Etrust antivirus locking up SBS2003

Discussion in 'Windows Small Business Server' started by TR, Apr 13, 2006.

  1. TR

    TR Guest

    Hi everyone,

    I have an installation of SBS2003 Premium with Etrust Antivirus version 7.1.
    If I enable realtime AV outgoing/incoming, the server slows to a crawl. Any
    ideas?
    Are there directories that need to be excluded from the realtime monitoring?

    TR
     
    TR, Apr 13, 2006
    #1
    1. Advertisements

  2. Probably because Etrust Antivirus version 7.1 is Desktop Virus Software.
    Not designed for a server.

    For a server solution in the CA line,
    Try CA Server Protection Suite

    Russ

    --
    Russ Grover
    Microsoft Small Business Specialist.
    Portland/Beaverton OR
    Email: Support at SBITS.Biz
    Website: http://www.SBITS.Biz
     
    Russ Grover - SBITS.Biz, Apr 13, 2006
    #2
    1. Advertisements

  3. I'm assuming you're pretty sure this is eTrust? I don't see any noticeable
    performance hit from eTrust at all. Here's what I do:

    Don't scan windows\IIS Temporary Compressed Files, windows\system32\inetsrv,
    windows\system32\IIS, or your entire Exchange MDBDATA directory.

    Don't scan these file extensions: BTR, CHK, CPA, DAT, DB, DBF, EDB, EML,
    LDB, LOG, MDW, MDX, NDX, SBF, STM.

    Don't scan these processes: cidaemon.exe, emsmta.exe, eseutil.exe,
    events.exe, exmgmt.exe, isinteg.exe, mad.exe, msgeng.exe, mtacheck.exe,
    srsmain.exe, store.exe.

    Turn off Exchange background scanning - you don't need it anymore since
    messages that have not been scanned by the current signature file will
    automatically be scanned when opened.

    If you have Arcserve backup, don't scan its processes or database directory.
     
    Dave Nickason [SBS MVP], Apr 13, 2006
    #3
  4. TR

    Al Williams Guest

    Is this a new install or was it working and now it's slow?
    In the process manager which processes are hogging the CPU?

    Make sure you are up to date on your CA patches. From my install notes:

    Install the ETrust Antivirus 7.1 from the CD (base install plus exchange and
    the administration tools). Apply the following CA patches from
    http://supportconnectw.ca.com/public/antivirus/antivirussupp.asp as per the
    instructions in their .TXT files:
    · EAV71_501.EXE (service pack 501, Q065501.TXT)
    · QO57638.CAZ
    · QO59177.CAZ
    · QO60359.CAZ
    · QO64413.CAZ
    · Q064417.EXE
    · QO65521.CAZ
    · Q068975.EXE
    · Q069136.EXE
    · Q070407.EXE
    · drvupdi.exe (latest realtime drivers)

    Build should be 7.1.501 (Etrust) and 7.1.373 (Exchange add-on) after all
    this.

    They just released new realtime drivers last month which I haven't tried
    yet. If you have them they *may* be the issue so try and go back to last
    years.

    As far as exclusions go, the usual SBS/Exchange exclusions apply:

    - all exchange and SQL/MSDE databases
    - temporary and urlcache folders
    - c:\windows\system32\lls
    - c:\windows\system32\inetsrv

    ETrust also let's you exclude processes which I usually include STORE.EXE,
    SQLSERV.EXE, MAD.EXE, and EXMGMT.EXE.

    My Etrust setup has been running great for months on our SBS2003 SP1 Premium
    system so I suspect you just need some updates. Post back with any news and
    good luck.
     
    Al Williams, Apr 13, 2006
    #4
  5. TR

    Al Williams Guest

    Al Williams, Apr 13, 2006
    #5
  6. Wow the old ones didn't.
    I stand corrected.. Thanks.

    In that case I'd turn off Heuristic scanning (If it has it.)

    --
    Russell Grover
    Microsoft Small Business Specialist
    Portland/Beaverton OR
    Email: Support at SBITS.Biz
    Website: http://www.SBITS.Biz
     
    Russ Grover - SBITS.Biz, Apr 14, 2006
    #6
  7. TR

    KC Dickson Guest

    Download and install the Exchange Best Practices analyzer (ExBPA), run it
    and then look at the "Full Issues" list. On systems that have eTrust
    installed (among others) it will pop up and tell you specifically of any
    needed File/Folder/ File Type exclusions and how to set them. I have used
    this on 10+ exchange systems with eTrust installed and they are all running
    smoothly.

    K. Dickson
     
    KC Dickson, Apr 14, 2006
    #7
  8. TR

    TR Guest

    thanks guys

    I will do the research and let you know what I find.

    TR
     
    TR, Apr 14, 2006
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.