Solved

Microsoft Forefront

Posted on 2013-06-12
3
720 Views
Last Modified: 2013-11-22
Hello, I need some help.
I have Microsoft forefront on my network workstations as my antivirus. Two of my workstation are continuously being scanned causing the cpu usage to spike which causes decrease in the workstations' performance. My other workstations run a quick scan once a day early in the morning and a full scan once a week. But 2 of these stations are always non stop in scan mode. Any idea what is causing this and how to fix it. No infections are ever found. What can I look for to fix this.
-thank you-
0
Comment
Question by:MrMay
3 Comments
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 39243253
I amy even want to test if scan per file will stop - rightfully it should just to make sure the engine is alright. I suspecting the scehduler though...we can also stop all scan and try the commandline approach to see if this loop exist still.  There is means to schedule thru commandline too.

http://www.chris-mohan.com/2009/05/forcing-av-scans-for-the-command-line-in-forefront/
http://blogs.technet.com/b/kfalde/archive/2008/10/23/how-to-add-extra-scheduled-scans-or-definition-updates-for-fcs.aspx

In particular, usage of MpCmdRun.exe -Trace indicates that it traces all levels and all groups. There is log file generated which can help us to see where or hints of hanging... ... probably event log has error hints too
http://it.toolbox.com/blogs/it-pro-secure/forefront-client-security-using-the-log-files-from-the-forefront-client-security-agent-sp1for-analysis-31107

i was thinking if it is catch up scan initially but seems its scan was never been stopped - meaning the machine is shut down before or "missed" the scheduled scan etc.
http://blogs.technet.com/b/fcsnerds/archive/2009/06/18/understanding-catch-up-scans.aspx

I was looking at sort of file scanned that be causing loop, maybe
http://support.microsoft.com/kb/939361
0
 
LVL 38

Expert Comment

by:younghv
ID: 39339058
I've requested that this question be closed as follows:

Accepted answer: 500 points for breadtan's comment #a39243253

for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
An overview of HIPAA and guidance on this topic that Experts Exchange members can offer.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

1 Experts available now in Live!

Get 1:1 Help Now