What Notification Server folders and files should be considered for exclusion with antivirus software?
The folders and files on Notification Servers that would qualify for consideration to be excluded from antivirus scans are the following:
- In the NScap folder:
The Windows %temp% folder, typically found at C:\Windows\Temp, but its location can change for some of the Windows operating systems. In this folder, exclude .tmp files.
- …\Program Files\Altiris\Notification Server\NSCap\EvtInbox
- …\Program Files\Altiris\Notification Server\NSCap\EvtQFast
- …\Program Files\Altiris\Notification Server\NSCap\EvtQLarge
- …\Program Files\Altiris\Notification Server\NSCap\EvtQSlow
- …\Program Files\Altiris\Notification Server\NSCap\EvtQueue
- …\Program Files\Altiris\Notification Server\NSCap\Temp
Note: The files in the EvtInbox folder are zero-footprint inventory files from client machines
Note: The files in the EvtQ* folders are generally inventory and notification data from client machines
Note: The files in the Temp folder are temporary files that the system is using
Note: These .tmp files can be .nse files that IIS may temporarily store at this location before placing them in the NScap queues.
If SQL is on the same computer as the Notification Server, there is wisdom in excluding the database files (files with extensions of .ldf, .mdf, and .bak).