Veeam Support Knowledge Base
Antivirus Exclusions for Veeam Backup & Replication

Antivirus Exclusions for Veeam Backup & Replication

KB ID:	1999
Product:	Veeam Backup & Replication \| 10 \| 11
Published:	2015-02-03
Last Modified:	2022-11-09

By subscribing, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.

Cheers for trusting us with the spot in your mailbox!

Now you’re less likely to miss what’s been brewing in our knowledge base with this weekly digest

Oops! Something went wrong.

Please try again later.

Purpose

This article documents antivirus exclusions that may be created to reduce the impact that antivirus software has on the functionality of Veeam Backup & Replication. These antivirus exclusions may be applied to the Windows built-in antivirus or third-party antivirus software.

Note: Antivirus will not always cause Veeam Backup & Replication functions to fail; antivirus software may also negatively impact performance.

Due to the complex nature of antivirus software, additional exclusions may be needed. Users are advised to review their antivirus logging or history to determine if additional objects need to be excluded.

Antivirus Exclusions

On the Veeam Backup & Replication Server:

C:\Program Files\Veeam\
C:\Program Files (x86)\Veeam\
C:\Program Files\Common Files\Veeam\
C:\Program Files (x86)\Common Files\Veeam\
VBRCatalog Path

This path can be found in the registry under the value named CatalogPath in the key HKLM\SOFTWARE\Veeam\Veeam Backup Catalog\
NFS Path

This path can be found in the registry under the value named RootFolder in the key HKLM\SOFTWARE\Wow6432Node\Veeam\Veeam NFS\
C:\VeeamFLR\
%windir%\Veeam\
%programdata%\Veeam\
This is the default log directory location, if the log directory path has been changed, the AV exclusion must be adjusted to match.
C:\Windows\TEMP\*\veeamflr-*.flat
C:\Windows\Temp\VeeamBackup\

In Guest OS of protected Machines:

%windir%\VeeamVssSupport\
Folder will only be used if either Application-Aware Processing or Guest File System Indexing are enabled.
%windir%\VeeamLogShipper\
Folder will only be used on SQL Servers when SQL Server Transaction Log Backup is enabled.

On VMware Backup Proxies, Gateway Servers, and Hyper-V Hosts:

C:\Program Files (x86)\Veeam\
%windir%\Veeam\
C:\Windows\Temp\VeeamBackup\
%programdata%\Veeam\
Veeam CDP Proxy Cache Folder
Default: C:\VeeamCDP\
Mount Server Instant recover write cache folder
Review each repository's Mount Server setting and add an AV exclusion for the write cache path on the Mount Server specified.
VeeamAgent.exe
VeeamAgent64.exe

On Windows Repositories:

C:\Program Files (x86)\Veeam\
%windir%\Veeam\
%programdata%\Veeam\
*Also include the path to the backup files*
*Also include the path to 'ArchiveIndex' for capacity tier*
VeeamAgent.exe
VeeamAgent64.exe

On WAN Accelerators:

C:\Program Files (x86)\Veeam\
%programdata%\Veeam\
%windir%\Veeam\
*Path of WAN cache on WAN accelerators*

Repository File Extensions:

*.erm
*.flat
*.vab
*.vbk
*.vbk.tmp
*.vblob
*.vbm
*.vbm_*tmp
*.vcache
*.vib
*.vindex
*.vlb
*.vmdk
*.vrb
*.vsb
*.vslice
*.vsource
*.vsourcecopy
*.vsourcetemp
*.vstore
*.vstorecopy
*.vstoretemp

More Information

Third-Party Antivirus Exclusion References

Microsoft: Recommended antivirus exclusions for Hyper-V hosts

Related Veeam Antivirus Exclusion Articles

Antivirus Software on Linux

Due to the high variability in how each Antivirus solution operates or may be configured, some Linux Administrators may find that no exclusions are needed. Yet others may find that their Antivirus policies may necessitate specific exclusions. With that in mind, we strongly encourage Linux administrators to review their Antivirus logging closely when issues occur and adjust rules and policies accordingly.

Veeam Support has observed that the most common issues occur when Antivirus has been configured to tightly secure the /tmp/ directory, which in turn causes conflicts with Veeam's use of the path /tmp/Veeam/ . For example, a Veeam Agent for Linux backup job may display the error "POSIX: Failed to open file [/dev/veeamimage1]." This error can be misleading at first as the path shown in the error does not appear related to /tmp/Veeam/, but in fact,/dev/veeamimage is symlinked to /tmp/Veeam/{guid}/

Below is a preliminary list of folders and executables that have been identifed by Veeam Support:

/dev/veeamimage*
/etc/veeam/*
/opt/veeam/*
/tmp/veeamagent*
/tmp/veeam/*
/tmp/veeam/{*}
/usr/bin/veeamconfig
/usr/sbin/veeam*
Specific executables:
- veeam
- veeamagent
- veeamjobman
- veeammount
- veeampsqlagent
- veeamservice
- veeamsupporttool
/var/lib/veeam/*
/var/log/veeam/*

To submit feedback regarding this article, please click this link: Send Article Feedback
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.

Spelling error in text

Thank you!

Your feedback has been received and will be reviewed.

Oops! Something went wrong.

Please try again later.

KB Feedback/Suggestion

This form is only for KB Feedback/Suggestions, if you need help with the software open a support case

Product

Topic

Description

By submitting, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Verify your email to continue your product download

We've sent a verification code to:

An email with a verification code was just sent to

Didn't receive the code? Click to resend in sec

Didn't receive the code? Click to resend

Thank you!

Your feedback has been received and will be reviewed.

Oops! Something went wrong.

Please try again later.