLAP%5CLog%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3EFull-Text%26nbsp%3Bcatalog%20files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%5C%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E.%3CFONT%20color%3D%22%230000FF%22%3E%3CEM%3E%3CINSTANCENAME%3E%3C%2FINSTANCENAME%3E%3C%2FEM%3E%3C%2FFONT%3E%5CMSSQL%5CFTData%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3EReplication%20Files%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%20(x86)%5CMicrosoft%20SQL%20Server%5C%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E%5CCOM%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%5C%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E%5CCOM%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FLI%3E%0A%3CLI%3EReplication%20Snapshot%20Files%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%5C%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E.%3CFONT%20color%3D%22%230000FF%22%3E%3CEM%3E%3CINSTANCENAME%3E%3C%2FINSTANCENAME%3E%3C%2FEM%3E%3C%2FFONT%3E%5CMSSQL%5CReplData%3C%2FLI%3E%0A%3CLI%3EThese%20files%20typically%20have%20file%20name%20extensions%20of%20the%20following%3A%3CUL%20class%3D%22lia-list-style-type-square%22%3E%0A%3CLI%3E*.bcp%3C%2FLI%3E%0A%3CLI%3E*.cft%3C%2FLI%3E%0A%3CLI%3E*.dri%3C%2FLI%3E%0A%3CLI%3E*.idx%3C%2FLI%3E%0A%3CLI%3E*.prc%3C%2FLI%3E%0A%3CLI%3E*.pre%3C%2FLI%3E%0A%3CLI%3E*.sch%3C%2FLI%3E%0A%3CLI%3E*.trg%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FLI%3E%0A%3CLI%3ECheckpoint%20and%20delta%20files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3ENo%20specific%20file%20extension%20for%20the%20files%3C%2FLI%3E%0A%3CLI%3EFiles%20are%20present%20under%20the%20folder%20structure%20identified%20by%20the%20container%20of%20type%20FILE_STREAM%20from%20sys.database_files%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3EDBCC%20CHECKDB%20Files%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3EFiles%20will%20be%20of%20the%20format%20%3CDATABASE_DATA_FILENAME.EXTENSION%3E_MSSQL_DBCC%3CEM%3E%26lt%3B%20database_id_of_snapshot%26gt%3B%3C%2FEM%3E%3C%2FDATABASE_DATA_FILENAME.EXTENSION%3E%3C%2FLI%3E%0A%3CLI%3EThese%20are%20temporary%20files%3C%2FLI%3E%0A%3CLI%3EFor%20more%20information%2C%20see%20the%20following%20article%3A%3CUL%20class%3D%22lia-list-style-type-square%22%3E%0A%3CLI%3E%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fhelp%2F2974455%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E2974455%3C%2FA%3E%26nbsp%3BDBCC%20CHECKDB%20behavior%20when%20the%20SQL%20Server%20database%20is%20located%20on%20a%20ReFS%20volume%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FLI%3E%0A%3CLI%3EException%20Dump%20Files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E*.mdmp%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3EExtended%20Event%20Files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E*.xel%3C%2FLI%3E%0A%3CLI%3E*.xem%3C%2FLI%3E%0A%3CLI%3ESystem%20generated%20files%20are%20saved%20in%20the%20LOG%20folder%20for%20that%20instance.%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3EFilestream%20data%20files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3ESQL%202008%20and%20later%20versions%3C%2FLI%3E%0A%3CLI%3EFiles%20are%20present%20under%20the%20folder%20structure%20identified%20by%20the%20container%20of%20type%20FILE_STREAM%20from%20sys.database_files.%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3EIn-memory%20OLTP%20Files%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3EPresent%20in%20a%20xtp%20sub-folder%20under%20the%20DATA%20directory%20for%20the%20instance%3C%2FLI%3E%0A%3CLI%3EFile%20formats%20include%20the%20following%3A%3CUL%20class%3D%22lia-list-style-type-square%22%3E%0A%3CLI%3Extp_%3CT%3E_%3CDBID%3E_%3COBJID%3E.c%3C%2FOBJID%3E%3C%2FDBID%3E%3C%2FT%3E%3C%2FLI%3E%0A%3CLI%3Extp_%3CT%3E_%3CDBID%3E_%3COBJID%3E.dll%3C%2FOBJID%3E%3C%2FDBID%3E%3C%2FT%3E%3C%2FLI%3E%0A%3CLI%3Extp_%3CT%3E_%3CDBID%3E_%3COBJID%3E.obj%3C%2FOBJID%3E%3C%2FDBID%3E%3C%2FT%3E%3C%2FLI%3E%0A%3CLI%3Extp_%3CT%3E_%3CDBID%3E_%3COBJID%3E.out%3C%2FOBJID%3E%3C%2FDBID%3E%3C%2FT%3E%3C%2FLI%3E%0A%3CLI%3Extp_%3CT%3E_%3CDBID%3E_%3COBJID%3E.pdb%3C%2FOBJID%3E%3C%2FDBID%3E%3C%2FT%3E%3C%2FLI%3E%0A%3CLI%3Extp_%3CT%3E_%3CDBID%3E_%3COBJID%3E.xml%3C%2FOBJID%3E%3C%2FDBID%3E%3C%2FT%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FLI%3E%0A%3CLI%3ERemote%20Blob%20Storage%20files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3ESQL%202008%20and%20later%20versions%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3EWindows%20Failover%20Clustering%20(If%20applicable)%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%3CQUORUM%20drive%3D%22%22%3E%20(Ex.%20Q%3A%5C)%3C%2FQUORUM%3E%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CCluster%3C%2FLI%3E%0A%3CLI%3EMSDTC%20directory%20in%20the%20MSDTC%20drive%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FUL%3E%0A%3CP%3EReferences%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F309422%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E309422%3C%2FA%3E%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F250355%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E250355%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3ESQL%20Server%20Reporting%20Services%20(SSRS)%20Exclusions%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CU%3E%3CEM%3EOperational%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CP%3E%3CEM%3ESSRS%20for%20SQL%202016%20and%20below%3C%2FEM%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EProcess%20Exclusions%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%5C%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E.%3CFONT%20color%3D%22%230000FF%22%3E%3CEM%3E%3CINSTANCENAME%3E%3C%2FINSTANCENAME%3E%3C%2FEM%3E%3C%2FFONT%3E%5CReporting%20Services%5CReportServer%5CBin%5CReportingServicesService.exe%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3EReporting%20Services%20Files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%5C%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E.%3CEM%3E%3CFONT%20color%3D%22%230000FF%22%3E%3CINSTANCENAME%3E%3C%2FINSTANCENAME%3E%3C%2FFONT%3E%26gt%3B%3C%2FEM%3E%5CReporting%20Services%5CLogFiles%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%5C%3CFONT%20color%3D%22%23800000%22%3E%3CEM%3E%3CSQL%20version%3D%22%22%3E%3C%2FSQL%3E%3C%2FEM%3E%3C%2FFONT%3E.%3CFONT%20color%3D%22%230000FF%22%3E%3CEM%3E%3CINSTANCENAME%3E%3C%2FINSTANCENAME%3E%3C%2FEM%3E%3C%2FFONT%3E%5CReporting%20Services%5CRSTempFiles%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CEM%3ESSRS%20for%20SQL%202017%2B%3C%2FEM%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EProcess%20Exclusions%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%20Reporting%20Services%5CSSRS%5CReportServer%5CBin%5CReportingServicesService.exe%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3EReporting%20Services%20Files%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%20Reporting%20Services%5CSSRS%5CLogFiles%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20SQL%20Server%20Reporting%20Services%5CSSRS%5CReportServer%5CRSTempFiles%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CEM%3EPowerBI%20Report%20Server%3C%2FEM%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EProcess%20Exclusions%3C%2FLI%3E%0A%3CUL%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20PowerBI%20Report%20Server%5CPBIRS%5CReportServer%5CBin%5CReportingServicesService.exe%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3EReporting%20Services%20Files%3C%2FLI%3E%0A%3CUL%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20PowerBI%20Report%20Server%5CPBIRS%5CLogFiles%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CProgram%20Files%5CMicrosoft%20PowerBI%20Report%20Server%5CPBIRS%5CReportServer%5CRSTempFiles%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FUL%3E%0A%3CP%3EReference%3A%20%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F309422%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E309422%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EIIS%20Exclusions%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CU%3E%3CEM%3EOperational%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CP%3EIIS%20Compressed%20Files%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CEM%3EIIS%206.0%3A%3C%2FEM%3E%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%25SystemRoot%25%5CIIS%20Temporary%20Compressed%20Files%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CLI%3E%3CEM%3EIIS%207.0%2B%3A%3C%2FEM%3E%3C%2FLI%3E%0A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%25SystemDrive%25%5Cinetpub%5Ctemp%5CIIS%20Temporary%20Compressed%20Files%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FUL%3E%0A%3CP%3EIIS%26nbsp%3BWorker%20Process%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%25windir%25%5CSystem32%5Cinetsrv%5Cw3wp.exe%3C%2FLI%3E%0A%3CLI%3E%25windir%25%5CSysWOW64%5Cinetsrv%5Cw3wp.exe%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EReference%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Ftroubleshoot%2Fiis%2F0-byte-file-compression-enabled%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EDocs%20Article%3A%20A%200-byte%20file%20may%20be%20returned%20when%20compression%20is%20enabled%20on%20a%20server%20that%20is%20running%20IIS%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EWSUS%20Exclusions%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CU%3E%3CEM%3EOperational%3C%2FEM%3E%3C%2FU%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%25ProgramFiles%25%5CUpdate%20Services%5CLogFiles%5CWSUSTemp%3C%2FLI%3E%0A%3CLI%3E%