Бесплатный антивирус для Windows Server 2012 R2
Бесплатный антивирус для Windows Server 2012 R2
Антивирусная защита серверов всегда была актуальной. Сейчас я расскажу простой способ, как установить Microsoft Security Essentials на Windows Server 2008 и 2012 R2. Почему MSE? Данный продукт Microsoft хорошо зарекомендовал себя как сбалансированный инструмент для защиты операционных систем семейства Windows desktop класса. Ниже представлена краткая инструкция:
- скачиваем MSE с официального сайта, редакция для Windows 7 64bit
- устанавливаем для загруженного файла режим совместимости с Windows 7
- запускаем командную строку (cmd) с параметрами администратора
- переходим в каталог с .exe файлом программы и запускаем установку с параметром “mseinstall /disableoslimit”
Готово, бесплатный антивирус в лице MSE для Windows Server 2012 R2 установлен. Справедливости ради, стоит упомянуть про два момента. Первый заключается в том, что Microsoft Security Essentials может использоваться и на более ранних версия серверных операционных системах, таких как Windows Server 2003 и 2008/R2. Второй – это нарушает политику лицензирования Windows.
Если по каким-либо причинам, MSE вас не удовлетворяет, как бесплатное решение по антивирусной защите Windows Server, можно проделать следующий трюк с Avira Free Antivirus. Отыскать старую версию данного ПО (где нет проверки на ОС), выполнить инсталляцию и обновить до последней актуальной версии.
Нашли ошибку в тексте? Выделите фрагмент текста и нажмите Ctrl+Enter
Running Windows antivirus software on Exchange servers
When you run Windows antivirus programs on Microsoft Exchange servers, you can help enhance the security and health of your Exchange organization. However, if they aren’t configured correctly, Windows antivirus programs can cause problems in Exchange Server.
There are two basic components of any Windows antivirus program:
Memory-resident scanning or real-time protection monitors all files and processes that are loaded and running in a computer’s active memory.
File-level scanning refers to checking files on the hard disk for viruses manually or on a regular schedule. Some antivirus programs start an on-demand scan automatically after the virus signatures are updated to make sure that all files are scanned with the latest signatures.
The biggest potential problem is a Windows antivirus program might lock or quarantine an open log file or database file that Exchange needs to modify. This can cause severe failures in Exchange Server, and it might also generate 1018 event log errors. Therefore, excluding these files from being scanned by the Windows antivirus program is very important.
Another issues to consider is that Windows antivirus programs can’t replace email-based antispam and antimalware solutions because Windows antivirus programs that run on Windows servers can’t detect viruses, malware, and spam that are distributed only through email.
Recommended exclusions for Windows antivirus programs on Exchange servers
When you deploy a Windows antivirus program on an Exchange server, make sure that the folder exclusions, process exclusions, and file name extension exclusions that are described in these sections are configured for both memory-resident and file-level scanning.
Note: The %ExchangeInstallPath% value is typically C:\Program Files\Microsoft\Exchange Server\V15\ (includes a trailing «\»), the %SystemRoot% value is typically C:\Windows (doesn’t include a trailing «\»), and the %SystemDrive% value is typically C: (doesn’t include a trailing «\»).
The locations of many of these Exchange folders are configurable in the Exchange Management Shell. To learn how to open the Exchange Management Shell in your on-premises Exchange organization, see Open the Exchange Management Shell.
Folder exclusions
Exclude the following folders from file-level scanning and memory-resident scanning on Exchange servers.
Unified Messaging is not available in Exchange 2019.
| Folder | Category | Description | Servers | |
|---|---|---|---|---|
| %SystemRoot%\Cluster | DAGs | The cluster quorum database and other files for database availability groups (DAGs). | Mailbox servers | |
| %SystemDrive%\DAGFileShareWitnesses\ | DAGs | The witness directory on the witness server that’s configured for the DAG. The witness server can be virtually any Microsoft Windows server in the local Active Directory forest that isn’t already a member of the DAG. To see the actual location, run the following command: Get-DatabaseAvailabilityGroup | Format-List *Witness* | Any | |
| %ExchangeInstallPath%ClientAccess\OAB | Offline Address Books | Offline Address Book files. | Mailbox servers | |
| %ExchangeInstallPath%FIP-FS | Antimalware and DLP | Content scanning that’s used by the Malware agent and data loss prevention (DLP). | Mailbox servers | |
| %ExchangeInstallPath%GroupMetrics | MailTips | Group Metrics files that are used to calculate values for the Large Audience and External Recipients MailTips. | Mailbox servers | |
| %ExchangeInstallPath%Logging | Exchange process logs | This folder contains many different types of Exchange logs in subfolders. For example: • Calendar Repair Assistant logs • Managed Folder Assistant logs • IMAP4 protocol logs • POP3 protocol logs To see the actual locations, run the following commands: Get-MailboxServer -Identity | Format-List *LogPath* Get-PopSettings | Format-List LogFileLocation Get-ImapSettings | Format-List LogFileLocation | Mailbox servers | |
| %ExchangeInstallPath%Mailbox | Mailbox databases | Exchange databases, checkpoint files, and log files. By default, these files are located in subfolders based on the name of the database. To see the actual locations, run the following command: Get-MailboxDatabase -Server | Format-List EdbFilePath,LogFolderPath By default, database context index files are located in the same folder as the database files in a subfolder that’s named after the GUID of the database. | Mailbox servers | |
| %ExchangeInstallPath%TransportRoles\Data\Adam | EdgeSync | Active Directory Lightweight Directory Services (AD LDS) and log files. | Edge Transport servers | |
| %ExchangeInstallPath%TransportRoles\Data\IpFilter | Connection filtering | IP filter database, checkpoint, and log files. | Edge Transport servers | |
| %ExchangeInstallPath%TransportRoles\Data\Queue | Queues | Queue database, checkpoint, and log files. | Mailbox servers Edge Transport servers | |
| %ExchangeInstallPath%TransportRoles\Data\SenderReputation | Sender reputation | Sender Reputation database, checkpoint, and log files. | Edge Transport servers Mailbox servers | |
| %ExchangeInstallPath%TransportRoles\Data\Temp | Content conversion | Content conversion that’s done in the transport pipeline. | Mailbox servers Edge Transport servers | |
| %ExchangeInstallPath%TransportRoles\Logs | Transport logs | Mail flow and transport pipeline logs are located in subfolders, for example: • Agent logging • Connectivity logging • Message tracking • Pipeline tracing • Send and Receive connector protocol logging To see the actual locations, run the following commands: Get-TransportService | Format-List *LogPath,*TracingPath Get-FrontEndTransportService | Format-List *LogPath Get-MailboxTransportService | Format-List *LogPath,*TracingPath | Mailbox servers Edge Transport servers (Transport service only) | |
| %ExchangeInstallPath%TransportRoles\Pickup | Pickup directory | The Pickup directory is used by administrators for mail flow testing or by applications that need to create and submit their own message files. To see the actual location, run the following command: Get-TransportService | Format-List PickupDirectoryPath | Mailbox servers Edge Transport servers | |
| %ExchangeInstallPath%TransportRoles\Replay | Replay directory | The Replay directory receives messages from foreign gateway servers and can also be used to resubmit messages that administrators export from the queues of Exchange servers. To see the actual location, run the following command: Get-TransportService | Format-List ReplayDirectoryPath | Mailbox servers Edge Transport servers |
| %ExchangeInstallPath%UnifiedMessaging\Grammars | Unified Messaging | Grammar files for different locales, for example en-EN or es-ES. | Exchange 2016 Mailbox servers | |
| %ExchangeInstallPath%UnifiedMessaging\Prompts | Unified Messaging | Voice prompts, greetings, and informational message files. | Exchange 2016 Mailbox servers | |
| %ExchangeInstallPath%UnifiedMessaging\Temp | Unified Messaging | Temporary files generated by Unified Messaging. | Exchange 2016 Mailbox servers | |
| %ExchangeInstallPath%UnifiedMessaging\Voicemail | Unified Messaging | Voice mail files that are temporarily stored. | Exchange 2016 Mailbox servers | |
| %ExchangeInstallPath%Working\OleConverter | Content conversion | Transport Neutral Encoding Format (TNEF), also known as Rich Text Format (RTF), to MIME/HTML conversions. | Mailbox servers Edge Transport servers | |
| %SystemDrive%\inetpub\temp\IIS Temporary Compressed Files | Web components | Internet Information Services (IIS) compression folder that’s used with Outlook on the web. | Mailbox servers | |
| %SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files | Web components | Temporary files that are used with Exchange services. These files are located in the following subfolders: autodiscover ecp ecp ews mapi mapi_emsmdb microsoft-server-activesync oab owa owa_calendar powershell root rpc | Mailbox servers | |
| %SystemRoot%\System32\Inetsrv | Web components | IIS system files. | Mailbox servers | |
| %SystemRoot%\Temp\OICE_ | Exchange Search | Temporary files used by the Exchange Search service and Microsoft Filter Pack to perform file conversion in a sandboxed environment. | Mailbox servers |
Process exclusions
Many antivirus programs support the scanning of processes, which can adversely affect Microsoft Exchange if the incorrect processes are scanned. Therefore, you should exclude the following Exchange or related processes from process scanning.
