Antivirus exclusion considerations for Microsoft Dynamics CRM
- Application servers
- Instances of Microsoft SQL Server
- Active Directory servers
- Reporting servers
- Client computers
Files and folders to consider excluding from antivirus software scanning
Consider excluding the following files and folders from antivirus scanning to minimize performance decreases:
- The following list is not exhaustive. It is built from observations and from work in various customer environments.
- Each environment requires a thoughtful decision about what to include and to exclude. Excluding files from antivirus scans could lead to unwanted consequences. The list should be used together with your well-planned internal information technology (IT) management policies.
Microsoft Dynamics CRM servers
- Consider the following directories for exclusion from antivirus scanning:
- %SystemDrive%inetpubtempIIS Temporary Compressed File
- Make sure any script-scanning functionality in your antivirus software is turned off on the server that is running Microsoft Dynamics CRM.
- For more information about antivirus software that is used with Internet Information Services (IIS), click the following article numbers to view the articles in the Microsoft Knowledge Base:
- SQL Server data files. These files usually have the following file name extensions:
- SQL Server backup files. These files usually have the following file name extensions:
- Full-text catalog files
- The directory that holds SQL Server Analysis Services data
- If a SQL Server failover cluster is being used, consider excluding the following from antivirus scanning:
- Q: (Quorum drive)
For more information about SQL Server and antivirus software, click the following article number to view the article in the Microsoft Knowledge Base:
How to choose antivirus software to run on computers that are running SQL Server
Microsoft Dynamics CRM client
- Check for any interference from desktop security software. Some antivirus programs include a feature known as ScriptScan that can affect performance in Microsoft Dynamics CRM. Most antivirus programs have functionality to disable scanning on certain websites. Make sure that the Microsoft Dynamics CRM URL is added to this list. For more information about McAfee and other antivirus software, visit the following websites:
- If you use other antivirus software, make sure that the Microsoft Dynamics CRM website URL is included in the trusted zone for virus scanning, and switch off on-access scanning for the Microsoft Dynamics CRM website. See your specific antivirus application documentation for more information.
- If virtual servers are used in the deployment, consider excluding the directory on the host computer that contains the virtual hard disk files.
- For Hyper-V specifically, consider excluding the following processes:
- For more information about virtual servers, click the following article number to view the article in the Microsoft Knowledge Base:
Virtual machines are missing in the Hyper-V Manager Console or when you create or start a virtual machine, you receive one of the following error codes: “0x800704C8″, “0×80070037″ or “0x800703E3″
If you use an email router, consider excluding the following files from antivirus scanning:
Note By default, these files exist at the following location:
C:Program FilesMicrosoft CRM EmailService
If a trace is being run, the trace file as configured in Emailagent.xml can also be excluded.
Enterprise Windows-based servers (Windows Server 2008, Windows Server 2008 R2, Windows Server 2003, Windows 2000, Windows Vista, Windows XP, Windows 7)
- Windows Update-related or Automatic Update-related files
- Windows Security files
Note: By default, these files are located in the following folder:
- Group Policy-related files
For more information about Enterprise Window Servers virus scanning exclusion recommendations, click the following article number to view the article in the Microsoft Knowledge Base:
Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows