Topic Last Modified: 2005-11-18
The Microsoft® Exchange Server Analyzer Tool reads the following registry entries to obtain the list of directories that have been excluded from manual file-level antivirus scanning in eTrust Antivirus from Computer Associates:
eTrust Antivirus 6.0
HKEY_LOCAL_MACHINE\Software\ComputerAssociates\InoculateIT\6.0\Job\szExcludeDirs
eTrust Antivirus 7.0
HKLM\Software\ComputerAssociates\eTrustAntivirus\CurrentVersion\Job\szExcludeDirs
The Exchange Server Analyzer also reads the value for the MsExchESEParamSystemPath attribute in the Active Directory® directory service, which is a storage group attribute that corresponds to the Exchange system data file location.
If the Exchange Server Analyzer finds that the value for szExcludeDirs does not include the path that corresponds to the Exchange system data file location, a warning is displayed.
eTrust Antivirus is a file-level antivirus scanning program. To determine the version of eTrust Antivirus installed on your Exchange Server computer:
- Navigate to Start | Programs | eTrust
Antivirus, and then click eTrust Antivirus to start the
application.
- On the eTrust Antivirus application menu, click Help,
and then click About eTrust Antivirus.
- Examine the Product Version field to determine the
version of eTrust Antivirus.
The following issues can occur when you use file-level scanners on an Exchange Server computer:
- File-level scanners scan a file when it is used or at a
scheduled interval, and may lock or quarantine an Exchange log or
database file while Exchange tries to use the file. This can cause
a severe failure in Exchange Server, and can also generate database
errors.
- More problems can occur if you scan the drive represented by
the Exchange Installable File System (IFS)—typically drive M—with
file-level scanner software.
Regardless of which file-level antivirus program that you use, you should always exclude the following files and folders from file-level scanners:
- .eml, .edb, .stm, .log, .dat and .chk files.
- The Exchange Server drive represented by the IFS. By default,
this is the M drive.
- Exchange databases and log files. By default, these are located
in the Exchsrvr\Mdbdata folder.
- Exchange MTA files in the Exchsrvr\Mtadata folder.
- Additional log files such as the Exchsrvr\server_name.log
file.
- The Exchsrvr\Mailroot virtual server folder.
- The working folder that is used to store streaming temporary
files that are used for message conversion. By default, this folder
is located at \Exchsrvr\MDBData, but you can configure the
location.
- The temporary folder that is used with offline maintenance
tools such as Eseutil.exe. By default, this folder is the location
where the .exe file is run from, but you can configure this
location when you run the tool.
- Site Replication Service (SRS) files in the Exchsrvr\Srsdata
folder.
- Microsoft Internet Information Service (IIS) system files in
the %SystemRoot%\System32\Inetsrv folder.
- IIS working files in the %SystemRoot%\IIS Temporary Compressed
Files folder.
To correct this warning
-
Use the eTrust Antivirus user interface to exclude the above listed folders and files from file-level antivirus scanning.
-
Visit the CA eTrust Antivirus Web site (http://www3.ca.com/Solutions/Product.asp?ID=156) for the latest information about using eTrust Antivirus on an Exchange Server computer.
Note: Web addresses can change, so you might be unable to connect to the Web site or sites mentioned here.
For more information about using antivirus software with Exchange Server, see the following Microsoft Knowledge Base articles:
- 328841, "XADM: Exchange and Antivirus Software" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=328841)
- 823166, "Overview of Exchange Server 2003 and antivirus
software" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=823166)
- 306105, "XGEN: Microsoft's Position on Antivirus Solutions for
Exchange 2000" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=306105)
- 245822, "Recommendations for troubleshooting an Exchange
computer with antivirus software installed" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=245822)
For a list of third-party antivirus software that is available for Exchange Server, see the Exchange Partners: Antivirus Web site (http://go.microsoft.com/fwlink/?LinkId=16226).
For more information about problems that can occur if you scan the IFS drive, see the following Knowledge Base articles:
- 298924, "XADM: Do Not Back Up or Scan Exchange 2000 Drive
M" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=298924)
- 300608, "XADM: C1041737 Err Msg Displayed When You Mount
Databases" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=300608)
- 299046, "XADM: Calendar Items Disappear from User's Folders"
(http://go.microsoft.com/fwlink/?linkid=3052&kbid=299046)