Here are my 2 cents… In addition to above list, you can also exclude following... Locked Files: The files which are permanently locked by a server process such as Windows Pagefile. Very Large Files: CD/DVD images (.iso) and Virtual Machine Files such as .vhd, .vmdk etc. Few Temporary Files: Spool folder and Exchange Server MTA queues.~Santosh

We are currently reviewing our Client virus scanning exclusion policy and are considering to follow KB822158. For example exclude the below from scanning by our AV clients: %windir%\SoftwareDistribution\Datastore\Datastore.edb %windir%\SoftwareDistribution\Datastore\Logs (Res*.log, Res*.jrs, Edb.chk, Tmp.edb) %windir%\Security\Database (*.edb, *.sdb, *.log, *.chk, *.jrs) %allusersprofile%\NTUser.pol %Systemroot%\System32\GroupPolicy Some of these we are already excluding but for the sake of improving performance and reducing risk of damage to client systems we are considering to follow the above. We understand, of course, that there is an increased risk by excluding more folders and files from the active and manual/scheduled anti virus scans. So here I am seeking feedback from you all on what best practices you follow with AntiVirus scan exclusions. Our main concern is the security risk aspect of course. Appreciate any feedback that anyone can offer. Thanks.

Here are my 2 cents… In addition to above list, you can also exclude following... Locked Files: The files which are permanently locked by a server process such as Windows Pagefile. Very Large Files: CD/DVD images (.iso) and Virtual Machine Files such as .vhd, .vmdk etc. Few Temporary Files: Spool folder and Exchange Server MTA queues.~Santosh