If you didn’t know, you are supposed to explicitly exclude certain folders, file types, and processes from being monitored or scanned when using #antivirus
software on #SharePoint
2003 / 2007 / 2010/ 2013 / 2016 on the wss, foundation, and server editions. Below are the requirements specifically for 2013 foundation and server but you can also view the requirements for the other versions of SharePoint at https://support.microsoft.com/en-us/kb/952167
. Don’t forget that there are also specific requirements for SQL Server, Windows Server, IIS, and other situations as well that require specific exclusions as well. There is a complete list at http://goo.gl/4IhTkT
also recommends that customers deploy an antivirus solution based on the SharePoint Portal Server Virus Scanning Application Programming Interface (VS API). The VS API enhances the current core feature set by providing the abilities to optimize and configure the scanning process at multiple levels. The VS API also provides SharePoint Portal Server administrators with built-in functionality to monitor the performance of the new API. You can read more about the API at https://support.microsoft.com/en-us/kb/322941
SharePoint Server 2013
You may have to configure the antivirus software to exclude the Drive:Program FilesMicrosoft Office Servers folder from antivirus scanning for SharePoint Server 2013. If you do not want to exclude the whole Microsoft Office Servers folder from antivirus scanning, you can exclude only the following folders:
- Drive:Program FilesMicrosoft Office Servers15.0Data
(This folder is used for the indexing process. If the index files are configured to be located in a different folder, you also have to exclude that location.)
- Drive:Program FilesMicrosoft Office Servers15.0Logs
- Drive:Program FilesMicrosoft Office Servers15.0Bin
- Drive:Program FilesMicrosoft Office Servers15.0Synchronization Service
- Any location in which you decided to store the disk-based binary large object (BLOB) cache (for example, C:Blobcache).
Note If you have SharePoint Server 2013, these folders should be excluded in addition to the folders that are listed in the “SharePoint Foundation 2013” section.
SharePoint Foundation 2013
You may have to configure your antivirus software to exclude the following folders and subfolders from antivirus scanning:
- Drive:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions
If you do not want to exclude the whole Web Server Extensions folder from antivirus scanning, you can exclude only the following two folders:
- Drive:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions15Logs
- Drive:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions15DataApplications
Note The Applications folder must be excluded only if the computer is running the SharePoint Foundation Search service. If the folder that contains the index file is located elsewhere, you must also exclude that folder.
- Drive:WindowsMicrosoft.NETFramework64v4.0.30319Temporary ASP.NET Files
- Drive: UsersServiceAccountAppDataLocalTempWebTempDir
Note The WebTempDir folder is a replacement for the FrontPageTempDir folder.
- Drive:Usersaccount that the search service is running asAppDataLocalTemp
Note The search account creates a folder in the Gthrsvc_spsearch4 Temp folder to which it periodically has to write.
Note If you use a specific account for SharePoint services or application pools identities, you may also have to exclude the following folders:
You should also exclude all the virtual directory folders under Drive:inetpubwwwrootwssVirtualDirectories and all the folders underDrive:inetpubtempIIS Temporary Compressed Files.