Message: "Scan stopped by user" when launching a manual scan

Article:TECH98622  |  Created: 1999-01-17  |  Updated: 2010-01-26  |  Article URL http://www.symantec.com/docs/TECH98622
Article Type
Technical Solution

Product(s)

Environment

Issue



You start a manual scan in Symantec AntiVirus (SAV) or in the Symantec System Center, and then you see the message "Scan stopped by user." Scans will not complete.


Cause



Low disk space; low resources.

Solution





Before you begin:

In early May, 2010, this error message has been reported on systems that are still running builds of Symantec Antivirus that are no longer supported (versions 8.x, 9.x). It is strongly recommended that users migrate up to a supported build to resolve this error message.

This problem can also happen when Symantec AntiVirus 10.x or Symantec Client Security 3.x is installed on the same computer as APC PowerChute 6.x or earlier.
For details, read the document Various problems occur with Symantec AntiVirus and APC PowerChute 6.x.


This problem has more than one cause, so more than one solution is provided. To fix the problem, try each of the following solutions in the order that they appear.

To correct the problem
  1. Delete all temporary files on the system.
  2. Verify that the computer has a valid directory specified for the TEMP variable.
    1. Open a Command Prompt.
    2. Type set and then press Enter.
    3. The TEMP= line indicates the path to the TEMP folder. Make sure that a folder exists at this path.
  3. Verify the amount of free space on the drive. A rule of thumb is to have at least 200 MB or 10% of the drive available as free space.
  4. After removing temporary files, defragment the drive.
  5. Create a permanent swap file to improve the performance.
  6. Restart the computer.

Some customers reported that disabling boot sector scanning eliminates the scan failure.


WARNING: In the following procedure you will modify the Windows registry. We strongly recommend that you back up the system registry before you make any changes. Incorrect changes to the registry could result in permanent data loss or corrupted files. Modify only the keys that are specified. See the document How to back up the Windows registry before proceeding.


To modify boot sector scan policy in the registry
  1. Open the Registry Editor, and then go to the following key:

    HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\LocalScans\ManualScan
  2. Set the ScanBootSector value to 0
  3. For scheduled scans on Norton AntiVirus Corporate Edition servers or clients, configured using the local GUI, set the ScanBootSector value in the right pane to 0 for the following registry keys:

    HKEY_USERS\.DEFAULT\Software\INTEL\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks\Default\BootScan
    HKEY_USERS\.DEFAULT\Software\INTEL\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks\Default Scan Options

Note: An alternative on Norton AntiVirus Corporate Edition clients is to set the ScanBootSector value for the following keys to 0. The HKEY_USERS... will automatically update.

HKEY_CURRENT_USER\Software\INTEL\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks\BootScan
HKEY_CURRENT_USER\Software\INTEL\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks\Default Scan Options




References
If you recently upgraded Windows NT to Service Pack 6, see the Microsoft article Security Update MS00-024 Breaks SHGetFolderPath in Shfolder.dll (Q303437).




Supplemental Materials

SourceETrack
Value355966

Legacy ID



1999121717035848


Article URL http://www.symantec.com/docs/TECH98622


Terms of use for this information are found in Legal Notices