Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Omitting Files on Scan

Created: 20 Jan 2010 • Updated: 21 May 2010 | 5 comments
This issue has been solved. See solution.

We are having various issues with our full scans. The servers and a desktop are omitting 20-40% of their files. There should not be this many files in use at 2 am, and we have it set to scan all files and programs.

Another piece of the puzzle is that we recently battled with a conficker/virut infection. We did remove all systems from the network and ran removal tools, then applied Norton and ran all Windows update. We were getting pinged by a missing machine - which turned out to be a tv which used as a monitor in the lobby - now disconnected.

downadupB has popped up twice after the cleaning, but we don't know how - Norton is quarantining and deleting it. I would like to force a scan of ALL  files.

Any advice for a fairly non-techie user?

Thanks.

Comments 5 CommentsJump to latest comment

Vikram Kumar-SAV to SEP's picture

 Reasons for omitting the file

"Could not scan [#] files inside [path][filename] due to extraction errors encountered by the Decomposer Engines" during a scan

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2002073015235648

Enable risk tracer and IPS to find out the machine which is attacking
https://www-secure.symantec.com/connect/articles/worms-and-threats-spread-across-networks-network-shares-have-become-more-common-recent-year


Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.

SOLUTION
Visu310's picture

By default SEP excludes certain folders like the SEPM db, exchange and AD... Apart from that. as Vikram has already told, decomposer engine failures.... You dont have to worry as long as SEP can pick the threat and quarantine (or any action) on it... If you repeatedly getting a threat in your network, then I guess we will have to take it seriously... We willl have to find out the damn source... for which I'd suggest you to enable "risk tracer" ... :)

Cheers,
Visu.

Cheers,
Visu.

I came, I saw, I err ;)

ceego's picture

Thanks. I will make sure we run the Risk Tracer.

So, that we are omitting about 60,000 files is not necessarily a problem? They are all listed as the "extraction error encountered by the Decomposer Engine"

Thanks again.

Vikram Kumar-SAV to SEP's picture

 That is correct ..omiited files are not a problem..however read other articles on downadup on how to be protected from it.

Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.