If you already have VDDK
installed on your computer then SOIS uses it for scanning VMDK
files. However SOIS is compatible only with VDDK
1.2.0.230216. If you have any other version then uninstall it
and run SOIS again.
If you get Error: Failed to
start service, restart your computer and try again.
SOIS installs the Microsoft
Visual C++ 2005 SP1 Redistributable Package (x86) on your computer
if it is not already installed. If you face any problems during the
installation of this component please check the Event Log for
errors.
If you get
"7-ZIP : Data error", this could be because you do not have
sufficient diskspace in your Windows temp folder. To fix this
problem you need to free up diskspace and try again. For details
about disk space requirements of SOIS please refer to the Installation Prerequisites
section.
When SOIS is run for the first time it installs
the VDDK driver on your computer. This driver remains installed
until you remove it using the --removeDriver option. If you
would like to install VDDK after SOIS has been run on your
computer, please remove the driver using --removeDriver
before you install VDDK [Removing the
VDDK driver installed by SOIS].
Scanning related
problems
If you get a popup message
Command line option syntax error. Type command /? for help,
this could be because you are running SOIS on a non-English OS and
the logged-in username has DBCS characters in it. This is a known
issue with DBCS usernames and can be resolved using this knowledge
base article by Microsoft: http://support.microsoft.com/kb/952211
If Symantec Endpoint
Protection (SEP) or Symantec AntiVirus (SAV) displays alerts about
files that are being scanned by SOIS, you need to configure SOIS
and SEP/SAV so that they are compatible and do not interfere with
each other. The section on Compatibility with Symantec security
products describes the steps you need to take for SOIS and
SEP/SAV to coexist on the same computer.
If you get Error: Failed to open VMDK
file [VMDK File Name]
1. Check if the file being scanned is a valid Windows VM virtual
disk file and you can power it ON using VMware Player/Workstation.
SOIS cannot scan VMDK files that are corrupt.
2. Check if the VMDK file is in use or if it is in a suspended
state. If that is the case, power ON the Virtual Machine and shut
it down properly before starting the scan. SOIS scans offline VMDK
files only.
If you get Error: AV definitions
folder does not exist
1. Check if the specified AV definitions folder exists. You need to
specify a valid folder that can be accessed by
SOIS.
If you get Error: Failed to initialize
scanner
1. Check if the AV definitions folder contains valid definitions
supplied by Symantec. Please specify a folder with correct AV
definitions or use definitions from SEP.
2. Check if you have specified a path for temporary files using the
--tempPath option. This folder should have write permissions
and have at least 100 MB of free disk space.
3. Check if you are running SOIS on a non-English version of
Windows and have used a non-English name for the AV definitions
folder. SOIS may not work correctly if the path to the AV
definitions folder contains non-English characters. You may use
only English characters in the entire path to the AV definitions
folder.
If you get Error: Out of
memory
1. You do not have enough memory to run SOIS. Close some running
applications to free up memory and start the scan
again.
If you get Error: Could not open log
file for writing
1. Check if the file specified using --log already exists
but is read-only. Please specify a file that has write
permissions.
2. Check if the file specified using --log is actually a
folder and not a file. Please specify a file name that is different
from a folder name at that location.
3. Check if you have permissions to append to the specified file,
or create it if the file doesn't
exist.
If you get Error: Incorrect
BloodHound(TM) Level
1. BloodHound Level can have only one of the following values: 0,
1, 2 or 3. Please specify a valid BloodHound
Level.
If you get Error: VMDK file has no
volumes to scan [VMDK File Name]
1. Check if the specified file is a valid VMDK file and contains
files inside it. You can check this by powering ON the VM using
VMware Player/Workstation. This error indicates that the VMDK file
is either empty or corrupt.