Microsoft Exchange - esclusioni antivirus

Solo una piccola precisazione su antivirus e server Exchange. BISOGNA mettere le esclusioni :). E' diventato abbastanza famoso il caso di un antivirus che cancellava l'EDB perche lo riteneva pericoloso :). Credo che li sul momento ci fosse poco da ridere, comunque! In fondo trovate un riferimento all'articolo di Microsoft che aggiunge un po' di spiegazioni, voce per voce. Se possibile, preparate le esclusioni nell'AV PRIMA di installarlo.

PATH

%SystemRoot%\Cluster

%SystemDrive%\DAGFileShareWitnesses\<DAGFQDN>

%ExchangeInstallPath%ClientAccess\OAB

%ExchangeInstallPath%FIP-FS

%ExchangeInstallPath%GroupMetrics

%ExchangeInstallPath%Logging

%ExchangeInstallPath%Mailbox

%ExchangeInstallPath%TransportRoles\Data\Adam

%ExchangeInstallPath%TransportRoles\Data\IpFilter

%ExchangeInstallPath%TransportRoles\Data\Queue

%ExchangeInstallPath%TransportRoles\Data\SenderReputation

%ExchangeInstallPath%TransportRoles\Data\Temp

%ExchangeInstallPath%TransportRoles\Logs

%ExchangeInstallPath%TransportRoles\Pickup

%ExchangeInstallPath%TransportRoles\Replay

%ExchangeInstallPath%UnifiedMessaging\Grammars

%ExchangeInstallPath%UnifiedMessaging\Prompts

%ExchangeInstallPath%UnifiedMessaging\Temp

%ExchangeInstallPath%UnifiedMessaging\Voicemail

%ExchangeInstallPath%Working\OleConverter

%SystemDrive%\inetpub\temp\IIS Temporary Compressed Files

%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\Temporary

%SystemRoot%\System32\Inetsrv

%SystemRoot%\Temp\OICE_<GUID>

PROCESSI

ComplianceAuditService.exe                     %ExchangeInstallPath%Bin

Dsamain.exe                             %SystemRoot%\System32

EdgeTransport.exe                             %ExchangeInstallPath%Bin

fms.exe                             %ExchangeInstallPath%FIP-FS\Bin

hostcontrollerservice.exe                     %ExchangeInstallPath%Bin\Search\Ceres\HostController

inetinfo.exe                             %SystemRoot%\System32\inetsrv

Microsoft.Exchange.AntispamUpdateSvc.exe     %ExchangeInstallPath%Bin

Microsoft.Exchange.ContentFilter.Wrapper.exe     %ExchangeInstallPath%TransportRoles\agents\Hygiene

Microsoft.Exchange.Diagnostics.Service.exe     %ExchangeInstallPath%Bin

Microsoft.Exchange.Directory.TopologyService.exe     %ExchangeInstallPath%Bin

Microsoft.Exchange.EdgeCredentialSvc.exe             %ExchangeInstallPath%Bin

Microsoft.Exchange.EdgeSyncSvc.exe             %ExchangeInstallPath%Bin

Microsoft.Exchange.Imap4.exe             %ExchangeInstallPath%FrontEnd\PopImap

Microsoft.Exchange.Imap4service.exe             %ExchangeInstallPath%ClientAccess\PopImap

Microsoft.Exchange.Notifications.Broker.exe     %ExchangeInstallPath%Bin

Microsoft.Exchange.Pop3.exe             %ExchangeInstallPath%FrontEnd\PopImap

Microsoft.Exchange.Pop3service.exe             %ExchangeInstallPath%ClientAccess\PopImap

Microsoft.Exchange.ProtectedServiceHost.exe     %ExchangeInstallPath%Bin

Microsoft.Exchange.RPCClientAccess.Service.exe     %ExchangeInstallPath%Bin

Microsoft.Exchange.Search.Service.exe     %ExchangeInstallPath%Bin

Microsoft.Exchange.Servicehost.exe             %ExchangeInstallPath%Bin

Microsoft.Exchange.Store.Service.exe             %ExchangeInstallPath%Bin

Microsoft.Exchange.Store.Worker.exe             %ExchangeInstallPath%Bin

Microsoft.Exchange.UM.CallRouter.exe     %ExchangeInstallPath%FrontEnd\CallRouter

MSExchangeCompliance.exe                     %ExchangeInstallPath%Bin

MSExchangeDagMgmt.exe             %ExchangeInstallPath%Bin

MSExchangeDelivery.exe             %ExchangeInstallPath%Bin

MSExchangeFrontendTransport.exe     %ExchangeInstallPath%Bin

MSExchangeHMHost.exe             %ExchangeInstallPath%Bin

MSExchangeHMWorker.exe             %ExchangeInstallPath%Bin

MSExchangeMailboxAssistants.exe     %ExchangeInstallPath%Bin

MSExchangeMailboxReplication.exe             %ExchangeInstallPath%Bin

MSExchangeRepl.exe                     %ExchangeInstallPath%Bin

MSExchangeSubmission.exe                     %ExchangeInstallPath%Bin

MSExchangeTransport.exe             %ExchangeInstallPath%Bin

MSExchangeTransportLogSearch.exe             %ExchangeInstallPath%Bin

MSExchangeThrottling.exe                     %ExchangeInstallPath%Bin

Noderunner.exe                     %ExchangeInstallPath%Bin\Search\Ceres\Runtime\1.0

OleConverter.exe                             %ExchangeInstallPath%Bin

ParserServer.exe                             %ExchangeInstallPath%Bin\Search\Ceres\ParserServer

Powershell.exe                     C:\Windows\System32\WindowsPowerShell\v1.0

ScanEngineTest.exe                     %ExchangeInstallPath%FIP-FS\Bin

ScanningProcess.exe                     %ExchangeInstallPath%FIP-FS\Bin

UmService.exe                     %ExchangeInstallPath%Bin

UmWorkerProcess.exe                     %ExchangeInstallPath%Bin

UpdateService.exe                             %ExchangeInstallPath%FIP-FS\Bin

W3wp.exe                             %SystemRoot%\System32\inetsrv

wsbexchange.exe                     %ExchangeInstallPath%Bin

ESTENSIONI FILES

.chk

.edb

.jfm

.jrs

.log

.que

.dsc

.txt

.cfg

.grxml

.lzx

REFERENCE

https://docs.microsoft.com/it-it/exchange/antispam-and-antimalware/windows-antivirus-software?view=exchserver-2019