"The malware scan Job fails "0xe000e20b : Malware is detected in the scan operation. It is recommended to evaluate the malware scan results before using the backup set for restore."
Article ID: 100072646
Updated On:
Description
Error Message
"The malware scan Job fails "0xe000e20b : Malware is detected in the scan operation. It is recommended to evaluate the malware scan results before using the backup set for restore."
While performing malware scan using Microsoft Defender:
Please refer to the Job log for more details.
While performing malware scan using Engine Symantec Protection Engine (SPE):
Please refer to the Job log for more details.
If you found the Malware Type/Virus Name as “Container size violation - scan incomplete” in the Job log , please follow the solution mentioned below.
Container size violation - scan incomplete
Cause
The Symantec Protection Engine (SPE) comes with a default configuration on the parameter MaxExtractSize, which is set to 100MB size. This means it can scan the compressed files ((iso/xls/zip files ,etc)) whose extract size is within MaxExtractSize parameter or else it will report it as a container size violation .
Resolution
Please follow the guidelines on how to configure the MaxExtractSize parameters while installing SPE and how to adjust it over time using SPE's utility.,
URL reference : Protection Engine message: "Container file size limit exceeded"
SPE provides a utility (XMLModifier.exe) to set the new value or turn off this feature by setting MaxExtractSize to 0 , so that all sizes of the compressed files will be scanned .
Steps to change the value to 0 is as below,
Step1 : Open the command prompt in Admin mode and run the command below,
C:\Program Files\Symantec\Scan Engine>XMLModifier.exe -s //filtering/Container/MaxExtractSize/@value 0 filtering.xml
Step 2: Restart the Symantec Protection Engine service.
Issue/Introduction