25SystemRoot%25%5CSoftwareDistribution%5CDatastore%3C%2FLI%3E%0A%3CLI%3E%25SystemRoot%25%5CSoftwareDistribution%5CDownload%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CWSUS%5CUpdateServicesDBFiles%3C%2FLI%3E%0A%3CLI%3E%3CFONT%20color%3D%22%23008000%22%3E%3CEM%3E%3CINSTALLDRIVE%3E%3C%2FINSTALLDRIVE%3E%3C%2FEM%3E%3C%2FFONT%3E%5CWSUS%5CWSUSContent%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EReference%3A%20%3CA%20href%3D%22http%3A%2F%2Fsupport.microsoft.com%2Fkb%2F822158%2Fen-us%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E822158%3C%2FA%3E%2C%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fwindows-defender-antivirus%2Fconfigure-server-exclusions-windows-defender-antivirus%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EWindows%26nbsp%3BExclusions%20for%20Windows%20Defender%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EWSUS%20Offline%20Scanning%20Exclusions%20-%20Microsoft%20Baseline%20Security%20Analyzer%20(MBSA)%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3EThere%20are%26nbsp%3B%3CSTRONG%3Efour%3C%2FSTRONG%3E%26nbsp%3Bdistinctive%20methods%20to%20choose%20when%20using%20MBSA%20and%20WSUS%20offline%20scanning.%26nbsp%3B%26nbsp%3B%3CSTRONG%3EMethod%201%26nbsp%3B%3C%2FSTRONG%3Ehas%20the%20least%20amount%20of%20risk.%26nbsp%3BIf%20this%20method%20does%20not%20work%20for%20you%2C%20we%20recommend%20you%20use%26nbsp%3B%3CSTRONG%3EMethod%202%3C%2FSTRONG%3E.%20%26nbsp%3B%3CSTRONG%3EMethods%203%3C%2FSTRONG%3E%26nbsp%3Band%26nbsp%3B%3CSTRONG%3E4%3C%2FSTRONG%3E%26nbsp%3Bmay%20increase%20your%20security%20risk.%20%26nbsp%3BWe%20recommend%20that%20you%20use%26nbsp%3B%3CSTRONG%3EMethods%203%3C%2FSTRONG%3E%26nbsp%3Bor%26nbsp%3B%3CSTRONG%3E4%26nbsp%3B%3C%2FSTRONG%3Eonly%20if%20required%20and%20ensure%20you%20please%20take%20necessary%20precautions.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EMethod%201%3C%2FSTRONG%3E%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EExclude%20the%20following%20files%20from%20scanning%3A%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3EWsusscan.cab%3C%2FLI%3E%0A%3CLI%3EWsusscn2.cab%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CSTRONG%3EMethod%202%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EExclude%20all%20*.cab%20files%20from%20scanning%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CSTRONG%3EMethod%203%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EExclude%20all%20archived%20files%20from%20antivirus%20scanning%3CUL%20class%3D%22lia-list-style-type-circle%22%3E%0A%3CLI%3E%25windir%25%5CSoftwareDistribution%5CScanFile%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CSTRONG%3EMethod%204%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EExclude%20the%20folder%20where%20the%20Wsusscan.cab%20file%20or%20the%20Wsusscn2.cab%20file%20is%20located%3C%2FLI%3E%0A%3CLI%3EExclude%20the%20path%20of%20the%20Wsusscan.cab%20file%20or%20the%20Wsusscn2.cab%20file%20on%20the%20local%20computer%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EMBSA%20was%20largely%20used%20in%20situations%20where%20neither%20Microsoft%20Update%20nor%20a%20local%20WSUS%2FConfigMgr%20server%20was%20available%2C%20or%20as%20a%20compliance%20tool%20to%20ensure%20that%20all%20security%20updates%20were%20deployed%20to%20a%20managed%20environment.%20While%20MBSA%20version%202.3%20introduced%20support%20for%20Windows%20Server%202012%20R2%20and%20Windows%208.1%2C%20it%20has%20since%20been%20deprecated%20and%20no%20longer%20developed.%20MBSA%202.3%20is%20not%20updated%20to%20fully%20support%20Windows%2010%20and%20Windows%20Server%202016.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20following%20script%20may%20help%20you%20as%20an%20alternative%20to%20MBSA%E2%80%99s%20patch-compliance%20checking%20with%20later%20versions%20of%20Windows%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fwindows%2Fdesktop%2Fwua_sdk%2Fusing-wua-to-scan-for-updates-offline%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EUsing%20WUA%20to%20Scan%20for%20Updates%20Offline%3C%2FA%3E%2C%20which%20includes%20a%20sample%20.vbs%20script.%3C%2FLI%3E%0A%3CLI%3EFor%20a%20PowerShell%20alternative%2C%20see%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fgallery.technet.microsoft.com%2FUsing-WUA-to-Scan-for-f7e5e0be%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%20data-linktype%3D%22external%22%3EUsing%20WUA%20to%20Scan%20for%20Updates%20Offline%20with%20PowerShell%3C%2FA%3E.