|
Applies to all Kaspersky Lab products
 The article gives some tips about changing the system registry. Before making any changes in the system registry back up the system registry and study the restoring from the back up procedure. Incorrect changes of the parameters in the system registry by the registry editor or any other program may lead to serious faults and/or necessity to reinstall the operating system. Kaspersky Lab is not responsible for changes made in your system registry and does not provide help in troubleshooting the situation.
The article gives recommendations that might help to protect the computers running under Microsoft Windows Server 2003, Microsoft Windows 2000 and Microsoft Windows XP and the data stored on the computers from viruses. These recommendations will help to minimize the effect caused by the anti-virus software on the system efficiency and the network.
For Windows Server 2003, Windows 2000 and Windows XP operating systems:
It is recommended not to scan for viruses the files and folders given below. These files do not undergo the threat of being infected by viruses. As the files are blocked during the scan, the scan procedure can deliberately decrease system efficiency. The following files can be excluded from the scan:
- File of the database of the service Microsoft Windows update or automatic updates service. The file resides in Disc:\WINDOWS\SoftwareDistribution\DataStore named Datastore.edb
- Files of the transaction logs in the directory Disc:\WINDOWS\SoftwareDistribution\DataStore\Logs by mask Edb*.log. Exclude the files like:
- Edb*.log;
- Res1.log;
- Res2.log;
- Edb.chk;
- Tmp.edb.
For domain controllers running under Windows Server 2003 and Windows 2000.
Kaspersky Lab experts recommend using the following test configuration and make sure it does not lead to any unexpected consequences which may influence or even damage system environment and efficiency. When the volume of anti-virus scan is too large there is a risk that the “changed” attribute may be assigned to files wrongly which results in excess replication in the service of Active Directory folders. If the testing shows that the recommendations given below do not influence the replication volume, then the anti-virus programs can be used in the working environment. The following files can be excluded from scan:
- Main files of the NTDS database of the Active Directory service. Location of these files is given in the branch of the system registry HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters\DSA Database File. By default the files reside in the directory Disc:\WINDOWS\ntds .
You can exclude the following files:
- Files of the transaction log of the Active Directory service. Location of these files is given in the branch of the system registry HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters\Database Log Files Path. By default the files reside in the directory Disc:\WINDOWS\ntds. You can exclude the following files:
- EDB*.log;
- Res1.log;
- Res2.log;
- Ntds.pat.
- Files of the NTDS temporary folder given in the following branch of the system registry HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters\DSA Working Directory. You can exclude the following files:
- Files of the temporary folder of the files replication service (FRS). Location of the folder is given in the branch of the system registry HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Working Directory. You can exclude the following files:
- FRS Working Dir\jet\sys\edb.chk;
- FRS Working Dir\jet\ntfrs.jdb;
- FRS Working Dir\jet\log\*.log.
- Files of the files replication service log. Location of the files is given in the branch of the system registry HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NtFrs\Parameters\DB Log File Directory. By default the files reside in the directory Disc:\WINDOWS\ntfrs. You can exclude the following files:
- FRS Working Dir\jet\log\*.log;
- DB Log File Directory\log\*.log.
- Allocation folder and its all embedded folders. The folders are given in the branch of the system registry HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NtFrs\Parameters\Replica Sets\GUID\Replica Set Stage. By default the allocation folders reside in the directory Disc:\WINDOWS\sysvol\staging areas.
- Pre-setup folder of the FRS service. The folder resides by the following path root_replication_directory\ DO_NOT_REMOVE_NtFRS_PreInstall_Directory. Pre-setup folder is always open when the files replication service is running.
- Distributed file system (DFC). The same resources which are excluded from SYSVOL replication should be disabled when using the FRS service to replicate shared folders compared to DFC root and the link target folders on common computers or domain controllers running under Windows 2000 or Windows Server 2003 operating systems.
| 
Knowledge base
Product Info
System requirements
166 
2009 Sep 21 12:10
