Topic Last Modified: 2005-11-18

The Microsoft® Exchange Server Analyzer Tool reads the following registry entries to obtain the list of processes that have been excluded from real-time file-level antivirus scanning in eTrust Antivirus from Computer Associates:

eTrust Antivirus 6.0


eTrust Antivirus 7.0


If the Exchange Server Analyzer finds that the value for szExcludeProcessNames does not include STORE.EXE, EMSMTA.EXE and MAD.EXE, a warning is displayed.

It is recommended that you do not scan the Microsoft Exchange Information Store process (Store.exe), the Exchange MTA process (Emsmta.exe) or the System Attendant process (Mad.exe) with a file-level based antivirus scanner while the these processes are running.

eTrust Antivirus is a file-level antivirus scanning program. To determine the version of eTrust Antivirus installed on your Exchange Server computer, do the following:

  1. Navigate to Start | Programs | eTrust Antivirus, and then click eTrust Antivirus to start the application.

  2. On the eTrust Antivirus application menu, click Help, and then click About eTrust Antivirus.

  3. Examine the Product Version field to determine the version of eTrust Antivirus.

The following issues can occur when you use file-level scanners on an Exchange Server computer:

Regardless of which file-level antivirus program that you use, you should always exclude the following files and folders from file-level scanners:

To correct this warning

  1. Use the eTrust Antivirus user interface to exclude the above listed folders and files from file-level antivirus scanning.

  2. Visit the Computer Associates eTrust Antivirus Web site ( for the latest information about using eTrust Antivirus on an Exchange Server computer.

    Web addresses can change, so you might be unable to connect to the Web site or sites mentioned here.

For more information about using antivirus software with Exchange Server, see the following Microsoft Knowledge Base articles:

For a list of third-party antivirus software that is available for Exchange Server, see the Exchange Partners: Antivirus Web site (

For more information about problems that can occur if you scan the IFS drive, see the following Knowledge Base articles: