Solved

Recommended Symantec anti-virus scanned exemptions

Posted on 2008-06-19
5
1,058 Views
Last Modified: 2013-11-22
Hello Fellow Experts,

We are looking to investigate ways to speed up the process of virus scanning. I understand that there are file exemptions that need to be added like log files. Currently what is happening is we have Symantec Anti-virus doing a virus scan and then a program call Counterspy is scanning the files again. This means its taking twice as long to complete this. Sounds easy enough.

I would like some help with determining what files Symantec recommends to exempt when doing the virus scan.

I  would also like the exemptions that Counterspy recommends.

I have found the Microsoft Recommendations for Windows computers here... http://support.microsoft.com/kb/822158

Any help on this would be greatly appreciated.
0
Comment
Question by:Will Szymkowski
  • 2
  • 2
5 Comments
 
LVL 32

Assisted Solution

by:r-k
r-k earned 200 total points
ID: 21825814
If you are using POP for email then it is best to not scan the folder that holds incoming mail as it comes in. The exact folder depends on your email client. For example, for Outlook Express or Netscape mail clients, see:

 http://service1.symantec.com/SUPPORT/sunset-c2002kb.nsf/0/1eaf48583159f2f885256edd00478d61?OpenDocument&seg=en&lg=en&ct=us

There are similar problems with other mail clients as well.

I am not sure if your question implied this, but I also suggest that people exclude several files by "type", i.e. by extension, from real-time scanning. This can siginificantly speed-up loading applications that use large files, like movies, pictures, paowerpoint etc. These files rarely contain viruses, so it just wastes time to scan them each time you access them. Note that this does open a very small opening for some rare virus to get through, so it's a trade off. I've never seen anyone get infected with PPT macro virus in the last many years, and newer versions of PPT should block it anyway.
0
 
LVL 23

Expert Comment

by:Mohammed Hamada
ID: 21825826
The most important files that needs to be scanned are the usual known files which ends with familiar extensions e.g. "Exe, bat, jpeg, doc".

I believe that Symantec already has a list of lots of them, however you will need to decrease this list to consist of the most important extensions.

Attached to you below a list of extensions that you can include for scan.

for more help with extensions see the link below

http://filext.com/alphalist.php?extstart=^A
{*

ASP

BAT

CGI

CHM

CLA

CLASS

CMD

COM

CPL

CSC

CSS

DLL

DOC

DOT

ELF

EML

EXE

HLP

HTA

HTM

HTML

HTT

INF

INI

JS

JSE

LNK

MD?

MPP

MPT

MSO

NWS

OCX

OV?

PDF

PHP

PIF

POT

PP?

RPC

RB

REG

RTF

SCR

SCT

SH

SHB

SHS

SMIL

SRC

SWF

SYS

THE

THEME

VBE

VSD

VXD

WSC

WSF

WSH

XL?

Open in new window

0
 
LVL 53

Author Comment

by:Will Szymkowski
ID: 21829901
Thanks for the input very helpful. But is there any sites that list this from Symantec and or Counterspy?
0
 
LVL 23

Accepted Solution

by:
Mohammed Hamada earned 300 total points
ID: 21833799
I found this here
http://www.hds.com/assets/pdf/nas-symantic-antivirus-scan-engine.pdf
Check page 23 and 24.

Inclusion List: The default file extension inclusion list is as follows: ACE, ACM, ACV, ACX, ADT, APP, ASD,
ASP, ASX, AVB, AX, BAT, BO, BIN, BTM, CDR, CFM, CHM, CLA, CLASS, CMD, CNV, COM, CPL, CPT, CPY,
CSC, CSH, CSS, DAT, DEV, DL, DLL, DOC, DOT, DVB, DRV, DWG, EML, EXE, FON, GMS, GVB, HLP, HTA,
HTM, HTML, HTT, HTW, HTX, IM, INF, INI, JS, JSE, JTD, LIB, LGP, LNK, MB, MDB, MHT, MHTM, MHTML,
MOD, MPD, MPP, MPT, MRC, MS, MSG, MSO, MP, NWS, OBD, OBT, OBJ, OBZ, OCX, OFT, OLB, OLE,
OTM, OV, PCI, PDB, PDF, PDR, PHP, PIF, PL, PLG, PM, PNF, PNP, POT, PP, PPA, PPS, PPT, PRC, PWZ,
QLB, QPW, REG, RTF, SBF, SCR, SCT, SH, SHB, SHS, SHT, SHTML, SHW, SIS, SMM, SWF, SYS, TD0, TLB,
TSK, TSP, TT6, VBA, VBE, VBS, VBX, VOM, VS, VSD, VSS, VST, VWP, VXD, VXE, WBT, WBK, WIZ, WK, WML,
WPC, WPD, WS, WSC, WSF, WSH, XL, XML, XTP, 386. File extensions may be added or removed from the list
to customize it over time.
0
 
LVL 32

Expert Comment

by:r-k
ID: 21848484
Thanks and good luck!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A high-level exploration of how our ever-increasing access to information has changed the way we do our jobs.
I use more than 1 computer in my office for various reasons. Multiple keyboards and mice take up more than just extra space, they make working a little more complicated. Using one mouse and keyboard for all of my computers makes life easier. This co…
This video demonstrates how to use each tool, their shortcuts, where and when to use them, and how to use the keyboard to improve workflow.
This video will demonstrate how to find the puppet warp tool from the edit menu and where to put the points to edit.

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now