Recommended antivirus exlusions on Notification Servers


Article ID: 181361


Updated On:


Management Platform (Formerly known as Notification Server)




What Notification Server folders and files should be considered for exclusion with antivirus software?


The folders and files on Notification Servers that would qualify for consideration to be excluded from antivirus scans are the following:

  1. In the NScap folder:
    • …\Program Files\Altiris\Notification Server\NSCap\EvtInbox
    • …\Program Files\Altiris\Notification Server\NSCap\EvtQFast
    • …\Program Files\Altiris\Notification Server\NSCap\EvtQLarge
    • …\Program Files\Altiris\Notification Server\NSCap\EvtQSlow
    • …\Program Files\Altiris\Notification Server\NSCap\EvtQueue
    • …\Program Files\Altiris\Notification Server\NSCap\Temp

      Note: The files in the EvtInbox folder are zero-footprint inventory files from client machines
      Note: The files in the EvtQ* folders are generally inventory and notification data from client machines
      Note: The files in the Temp folder are temporary files that the system is using
  2. The Windows %temp% folder, typically found at C:\Windows\Temp, but its location can change for some of the Windows operating systems. In this folder, exclude .tmp files.

    Note: These .tmp files can be .nse files that IIS may temporarily store at this location before placing them in the NScap queues.
  3. If SQL is on the same computer as the Notification Server, there is wisdom in excluding the database files (files with extensions of .ldf, .mdf, and .bak).