| Process | Path | Comments | Servers |
|---|---|---|---|
| ComplianceAuditService.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Compliance Audit service (MSComplianceAudit) | Mailbox servers |
| Dsamain.exe | %SystemRoot%\System32 | Microsoft Exchange ADAM service (ADAM_MSExchange) (Active Directory Lightweight Directory Services (AD LDS) on subscribed Edge Transport servers) | Edge Transport servers |
| EdgeTransport.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Transport service worker process | Mailbox servers Edge Transport servers |
| fms.exe | %ExchangeInstallPath%FIP-FS\Bin | Content scanning component that’s used by the Malware agent and DLP. | Mailbox servers |
| hostcontrollerservice.exe | %ExchangeInstallPath%Bin\Search\Ceres\HostController | Microsoft Exchange Search Host Controller service (HostControllerService) | Mailbox servers |
| inetinfo.exe | %SystemRoot%\System32\inetsrv | Internet Information Services (IIS) | Mailbox servers |
| Microsoft.Exchange.AntispamUpdateSvc.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Antispam Update service (MSExchangeAntispamUpdate) | Mailbox servers Edge Transport servers |
| Microsoft.Exchange.ContentFilter.Wrapper.exe | %ExchangeInstallPath%TransportRoles\agents\Hygiene | Content Filter agent | Mailbox servers Edge Transport servers |
| Microsoft.Exchange.Diagnostics.Service.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Diagnostics service (MSExchangeDiagnostics) | Mailbox servers Edge Transport servers |
| Microsoft.Exchange.Directory.TopologyService.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Active Directory Topology service (MSExchangeADTopology) | Mailbox servers |
| Microsoft.Exchange.EdgeCredentialSvc.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Credential service (MSExchangeEdgeCredential) | Edge Transport servers |
| Microsoft.Exchange.EdgeSyncSvc.exe | %ExchangeInstallPath%Bin | Microsoft Exchange EdgeSync service (MSExchangeEdgeSync) | Mailbox servers |
| Microsoft.Exchange.Imap4.exe | %ExchangeInstallPath%FrontEnd\PopImap | Microsoft Exchange IMAP4 service (MSExchangeImap4) | Mailbox servers |
| Microsoft.Exchange.Imap4service.exe | %ExchangeInstallPath%ClientAccess\PopImap | Microsoft Exchange IMAP4 Backend service (MSExchangeIMAP4BE) | Mailbox servers |
| Microsoft.Exchange.Notifications.Broker.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Notifications Broker service (MSExchangeNotificationsBroker) | Mailbox servers |
| Microsoft.Exchange.Pop3.exe | %ExchangeInstallPath%FrontEnd\PopImap | Microsoft Exchange POP3 service (MSExchangePop3) | Mailbox servers |
| Microsoft.Exchange.Pop3service.exe | %ExchangeInstallPath%ClientAccess\PopImap | Microsoft Exchange POP3 Backend service (MSExchangePOP3BE) | Mailbox servers |
| Microsoft.Exchange.ProtectedServiceHost.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Service Host service (MSExchangeServiceHost) | Mailbox servers Edge Transport servers |
| Microsoft.Exchange.RPCClientAccess.Service.exe | %ExchangeInstallPath%Bin | Microsoft Exchange RPC Client Access service (MSExchangeRPC) | Mailbox servers |
| Microsoft.Exchange.Search.Service.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Search service (MSExchangeFastSearch) | Mailbox servers |
| Microsoft.Exchange.Servicehost.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Service Host service (MSExchangeServiceHost) | Mailbox servers Edge Transport servers |
| Microsoft.Exchange.Store.Service.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Information Store service (MSExchangeIS) | Mailbox servers |
| Microsoft.Exchange.Store.Worker.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Information Store service worker process | Mailbox servers |
| Microsoft.Exchange.UM.CallRouter.exe | %ExchangeInstallPath%FrontEnd\CallRouter | Microsoft Exchange Unified Messaging Call Router service (MSExchangeUMCR) | Exchange 2016 Mailbox servers |