%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EReferences%3A%26nbsp%3B%3CA%20href%3D%22http%3A%2F%2Fsupport.microsoft.com%2Fkb%2F900638%2Fen-us%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E900638%3C%2FA%3E%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fsecurity%2Fcc184924.aspx%3FranMID%3D24542%26amp%3BranEAID%3DTnL5HPStwNw%26amp%3BranSiteID%3DTnL5HPStwNw-oLnwX.uZdr89r4yg3_VFiA%26amp%3Btduid%3D(a21b60fe8bba277f3f7a99ece0031d5f)(256380)(2459594)(TnL5HPStwNw-oLnwX.uZdr89r4yg3_VFiA)()%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EMBSA%3C%2FA%3E%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fmsdn.microsoft.com%2Fen-us%2Flibrary%2Faa387290.aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EWsusscn2.cab%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20received%20numerous%20feedback%20on%20this%20post%20and%20I%20wanted%20to%20highlight%20the%20contributions%20from%20the%20following%20individuals%3A%20%3CSTRONG%3EMax%20Baldt%3C%2FSTRONG%3E%2C%3CSTRONG%3E%20David%20Coulter%3C%2FSTRONG%3E%2C%3CSTRONG%3E%20Aaron%20Ellison%3C%2FSTRONG%3E%2C%3CSTRONG%3E%20Julie%20Andreacola%3C%2FSTRONG%3E%2C%20and%3CSTRONG%3E%20Klaus%20Kreyenberg.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ESpecial%20thanks%20to%26nbsp%3B%3CSTRONG%3EKevin%20Kasalonis%3C%2FSTRONG%3E%2C%3CSTRONG%3E%26nbsp%3BCameron%20Cox%3C%2FSTRONG%3E%2C%26nbsp%3B%3CSTRONG%3EClifton%20Hughes%3C%2FSTRONG%3E%2C%26nbsp%3B%3CSTRONG%3ERushi%20Faldu%3C%2FSTRONG%3E%2C%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3Eand%26nbsp%3B%3CSTRONG%3ESantos%20Martinez%3C%2FSTRONG%3E.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThank%20you!%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EBrandon%20McMillan%2C%20Customer%20Engineer%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EAdditional%20References%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CA%20href%3D%22https%3A%2F%2Fsocial.technet.microsoft.com%2Fwiki%2Fcontents%2Farticles%2F953.microsoft-anti-virus-exclusion-list.aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EMicrosoft%20All%20Inclusive%20Exclusion%20List%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%3E%3CA%20style%3D%22background-color%3A%20%23ffffff%3B%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fcore-infrastructure-and-security%2Fupdated-system-center-2012-configuration-manager-antivirus%2Fba-p%2F884371%22%20target%3D%22_blank%22%3EConfiguration%20Manager%202012%20Antivirus%20Exclusions%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsql%2Freporting-services%2Finstall-windows%2Finstall-reporting-services%3Fview%3Dsql-server-2017%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EInstall%20Reporting%20Services%20for%20SQL%202017%20or%20later%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%3E%3CA%20style%3D%22background-color%3A%20%23ffffff%3B%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fmbsa-removal-and-guidance%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EMBSA%20Removal%20and%20Guidance%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%3E%3CA%20style%3D%22background-color%3A%20%23ffffff%3B%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fconfigmgr%2Fcore%2Fplan-design%2Fchanges%2Fwhat-has-changed-from-configuration-manager-2012%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EWhat's%20changed%20from%20Configuration%20Manager%202012%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%3E%3CA%20style%3D%22background-color%3A%20%23ffffff%3B%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fwindows-defender-antivirus%2Fconfigure-server-exclusions-windows-defender-antivirus%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EWindows%20Exclusions%20for%20Windows%20Defender%3C%2FA%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EDisclaimer%3A%3C%2FSTRONG%3E%26nbsp%3BThe%20information%20on%20this%20site%20is%20provided%20%E2%80%9CAS%20IS%E2%80%9D%20with%20no%20warranties%2C%20confers%20no%20rights%2C%20and%20is%20not%20supported%20by%20the%20authors%20or%20Microsoft%20Corporation.%20Use%20of%20any%20included%20script%20samples%20are%20subject%20to%20the%20terms%20specified%20in%20the%26nbsp%3B%3CA%20href%3D%22http%3A%2F%2Fwww.microsoft.com%2Finfo%2Fcpyright.mspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ETerms%20of%20Use%3C%2FA%3E.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-884831%22%20slang%3D%22en-US%22%3E%3CP%3EFirst%20published%20on%20TECHNET%20on%20May%2024%2C%202017%3C%2FP%3E%0A%3CP%3EHey%20everybody!%26nbsp%3B%20You%20may%20have%20noticed%20that%20with%20the%20continuous%20improvements%2C%20your%20antivirus%20exclusions%20also%20need%20to%20be%20kept%20up%20to%20date.%20%26nbsp%3BI%20hope%20this%20will%20provide%20you%20with%20important%20antivirus%20exclusions%20you%26nbsp%3Bcould%20implement%20within%20a%20Microsoft%20Endpoint%20Configuration%20Manager%20Current%20Branch%20environment.%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-884831%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EBrandonMcMillan%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

