Version
6.0.2.x
7.x
Issue
Endpoints have both Parity and Sunbelt Vipre AntiVirus installed.
Symptoms
Customer may be experiencing all or some of the following issues:
+ Intermittent blocks on Vipre *.dll and *.sys files occur, especially at system start up.
+ Blocked files may no longer exist on system.
+ Locally approving does not resolve issue.
+ Process involved can be a system process.
+ Long installations.
+ Poor performance over the network with applications such as Excel.
Cause
A best practice is to configure all real time scanners to avoid scanning each other, especially during critical operations that can fail if exclusions are not in place.
Sunbelt Vipre updates their scan engine about once a quarter.
Solution
Parity side configurations include adding custom rules that reflect the Vipre environment. A Performance Optimization rule is not appropriate and will actually increase symptoms rather than improve the situation.
Note that the paths can vary depending on the following factors:
- Historical upgrade paths from Sunbelt Vipre AntiVirus
- Other Live scanner products installed on the same system
- Operating system (XP, Vista, Windows 7, etc… newer)
- 32 versus 64 bit
Here is an example of a typical "vanilla" Sunbelt Vipre installation:
Type: Advanced
Operation: Execute and Write
Execute Action: Allow and Promote
Write Action: Approve
Paths
C:\Program Files\Sunbelt Software\Vipre\*
C:\Program Files\Sunbelt Software\*
Process
System Process
*\Sbamsvc.exe
*\Sbamtray.exe
Please see https://community.bit9.com/docs/DOC-1310?sr=stream for suggested exclusion on Bit9 files and folders.
