Solved

Microsoft Forefront

Posted on 2013-06-12
3
724 Views
Last Modified: 2013-11-22
Hello, I need some help.
I have Microsoft forefront on my network workstations as my antivirus. Two of my workstation are continuously being scanned causing the cpu usage to spike which causes decrease in the workstations' performance. My other workstations run a quick scan once a day early in the morning and a full scan once a week. But 2 of these stations are always non stop in scan mode. Any idea what is causing this and how to fix it. No infections are ever found. What can I look for to fix this.
-thank you-
0
Comment
Question by:MrMay
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 64

Accepted Solution

by:
btan earned 500 total points
ID: 39243253
I amy even want to test if scan per file will stop - rightfully it should just to make sure the engine is alright. I suspecting the scehduler though...we can also stop all scan and try the commandline approach to see if this loop exist still.  There is means to schedule thru commandline too.

http://www.chris-mohan.com/2009/05/forcing-av-scans-for-the-command-line-in-forefront/
http://blogs.technet.com/b/kfalde/archive/2008/10/23/how-to-add-extra-scheduled-scans-or-definition-updates-for-fcs.aspx

In particular, usage of MpCmdRun.exe -Trace indicates that it traces all levels and all groups. There is log file generated which can help us to see where or hints of hanging... ... probably event log has error hints too
http://it.toolbox.com/blogs/it-pro-secure/forefront-client-security-using-the-log-files-from-the-forefront-client-security-agent-sp1for-analysis-31107

i was thinking if it is catch up scan initially but seems its scan was never been stopped - meaning the machine is shut down before or "missed" the scheduled scan etc.
http://blogs.technet.com/b/fcsnerds/archive/2009/06/18/understanding-catch-up-scans.aspx

I was looking at sort of file scanned that be causing loop, maybe
http://support.microsoft.com/kb/939361
0
 
LVL 38

Expert Comment

by:younghv
ID: 39339058
I've requested that this question be closed as follows:

Accepted answer: 500 points for breadtan's comment #a39243253

for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Recovering from what the press called "the largest-ever cyber-attack", IT departments worldwide are discussing ways to defend against this in the future. In this process, many people are looking for immediate actions while, instead, they need to tho…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question