Hey everybody!  My name is Brandon McMillan and I am a Microsoft Endpoint Configuration Manager (ConfigMgr) CE at Microsoft. ConfigMgr Current Branch has been the standard service-based model since December 2015 with the release of version 1511.  You may have noticed that with the continuous improvements, your antivirus exclusions also need to be kept up to date.  I hope this will provide you with important antivirus exclusions you could consider implementing within a Current Branch environment.

 

This blog will provide a comprehensive list of the following referenced Microsoft Support and Microsoft Docs articles we have released along with other recommendations you could consider for your environment.  Please reference the following articles for further guidance.

 

  • 822158: Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows - Last Review: Jan 12, 2021
  • Docs Article: Recommended antivirus exclusions for Configuration Manager Site Servers, Site Systems, and Clients - Last Review: Jan 12, 2021
  • 309422: How to choose antivirus software to run on computers that are running SQL Server - Last Review: Jan 25, 2021
  • Docs Article: Antivirus software that is not cluster-aware may cause problems with Cluster Services - Last Review: Oct 24, 2020
  • Docs Article: A 0-byte file may be returned when compression is enabled on a server that is running IIS - Last Review: Mar 30, 2020
  • 900638: Multiple symptoms occur if an antivirus scan occurs while the Wsusscan.cab file or the Wsusscn2.cab file is copied - Last Review: Jan 25, 2021

Update: Feb 2, 2021

  • Added PowerBI Report Server paths and recommendations under SQL Reporting Services Exclusions.
  • Correction on UpdateServicesDBFiles path under WSUS Exclusions.  Many thanks to @JFD84 for the feedback.
  • Review/updated antivirus references and links.

IMPORTANT: Antivirus real-time protection can cause many problems on Configuration Manager site servers, site systems, and clients.  We recommend to always test before implementing any of these changes in a production environment. We strongly encourage you to evaluate the risks that are associated with implementing these changes. We recommend that you temporarily apply these procedures to evaluate a system. If you choose to implement these changes in your environment, ensure you take any additional precautions necessary. Please refer to your antivirus vendor’s documentation for further guidance and recommendations.

 

The recommendations for each section are separated between "Operational" and "Performance" levels.  Operational recommendations are highly encouraged to be added to your exclusions list.  Performance recommendations should only be considered if you are experiencing such issues that may be a result of your antivirus product.

 

The following information will cover what could be recommended for your environment.

 

Details on the variables referenced:

  • <InstallDrive> can be multiple drives in some environments, so it is best to use a wildcard if possible for the antivirus solution you have deployed throughout your environment.  Please refer to your vendor’s documentation for further instructions.
  •  <InstanceName> is the name of the SQL instance you are using in your environment.  Please be aware if you use any named SQL instances or the default, "MSSQLServer".
  •  <SQL Version> is the version of SQL you are using in your environment.  This may also differ between each SQL service referenced between versions SQL Server 2005-2008 R2 and SQL Server 2012 or higher.  Please be aware of what version you have installed.  KB309422 and the article below can provide you with more details.

How to determine the version, edition and update level of SQL Server and its components

 

Core Exclusions for Supported Versions of Windows

Operational

  • %allusersprofile%\NTUser.pol
  • %userprofile%\NTUser.dat
  • %windir%\Security\Database\*.chk
  • %windir%\Security\Database\*.cmtx
  • %windir%\Security\Database\*.csv
  • %windir%\Security\Database\*.edb
  • %windir%\Security\Database\*.jrs
  • %windir%\Security\Database\*.log
  • %windir%\Security\Database\*.sdb
  • %windir%\Security\Database\*.xml
  • %windir%\SoftwareDistribution\Datastore\Datastore.edb
  • %windir%\SoftwareDistribution\Datastore\Logs\edb.chk
  • %windir%\SoftwareDistribution\Datastore\Logs\edb*.jrs
  • %windir%\SoftwareDistribution\Datastore\Logs\edb*.log
  • %windir%\SoftwareDistribution\Datastore\Logs\tmp.edb
  • %SystemRoot%\System32\GroupPolicy\Machine\Registry.pol
  • %SystemRoot%\System32\GroupPolicy\Machine\Registry.tmp
  • %SystemRoot%\System32\GroupPolicy\User\Registry.pol
  • %SystemRoot%\System32\GroupPolicy\User\Registry.tmp

For further information regarding recommended exclusions for server roles such as a Domain Controller, DFS, DHCP, or DNS, please refer to the article below.

 

Reference: 822158

 

ConfigMgr Core Installation Exclusions (All Versions)

Operational

  • <InstallDrive>\Program Files\Microsoft Configuration Manager\Inboxes\
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\Install.map
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\Logs

Reference: Docs Article: Recommended antivirus exclusions for Configuration Manager Site Servers, Site Systems,...Configuration Manager 2012 Antivirus Exclusions

 

ConfigMgr Core Installation Exclusions (Current Branch Versions)

Operational

  • <InstallDrive>\Program Files\Microsoft Configuration Manager\cd.latest
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\EasySetupPayload

Performance

  • <InstallDrive>\Program Files\Microsoft Configuration Manager\AdminUIContentPayload
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\AdminUIContentStaging
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\CMUClient
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\CMUStaging
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\ISVTemp
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\PilotingUpgrade
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\RLAStaging

Reference: Docs Article: Recommended antivirus exclusions for Configuration Manager Site Servers, Site Systems,...

 

ConfigMgr Management Point Exclusions

The following recommendations are dependent on the state of the system when the Management Point role is assigned.  Please review the current state of your environment to determine which of the following paths should be excluded.

Operational

  • <InstallDrive>\Program Files\Microsoft Configuration Manager\MP\OUTBOXES
  • <InstallDrive>\Program Files\SMS_CCM\Logs
  • <InstallDrive>\Program Files\SMS_CCM\PolReqStaging\POL00000.pol
  • <InstallDrive>\Program Files\SMS_CCM\ServiceData
  • <InstallDrive>\Program Files\SMS\Logs
  • <InstallDrive>\Program Files\SMS\MP\OUTBOXES
  • <InstallDrive>\SMS_CCM\Logs
  • <InstallDrive>\SMS_CCM\PolReqStaging\POL00000.pol
  • <InstallDrive>\SMS_CCM\ServiceData
  • <InstallDrive>\SMS\Logs
  • <InstallDrive>\SMS\MP\OUTBOXES
  • %windir%\CCM\Logs

Reference: Docs Article: Recommended antivirus exclusions for Configuration Manager Site Servers, Site Systems,...

 

ConfigMgr Content Library Exclusions

Operational

  • <InstallDrive>\SMS_DP$
  • <InstallDrive>\SMSPKG<DriveLetter>$
  • <InstallDrive>\SMSPKG
  • <InstallDrive>\SMSPKGSIG
  • <InstallDrive>\SMSSIG$
  • %windir%\CCM\ServiceData

Performance

  • <InstallDrive>\SCCMContentLib
  • <InstallDrive>\<ConfigMgr Backup Directory>
    • Ex. D:\SCCMBackup
  • <InstallDrive>\<ConfigMgr Package Source Files>
    • Ex. D:\SCCMSource

Reference: Docs Article: Recommended antivirus exclusions for Configuration Manager Site Servers, Site Systems,...

 

ConfigMgr Imaging Exclusions

Operational

  • <InstallDrive>\ConfigMgr_OfflineImageServicing
  • %windir%\TEMP\BootImages

Performance

  • %SystemDrive%\_SMSTaskSequence

Reference: Configuration Manager 2012 Antivirus Exclusions

 

ConfigMgr Process Exclusions

Operational

Client Side

  • %windir%\CCM\Ccmexec.exe
  • %windir%\CCM\CmRcService.exe
  • %windir%\CCM\Ccmrepair.exe
  • %windir%\CCMSetup\Ccmsetup.exe

Server Side

  • %windir%\CCM\Ccmexec.exe
  • %windir%\SMS_CCM\Ccmexec.exe
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\bin\x64\Cmupdate.exe
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\bin\x64\Sitecomp.exe
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\bin\x64\Smsexec.exe
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\bin\x64\Smssqlbkup.exe
  • <InstallDrive>\Program Files\Microsoft Configuration Manager\bin\x64\Smswriter.exe
  • <InstallDrive>\SMS_<SQLFQDN>\bin\x64\Smssqlbkup.exe

Reference: Docs Article: Recommended antivirus exclusions for Configuration Manager Site Servers, Site Systems,...

 

ConfigMgr Client Exclusions

Operational

  • %windir%\CCM\*.sdf
  • %windir%\CCM\Logs
  • %windir%\CCM\ServiceData
  • %windir%\CCMCache
  • %windir%\CCMSetup

Performance

  • %windir%\CCM\SystemTemp

Reference: Docs Article: Recommended antivirus exclusions for Configuration Manager Site Servers, Site Systems,...

