Antivirus software that is not correctly configured is a fairly common cause of many performance and stability issues with Exchange. It's a good idea to run antivirus software on your Exchange 2013 servers to help prevent malware, and I always recommend it to customers. But if you do install antivirus software you need to configure it with the correct exclusions so that it doesn't interfere with Exchange Server's operations.
Microsoft has published a list of file/folder, process, and file type exclusions that should be applied to antivirus software running on an Exchange 2013 server. It's quite long, and you might notice some duplication of effort. For example, Microsoft recommends excluding the path of the database files (eg, F:\DB01\DB01.edb) but also the file type .edb. Why both? Well it's just a precaution in case a database is moved to a different path without updating the exclusions list, or if the antivirus software you're using needs to handle the exclusions a specific way.
Since the exclusions list is so long and relies on a number of variables (eg the Exchange install path is something you can choose during setup, so it won't always be C:\Program Files…), working out the actual list of exclusions is a very long and tedious task.
That's why I've written a PowerShell script to generate the list quickly and easily.
Get-Exchange2013AVExclusions.ps1 can be downloaded from the TechNet Script Gallery.
The script is run directly on an Exchange 2013 server using the Exchange Management Shell. If you're deploying multiple servers with the same configuration (eg members of a database availability group) you can use the script to generate the exclusions list off one server and then use your antivirus software's policy-based management to deploy the same settings to all of your servers.
Simply run the script with no parameters to generate the exclusions lists.
The result is three text files; one for the file/folder paths, one for the processes, and one for the file extensions.
Feedback and questions are welcome in the comments below.