First off, I hope I posted this in the correct forum. I've never heard it called Endpoint Protection before.
System: Windows XP Pro - Symantec Corp Edition Anti-Virus 10.0 (unmanaged computer)
___________________________________________________________
I noticed this weekend that one of our computers finished a "full scan" in about 5 minutes. Upon further investigation, I noticed that it had only scanned 25,xxx Files. I knew that this was not right as it had usually scanned 150,000 + files and takes about 45 minutes. I first checked the old Logs. I found that 8/11/09 was the last time that it scanned 150k + files. After that date, the log showed the Scheduled Full Scans as only scanning approx 25k files.
I tried google searching this issue with only a few hits of similar issues, but no solutions. I checked on MajorGeeks for answers and found nothing.
We have Malwarebytes (full version), SUPERAntiSpyware (full version), and Spybot all set to run nightly along with my Symantec, at different times. I went ahead and ran them all again anyway...all clean, no issues.
I ran CCleaner and Auslogics (one button clean up) to fix any disk errors, clean up the registry, and defrag.
I ran the Symantec "full scan" again, same result.
I uninstalled Symantec using the Add/Remove programs menu. Reinstalled it from the Install Disc and updated it. No change, same result.
I then tried the Manual Uninstall Procedure for 10.0. Followed every step, deleted all the appropriate registry entires, then ran CCleaner to clean up the registry. Installed 10.0 from the Install Disc. Same result, no change.
I uninstalled Symantec again and installed AVAST. All files (150,000+) were scanned and no issueswere found. I then uninstalled that and tried Trend Micro, same thing-scanned all files, no issues found. Uninstalled it and reinstalled Symantec.
Tried the MajorGeeks XP Clean up. Followed it step by step, ran the suggested programs and saved the appropriate logs. No issues found.
I checked all the rest of the computers at my work and found that 5 others were running this "partial" Full Scan, so it wasn't just a one-machine issue. But we have 15 other machines that are fine.
***The only thing I can think of that relates all these machines is that these 5 machines have all be wiped (or are new) within the last 12 months. But up until mid August, they all functioned properly and the FULL Scan option had always worked fine. ***
I called Symantec's Tech line and spoke with the level 1 tech. After searching, she had no advice (over and above what I had already tried) and could not transfer me to level 2 (aka: open a case) because my companies support program was expired (as of May 2008).
The computers function fine, they are all up-to-date and are scanned daily with Symantec AV, Malwarebytes, Spybot, & SUPERAntiSpyware. But having Symantec only scan 25k files worries me.
I shut off Malwarebytes, SUPERAntiSpyware, and Spybot and ran the scan again, still no change.
I investigated more and found that when I ran a "Full Scan", it acted more like a "Quick Scan" or "Start-Up" Scan. It would read, "Scanning Memory, Load Points, & Security Risks" then would scan a few files from "My Documents" then it would complete. It would not scan all the files from my C: Drive. I double checked to make sure that they weren't excluded, and they were not. No changes had been made to the set up, it was still on default. I did notice that there seemed to be more "Unknown DetectionAction" items than I had remembered seeing before, but maybe thats because I had never set and watched it scan before??
The computers are acting normal and not any slower than usual. But since the "Full Scan" and our "Scheduled Daily Scan" is only getting 25k files, I do worry that in the future we will be open to attack from virus's.
Any help would be great. I'm stumped. Thanks in advance.