Computer Associates used to recommend excluding particular processes and directories from eTrust anti-virus scanning. This, I found, was very important with Microsoft SQL Server, as it would cause a significant performance hit.
You would do this via setting the following registry keys, under HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\eTrustITM\CurrentVersion\Realtime
szExcludeProcessNames
| Reason for exclusion | List of processes to be excluded, separated by “|” |
| Microsoft SQL Server | sqlserver.exe sqlservr.exe |
| Microsoft Exchange | store.exe |
| Microsoft SMS 2003 | SMSEXEC.EXE CCMEXEC.EXE |
| and some others … |
szExcludeDirs
| Reason for exclusion | List of directories to be excluded, separated by “|” |
| Microsoft SQL Server | SQL disk devices files directories. |
| Microsoft Exchange | Arctemp |
| Windows Server | %windir%\Tasks |
| Windows failover cluster | Quorum drive <system root>:\Windows\Cluster |
| and some others … |
szExcludeExtList
Allows you to exclude files based on the file name extension. Examples for this I have seen include BTR|DB|MDX|NDX|MDW|ASD|TMP|ZMG
I was reminded of these registry keys, when I read Tim McMichael’s TechNet blog post, An interesting issue with file level antivirus…
Updated 26 Nov 2009
Updated 22 Dec 2009 – Added:
Updated 13 Nov 2010 – Added:
- SQL Server 2008 and R2 Cluster Best Practices
- Guidelines for choosing antivirus software to run on the computers that are running SQL Server
- Scheduled Tasks appear hung in the “Running” state on Windows Server 2003 based systems