XESE.DLL file is present

[This topic is intended to address a specific issue called out by the Exchange Server Analyzer Tool. You should apply it only to systems that have had the Exchange Server Analyzer Tool run against them and are experiencing that specific issue. The Exchange Server Analyzer Tool, available as a free download, remotely collects configuration data from each server in the topology and automatically analyzes the data. The resulting report details important configuration issues, potential problems, and nondefault product settings. By following these recommendations, you can achieve better performance, scalability, reliability, and uptime. For more information about the tool or to download the latest versions, see "Microsoft Exchange Analyzers" at https://go.microsoft.com/fwlink/?linkid=34707.]  

Topic Last Modified: 2005-11-18

The Microsoft® Exchange Server Analyzer Tool queries the CIM_Datafile Microsoft Windows® Management Instrumentation (WMI) class to determine the value of the Version key for a file called Xese.dll.

If the Exchange Server Analyzer is able to obtain a Version value for this file, it indicates that the file exists, and an error is displayed.

Some ESE-based antivirus programs use an unsupported interface between the Exchange information store and the Extensible Storage Engine (ESE). When you use this type of software, you run the risk of database damage and data loss if there are errors in the implementation of the software.

During installation, the ESE-based scanner changes the Microsoft Exchange Information Store service so that it is dependent on the ESE-based antivirus program's service. This makes sure that the ESE-based antivirus program's service starts before the Microsoft Exchange Information Store service starts. When the ESE-based antivirus program starts, the version of Ese.dll included with Exchange Server is temporarily renamed as Xese.dll, and the ESE-based antivirus program's version of Ese.dll replaces the original file. After the ESE-based antivirus program's version of Ese.dll is loaded, the version included with Exchange Server is renamed back to Ese.dll, and the Microsoft Exchange Information Store service completes the startup process.

To resolve this warning

  1. It is strongly recommended that you do not use non-Microsoft implementations of the ESE on Exchange Server computers. Customers who contact Microsoft Product Support Services may be asked to disable the ESE-based antivirus program to help identify issues, but customers are free to enable the software again after the root cause of the issue is correctly diagnosed.

  2. The most widely used ESE-based antivirus program is Antigen for Microsoft Exchange from Sybari Software. Microsoft and Sybari agree that disabling Sybari Antigen is a valid troubleshooting step to determine the cause of issues. To contact Sybari Software, see the Sybari Software Web site (http://www.sybari.com).

    Note

    The third-party Web site information is provided to help you find the technical information you need. The URLs are subject to change without notice.

  3. It is recommended that you use antivirus programs that support the Virus Scanning Application Programming Interface (VSAPI), also known as the AntiVirus API (AVAPI).

For more information about running antivirus software on Exchange Server, see the following Microsoft Knowledge Base articles: