Backup Exec for Windows Servers - Backup and Restore job rates are extremely slow when McAfee Anti-virus Software is installed on the same machine

Problem

Backup Exec for Windows Servers - Backup and Restore job rates are extremely slow when McAfee Anti-virus Software is installed on the same machine

Solution


Exclude the following processes (if they are exist in the system) from within McAfee (Change C:\ as needed depending on which root volume the Media Server or Remote Agent is installed to)

C:\Program Files\Symantec\Backup Exec\beremote.exe
C:\Program Files\Symantec\Backup Exec\beserver.exe
C:\Program Files\Symantec\Backup Exec\bengine.exe
C:\Program Files\Symantec\Backup Exec\benetns.exe
C:\Program Files\Symantec\Backup Exec\pvlsvr.exe
C:\Program Files\Symantec\Backup Exec\BackupExec.exe
C:\Program Files\Symantec\Backup Exec\BkUpexec.exe
C:\Program Files\Symantec\Backup Exec\backupexecmanagementservice.exe
C:\Program Files\Symantec\Backup Exec\bedbg.exe
C:\Program Files\Symantec\Backup Exec\pdvfsservice.exe
C:\Program Files\Symantec\Backup Exec\spad.exe
C:\Program Files\Symantec\Backup Exec\spoold.exe
C:\Program Files\Symantec\Backup Exec\pddb\bin\pg_ctl.exe

How to add critical Media Server processes to McAfee's Low-Risk Processes List

1. Launch the McAfee VirusScan Console.
2. Right-click on On-Access Scanner and select Properties:

 

3. Navigate to All Processes > Processes tab.
4. Switch the radio button to "Use different settings for high-risk and low-risk processes:"

 

5. Navigate to Low-Risk Processes > Processes tab > click Add > click Browse:

 

6. Process by process - add this list of Backup Exec processes (if they are exist in the system) to the list of Low-Risk Processes:

C:\Program Files\Symantec\Backup Exec\beremote.exe
C:\Program Files\Symantec\Backup Exec\beserver.exe
C:\Program Files\Symantec\Backup Exec\bengine.exe
C:\Program Files\Symantec\Backup Exec\benetns.exe
C:\Program Files\Symantec\Backup Exec\pvlsvr.exe
C:\Program Files\Symantec\Backup Exec\BackupExec.exe
C:\Program Files\Symantec\Backup Exec\BkUpexec.exe
C:\Program Files\Symantec\Backup Exec\backupexecmanagementservice.exe
C:\Program Files\Symantec\Backup Exec\bedbg.exe
C:\Program Files\Symantec\Backup Exec\pdvfsservice.exe
C:\Program Files\Symantec\Backup Exec\spad.exe
C:\Program Files\Symantec\Backup Exec\spoold.exe
C:\Program Files\Symantec\Backup Exec\pddb\bin\pg_ctl.exe

7. Once all of the above processes have been added, with Low-Risk Processes selected, select the Detection tab and uncheck When writing to disk and When reading from disk:

 

How to add Backup Exec paths to McAfee's list of what not to scan:

1. Within On-Access Scan Properties, select Default Processes on the left column, then select the Detection tab.  Click on Exclusions for the category of What not to scan.

 

2. Click Add and individually browse out to these three locations adding each in turn:

C:\Program Files\Symantec\Backup Exec\*  (be sure to append * to the path once each path has been added)
C:\ProgramData\Symantec\CRF\*

Note:
If Backup Exec uses backup-to-disk locations or deduplication storage, check locations and add each paths. For example;
<Drive Letter>:\BEData\*
<Drive Letter>:\BackupExecDeduplicationStorageFolder\*
 
3. Within path excluded, be sure also to exclude subfolders, and On read and On write are all checked.

How to configure McAfee to not scan files open for backup:

1. Under Default Processes, Low-Risk Processes and High-Risk Processes, click on the Advanced Tab and uncheck Scan files open for backup:

 

Note:  Any machine - Media Server or Remote Agent - which is running McAfee should have its McAfee properties modified to disable Scan files opened for Backup. Each machine with a Remote Agent installed should be individually modified with this setting unless centralized changes can be made to all clients from a single location (for example, by using McAfee's Event Policy Orchestrator).

Disable scanning of files opened for backup via Registry if can't find the option in McAfee Console
https://kc.mcafee.com/corporate/index?page=content&id=KB72334 
 
Configure McAfee to allow Backup Exec to use tftp
The Access Protection rule "Anti-virus Standard Protection --> Prevent use of tftp.exe" is disabled by default. If it is enabled, the following exclusions must be added:
  1. Click Start, Programs, McAfee, VirusScan Console.
  2. Double-click Access Protection.
  3. Select Anti-virus Standard Protection.
  4. Select Prevent use of tftp.exe, and click Edit.
  5. In the Processes to exclude: box, add the Backup Exec process names separated by a comma:
    beremote.exe, beserver.exe, bengine.exe, benetns.exe, pvlsvr.exe, BackupExec.exe, BkUpexec.exe, backupexecmanagementservice.exe, bedbg.exe, pdvfsservice.exe, spad.exe, spoold.exe, pg_ctl.exe
  6. Click OK to save and close both windows.


For additional information on these settings, please reference McAfee source material:
https://mysupport.mcafee.com/Eservice/Default.aspx

Understanding High-Risk, Low-Risk, and Default processes configuration and usage
https://kc.mcafee.com/corporate/index?page=content&id=KB55139

Creating Low-Risk Process exclusions in VirusScan Enterprise
https://kc.mcafee.com/corporate/index?page=content&id=KB58692

Understanding VirusScan Enterprise Exclusions

VirusScan Enterprise exclusions for Symantec Backup Exec

https://kc.mcafee.com/corporate/index?page=content&id=KB68701

 

Terms of use for this information are found in Legal Notices.

Search

Survey

Did this article answer your question or resolve your issue?

No
Yes

Did this article save you the trouble of contacting technical support?

No
Yes

How can we make this article more helpful?

Email Address (Optional)