| MSExchangeCompliance.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Compliance Service (MSExchangeCompliance) | Mailbox servers |
| MSExchangeDagMgmt.exe | %ExchangeInstallPath%Bin | Microsoft Exchange DAG Management service (MSExchangeDagMgmt) | Mailbox servers |
| MSExchangeDelivery.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Mailbox Transport Delivery service (MSExchangeDelivery) | Mailbox servers |
| MSExchangeFrontendTransport.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Frontend Transport service (MSExchangeFrontEndTransport) | Mailbox servers |
| MSExchangeHMHost.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Health Manager service (MSExchangeHM) | Mailbox servers Edge Transport servers |
| MSExchangeHMWorker.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Health Manager service worker process | Mailbox servers Edge Transport servers |
| MSExchangeMailboxAssistants.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Mailbox Assistants service (MSExchangeMailboxAssistants) | Mailbox servers |
| MSExchangeMailboxReplication.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Mailbox Replication service (MSExchangeMailboxReplication) | Mailbox servers |
| MSExchangeRepl.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Replication service (MSExchangeRepl) | Mailbox servers |
| MSExchangeSubmission.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Mailbox Transport Submission service (MSExchangeSubmission) | Mailbox servers |
| MSExchangeTransport.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Transport service (MSExchangeTransport) | Mailbox servers Edge Transport servers |
| MSExchangeTransportLogSearch.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Transport Log Search service (MSExchangeTransportLogSearch) | Mailbox servers Edge Transport servers |
| MSExchangeThrottling.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Throttling service (MSExchangeThrottling) | Mailbox servers |
| Noderunner.exe | %ExchangeInstallPath%Bin\Search\Ceres\Runtime\1.0 | Microsoft Exchange Search service (MSExchangeFastSearch) | Mailbox servers |
| OleConverter.exe | %ExchangeInstallPath%Bin | Converts rich text format (RTF) messages to MIME/HTML for external recipients. | Mailbox servers |
| ParserServer.exe | %ExchangeInstallPath%Bin\Search\Ceres\ParserServer | Microsoft Exchange Search service (MSExchangeFastSearch) | Mailbox servers |
| Powershell.exe | C:\Windows\System32\WindowsPowerShell\v1.0 | Exchange Management Shell | Mailbox servers Edge Transport servers |
| ScanEngineTest.exe | %ExchangeInstallPath%FIP-FS\Bin | Content scanning component that’s used by the Malware agent and DLP | Mailbox servers |
| ScanningProcess.exe | %ExchangeInstallPath%FIP-FS\Bin | Content scanning component that’s used by the Malware agent and DLP | Mailbox servers |
| UmService.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Unified Messaging service (MSExchangeUM) | Exchange 2016 Mailbox servers |
| UmWorkerProcess.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Unified Messaging service worker process | Exchange 2016 Mailbox servers |
| UpdateService.exe | %ExchangeInstallPath%FIP-FS\Bin | Content scanning component that’s used by the Malware agent and DLP | Mailbox servers |
| W3wp.exe | %SystemRoot%\System32\inetsrv | Internet Information Services (IIS) | Mailbox servers |
| wsbexchange.exe | %ExchangeInstallPath%Bin | Microsoft Exchange Server Extension for Windows Server Backup (wsbexchange) | Mailbox servers |
File name extension exclusions
In addition to excluding specific folders and processes, you should exclude the following Exchange-specific file name extensions in case folder exclusions fail or files are moved from their default locations.
