Solved

Microsoft Forefront

Posted on 2013-06-12
3
721 Views
Last Modified: 2013-11-22
Hello, I need some help.
I have Microsoft forefront on my network workstations as my antivirus. Two of my workstation are continuously being scanned causing the cpu usage to spike which causes decrease in the workstations' performance. My other workstations run a quick scan once a day early in the morning and a full scan once a week. But 2 of these stations are always non stop in scan mode. Any idea what is causing this and how to fix it. No infections are ever found. What can I look for to fix this.
-thank you-
0
Comment
Question by:MrMay
3 Comments
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 39243253
I amy even want to test if scan per file will stop - rightfully it should just to make sure the engine is alright. I suspecting the scehduler though...we can also stop all scan and try the commandline approach to see if this loop exist still.  There is means to schedule thru commandline too.

http://www.chris-mohan.com/2009/05/forcing-av-scans-for-the-command-line-in-forefront/
http://blogs.technet.com/b/kfalde/archive/2008/10/23/how-to-add-extra-scheduled-scans-or-definition-updates-for-fcs.aspx

In particular, usage of MpCmdRun.exe -Trace indicates that it traces all levels and all groups. There is log file generated which can help us to see where or hints of hanging... ... probably event log has error hints too
http://it.toolbox.com/blogs/it-pro-secure/forefront-client-security-using-the-log-files-from-the-forefront-client-security-agent-sp1for-analysis-31107

i was thinking if it is catch up scan initially but seems its scan was never been stopped - meaning the machine is shut down before or "missed" the scheduled scan etc.
http://blogs.technet.com/b/fcsnerds/archive/2009/06/18/understanding-catch-up-scans.aspx

I was looking at sort of file scanned that be causing loop, maybe
http://support.microsoft.com/kb/939361
0
 
LVL 38

Expert Comment

by:younghv
ID: 39339058
I've requested that this question be closed as follows:

Accepted answer: 500 points for breadtan's comment #a39243253

for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
quarantine versus delete 6 69
creating custom .audit file with Nessus Tenable 3 100
Extra security implementation for 2017 9 49
SHA2 certs for IIS AND Java? 2 77
Here are the five steps I suggest to every sysadmin to fix the fall-out from a security breach.
With healthcare moving into the digital age with things like Healthcare.gov, the digitization of patient records and video conferencing with patients, data has a much greater chance of being exposed than ever before.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now