Showing results for 
Show  only  | Search instead for 
Did you mean: 

Scan Timed Out and access denied

When running AV scans enterprise-wide I sometimes get various messages, such as 'scan timed out', 'access denied', 'Scan was cancelled', 'clean error'.

Could you please tell me how to properly resolve these?

Using epo 4.5, AV 8.7.0, HIPS 7.0


Message was edited by: newbieal on 3/7/11 8:29:51 AM CST
4 Replies
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Scan Timed Out and access denied

Scan timeout events are normally from the VirusScan On-Access - General properties values of 'Maximum Archive can Time' or 'Enforce a maximum Scanning Time for all files'.

it's ok to recieve this message, but if you wish you can turn both settings off or increase the values. The defaults are 15 seconds and 45 seconds repsectively which is a fair trade off between scanning most files to completion and not hogging resources locally.

Access denied normally means the file was locked in memory during scan attempt. There's not a lot you can do about that, it will happen, it's Windows - you will see this during an on-demand scan. Again, it's normal to see these on certain files that are like to be locked. (pagefile for example). If you see files you know will be locked, exclude them from the on-demand scan.

Scan was cancelled - Short of changing the VirusScan policy to lock down the local interface there's not much you can do here either, especially If the users have local admin rights. Take a look at the user interface policies to see what you can do to stop users cancelling scans.

Clean errors need investigating in detail as they are often quite specific. it suggested malware not resolved. Take a look at the local scan logs for more detail, perhaps the local Quarantine manager too. Make sure dats are up to date and if necessary submit samples to McAfee for analysis.



Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Scan Timed Out and access denied

Time out events can also be an indicator that an exclusion may be needed. I've seen lots of home-grown, and legacy applications/scripts that are just plain fugly.

Scan cancelled can also occur if you've set a maximum duration in the task settings.

I have seen people filter-out these types of events, but I highly advise against that. At the very least keep them for a few days, then purge them. I would rather have the data if/when I need to troubleshoot, than have to recreate afterward.

Re: Scan Timed Out and access denied

I get scan cancelled even on my machine (although I never took an action to cancel).  I'm still confused as to what would cause that.  But joeleisenlipz you mention: Scan cancelled can also occur if you've set a maximum duration in the task settings..  Where is this setting and what should it be set to so that I can avoid the 'scan canceled' situation.  Thanks.

Re: Scan Timed Out and access denied

Could someone please provide additional help on this issue?  I still get these events.  Thank you.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community