Symantec.com
VERITAS.com
Partners
About Symantec
cartCart
WelcomeProducts & ServicesSecurity ResponseSupportSolutions & IndustriesLicensingTrainingStore
Enterprise
Symantec.com > Enterprise > Support > Knowledge Base


PRINT THIS PAGE PRINT THIS PAGE

Disabling the Quick Scan that runs after virus definitions update in Symantec AntiVirus 10.0 and Symantec Client Security 3.0

Question/Issue:
After you update virus definitions, Symantec AntiVirus Corporate Edition 10.0 runs a Defwatch Quick Scan. Symantec AntiVirus quarantines security risks for which you created an exception during this Quick Scan. You need to know how to disable the Defwatch Quick Scan.


Solution:

Before you begin: This document applies to Symantec AntiVirus 10.0 and Symantec Client Security 3.0. If you use Symantec AntiVirus 10.1 or Symantec Client Security 3.1, read the following document:
Disabling the Quick Scan that runs after virus definitions update in Symantec AntiVirus 10.1 and Symantec Client Security 3.1


A Quick Scan is a fast scan of the following:
To disable the Quick Scan that runs after virus definitions update, follow the directions for each type of computer in your environment.


Servers
You can disable the Defwatch Quick Scan by importing a .reg file or by editing the registry. After you make this change, the Quick Scan still runs after virus definitions update, but the Quick Scan does not scan any files.

To disable the Defwatch Quick Scan by importing a .reg file
To disable the Defwatch Quick Scan by editing the registry
  1. On the Windows taskbar, click Start > Run.
  2. In the Open box, type the following text:

    regedit

  3. Click OK.
  4. In the left pane of the Registry Editor, go to the following key:

    HKEY_LOCAL_MACHINE\Software\Intel\Landesk\VirusProtect6\CurrentVersion\LocalScans\Defwatch QuickScan Options

  5. In the right pane, double-click the ScanBootSector value.
  6. Change the Value data field to 0, and then click OK.
  7. In the right pane, double-click the ScanLoadPoints value.
  8. Change the Value data field to 0, and then click OK.
  9. In the right pane, double-click the ScanProcesses value.
  10. Change the Value data field to 0, and then click OK.
  11. Exit the Registry Editor.


Managed clients
You can disable the Defwatch Quick Scan on all managed clients by editing the registry on the parent server. After you make this change, the Quick Scan still runs after virus definitions update, but the Quick Scan does not scan any files.

To disable the Defwatch Quick Scan by editing the registry on the parent server
  1. On the Windows taskbar, click Start > Run.
  2. In the Open box, type the following text:

    regedit

  3. Click OK.
  4. In the left pane of the Registry Editor, go to the following key:

    HKEY_LOCAL_MACHINE\Software\Intel\Landesk\VirusProtect6\CurrentVersion\ClientConfig\LocalScans
  5. Right-click the LocalScans key, and then click New > Key.
  6. Type the following name for the key:

    Defwatch QuickScan Options
  7. Right-click the Defwatch QuickScan Options key, and then click New > DWORD Value.
  8. Type the following name for the key:

    ScanBootSector

  9. Right-click the Defwatch QuickScan Options key, and then click New > DWORD Value.
  10. Type the following name for the key:

    ScanLoadPoints


    Right-click the Defwatch QuickScan Options key, and then click New > DWORD Value.
  11. Type the following name for the key:

    ScanProcesses

  12. In the right pane, double-click the ScanBootSector value.
  13. Change the Value data field to 0, and then click OK.
  14. In the right pane, double-click the ScanLoadPoints value.
  15. Change the Value data field to 0, and then click OK.
  16. In the right pane, double-click the ScanProcesses value.
  17. Change the Value data field to 0, and then click OK.
  18. If you use client groups, go to the following key:

    HKEY_LOCAL_MACHINE\Software\Intel\LANDesk\VirusProtect6\CurrentVersion\Groups\<GroupName>\ClientConfig\LocalScans

    where <GroupName> is the name of a client group.

  19. Repeat steps 5–17, and then continue to step 20.
  20. Repeat steps 18 and 19 for each client group.
  21. Exit the Registry Editor.
  22. Start Symantec System Center, and unlock the server group.
  23. Right-click the parent server, and then click All Tasks > Symantec AntiVirus > Client Auto-Protect Options.
  24. Click Reset All, and then click OK.


Unmanaged clients
You can disable the Defwatch Quick Scan by importing a .reg file or by editing the registry. After you make this change, the Quick Scan still runs after virus definitions update, but the Quick Scan does not scan any files.

To disable the Defwatch Quick Scan by importing a .reg file
To disable the Defwatch Quick Scan by editing the registry
  1. On the Windows taskbar, click Start > Run.
  2. In the Open box, type the following text:

    regedit

  3. Click OK.
  4. In the left pane of the Registry Editor, go to the following key:

    HKEY_LOCAL_MACHINE\Software\Intel\Landesk\VirusProtect6\CurrentVersion\LocalScans\Defwatch QuickScan Options

  5. In the right pane, double-click the ScanBootSector value.
  6. Change the Value data field to 0, and then click OK.
  7. In the right pane, double-click the ScanLoadPoints value.
  8. Change the Value data field to 0, and then click OK.
  9. In the right pane, double-click the ScanProcesses value.
  10. Change the Value data field to 0, and then click OK.
  11. Exit the Registry Editor.




Technical Information:
The Defwatch Quick Scan does not use the exclusions or exceptions that are set for the Default Quick Scan, which runs when the computer starts. You cannot configure the DefWatch Quick Scan by using Symantec System Center or in the Symantec AntiVirus program interface.

In Symantec AntiVirus 10.1 and later, you can turn off the Deftwach Quick Scan for managed clients by using Symantec System Center.


 

Available Translations:



Document ID: 2005052514152448
Last Modified: 07/31/2006
Date Created: 05/25/2005
Operating System(s): Windows 2000, Windows XP Professional Edition, Windows Server 2003 32-bit Edition
Product(s): Symantec AntiVirus Corporate Edition 10.0, Symantec Client Security 3.0
Release(s): SAV 10.0, Symantec Client Security 3.0


Site Index · Legal Notices · Privacy Policy · · Contact Us · Global Sites · License Agreements
©1995 - 2009 Symantec Corporation