 

SQL Server Exclusions

Operational

  • SQL Server Process Exclusions
    • <InstallDrive>\Program Files\Microsoft SQL Server\<SQL Version>.<InstanceName>\MSSQL\Binn\SQLServr.exe
    • <InstallDrive>\Program Files\Microsoft SQL Server\<SQL Version>.<InstanceName>\OLAP\Bin\MSMDSrv.exe
  • SQL Server data files
    • *.ldf
    • *.mdf
    • *.ndf
  • SQL Server backup files
    • *.bak
    • *.trn
  • SQL Audit files
    • *.sqlaudit
  • SQL Query files
    • *.sql
  • SQL Trace files
    • *.trc
  • Analysis Services data files
    • <InstallDrive>\Program Files\Microsoft SQL Server\<SQL Version>.<InstanceName>\OLAP\Backup
    • <InstallDrive>\Program Files\Microsoft SQL Server\<SQL Version>.<InstanceName>\OLAP\Data
    • <InstallDrive>\Program Files\Microsoft SQL Server\<SQL Version>.<InstanceName>\OLAP\Log
  • Full-Text catalog files
    • <InstallDrive>\Program Files\Microsoft SQL Server\<SQL Version>.<InstanceName>\MSSQL\FTData
  • Replication Files
    • <InstallDrive>\Program Files (x86)\Microsoft SQL Server\<SQL Version>\COM
    • <InstallDrive>\Program Files\Microsoft SQL Server\<SQL Version>\COM
  • Replication Snapshot Files
    • <InstallDrive>\Program Files\Microsoft SQL Server\<SQL Version>.<InstanceName>\MSSQL\ReplData
    • These files typically have file name extensions of the following:
      • *.bcp
      • *.cft
      • *.dri
      • *.idx
      • *.prc
      • *.pre
      • *.sch
      • *.trg
  • Checkpoint and delta files
    • No specific file extension for the files
    • Files are present under the folder structure identified by the container of type FILE_STREAM from sys.database_files
  • DBCC CHECKDB Files
    • Files will be of the format <DATABASE_DATA_FILENAME.EXTENSION>_MSSQL_DBCC< database_id_of_snapshot>
    • These are temporary files
    • For more information, see the following article:
      • 2974455 DBCC CHECKDB behavior when the SQL Server database is located on a ReFS volume
  • Exception Dump Files
    • *.mdmp
  • Extended Event Files
    • *.xel
    • *.xem
    • System generated files are saved in the LOG folder for that instance.
  • Filestream data files
    • SQL 2008 and later versions
    • Files are present under the folder structure identified by the container of type FILE_STREAM from sys.database_files.
  • In-memory OLTP Files
    • Present in a xtp sub-folder under the DATA directory for the instance
    • File formats include the following:
      • xtp_<t/p>_<dbid>_<objid>.c
      • xtp_<t/p>_<dbid>_<objid>.dll
      • xtp_<t/p>_<dbid>_<objid>.obj
      • xtp_<t/p>_<dbid>_<objid>.out
      • xtp_<t/p>_<dbid>_<objid>.pdb
      • xtp_<t/p>_<dbid>_<objid>.xml
  • Remote Blob Storage files
    • SQL 2008 and later versions
  • Windows Failover Clustering (If applicable)
    • <Quorum Drive> (Ex. Q:\)
    • %windir%\Cluster
    • MSDTC directory in the MSDTC drive

References: 309422250355

 

SQL Server Reporting Services (SSRS) Exclusions

Operational

SSRS for SQL 2016 and below

  • Process Exclusions
    • <InstallDrive>\Program Files\Microsoft SQL Server\<SQL Version>.<InstanceName>\Reporting Services\ReportServer\Bin\ReportingServicesService.exe
  • Reporting Services Files
    • <InstallDrive>\Program Files\Microsoft SQL Server\<SQL Version>.<InstanceName>\Reporting Services\LogFiles
    • <InstallDrive>\Program Files\Microsoft SQL Server\<SQL Version>.<InstanceName>\Reporting Services\RSTempFiles

SSRS for SQL 2017+

  • Process Exclusions
    • <InstallDrive>\Program Files\Microsoft SQL Server Reporting Services\SSRS\ReportServer\Bin\ReportingServicesService.exe
  • Reporting Services Files
    • <InstallDrive>\Program Files\Microsoft SQL Server Reporting Services\SSRS\LogFiles
    • <InstallDrive>\Program Files\Microsoft SQL Server Reporting Services\SSRS\ReportServer\RSTempFiles

PowerBI Report Server

  • Process Exclusions
    • <InstallDrive>\Program Files\Microsoft PowerBI Report Server\PBIRS\ReportServer\Bin\ReportingServicesService.exe
  • Reporting Services Files
    • <InstallDrive>\Program Files\Microsoft PowerBI Report Server\PBIRS\LogFiles
    • <InstallDrive>\Program Files\Microsoft PowerBI Report Server\PBIRS\ReportServer\RSTempFiles

Reference: 309422

 

IIS Exclusions

Operational

IIS Compressed Files

  • IIS 6.0:
    • %SystemRoot%\IIS Temporary Compressed Files
  • IIS 7.0+:
    • %SystemDrive%\inetpub\temp\IIS Temporary Compressed Files

IIS Worker Process

  • %windir%\System32\inetsrv\w3wp.exe
  • %windir%\SysWOW64\inetsrv\w3wp.exe

Reference: Docs Article: A 0-byte file may be returned when compression is enabled on a server that is running ...

 

WSUS Exclusions

Operational

  • %ProgramFiles%\Update Services\LogFiles\WSUSTemp
  • %SystemRoot%\SoftwareDistribution\Datastore
  • %SystemRoot%\SoftwareDistribution\Download
  • <InstallDrive>\WSUS\UpdateServicesDBFiles
  • <InstallDrive>\WSUS\WSUSContent

Reference: 822158, Windows Exclusions for Windows Defender

 

WSUS Offline Scanning Exclusions - Microsoft Baseline Security Analyzer (MBSA)

There are four distinctive methods to choose when using MBSA and WSUS offline scanning.  Method 1 has the least amount of risk. If this method does not work for you, we recommend you use Method 2.  Methods 3 and 4 may increase your security risk.  We recommend that you use Methods 3 or only if required and ensure you please take necessary precautions.

 

Method 1:

  • Exclude the following files from scanning:
    • Wsusscan.cab
    • Wsusscn2.cab

Method 2:

  • Exclude all *.cab files from scanning

Method 3:

  • Exclude all archived files from antivirus scanning
    • %windir%\SoftwareDistribution\ScanFile

Method 4:

  • Exclude the folder where the Wsusscan.cab file or the Wsusscn2.cab file is located
  • Exclude the path of the Wsusscan.cab file or the Wsusscn2.cab file on the local computer

MBSA was largely used in situations where neither Microsoft Update nor a local WSUS/ConfigMgr server was available, or as a compliance tool to ensure that all security updates were deployed to a managed environment. While MBSA version 2.3 introduced support for Windows Server 2012 R2 and Windows 8.1, it has since been deprecated and no longer developed. MBSA 2.3 is not updated to fully support Windows 10 and Windows Server 2016.

 

The following script may help you as an alternative to MBSA’s patch-compliance checking with later versions of Windows:

References: 900638MBSAWsusscn2.cab

 

I received numerous feedback on this post and I wanted to highlight the contributions from the following individuals: Max Baldt, David Coulter, Aaron Ellison, Julie Andreacola, and Klaus Kreyenberg.

 

Special thanks to Kevin Kasalonis, Cameron CoxClifton HughesRushi Faldu, and Santos Martinez.

 

Thank you!

 

Brandon McMillan, Customer Engineer

 

Additional References:

 

Disclaimer: The information on this site is provided “AS IS” with no warranties, confers no rights, and is not supported by the authors or Microsoft Corporation. Use of any included script samples are subject to the terms specified in the Terms of Use.

10 Comments
Frequent Visitor

Hi @brmcmill 

 

There's a typo in the section: Server Side

As is:

  • <InstallDrive>\Program Files\Microsoft Configuration Manager\bin\x64\Sitecomp.ex

Should be:

  • <InstallDrive>\Program Files\Microsoft Configuration Manager\bin\x64\Sitecomp.exe

It's not a big deal but the people who just copy and paste it is certainly an improvement.

 

regards,

Thom

Microsoft

@Thomas_Oehen, thank you for reading and providing feedback.  I made the correction.  Thanks again!

Occasional Visitor

Hello,

Does any authoritative source have recommendation to exclude <InstallDrive>\SCCMContentLib folder+subfolders from the Scanning? 

Regards,

Anton

Microsoft

Hello @Anton_Elufimov!  Thank you for your inquiry.  As of today, I'm not aware of any authoritative sources for that recommendation.  I suggest if your AV product may be causing issues with the content library to test out what may work best for your environment while keeping it operationally secure.

Established Member

@brmcmill   Under the process exclusions I think you have an extra "b" in the executable name

<InstallDrive>\Program Files\Microsoft Configuration Manager\bin\x64\Smssqlbbkup.exe

Microsoft

Hey @Chris Sappey!  Thank you for bringing that to my attention.  I made the correction.

Contributor

For 3rd party updates, our AV is stopping as because of this location: C:\Program Files\Update Services\Schema 

Microsoft

Hey @yannara _ !  Thank you for your response.  Many apologies on the delay in responding to your comment.  I have not come across anything similar to your scenario, so if you're still having this issue I would suggest to open a case with our CSS team to investigate further.

Occasional Visitor

Hello, 

 

In the WSUS section, I think that <InstallDrive>\WSUS\UpdateServiceDBFiles should be <InstallDrive>\WSUS\UpdateServicesDBFiles, as specified in the Microsoft docs about Windows Defender Exclusions.

 

Regards,

JF

Microsoft

Hey @JFD84, thank you for the feedback!  I will make the correction.