fnbgppl
asked on
Virus within symantec
I had computers that began to reboot when they ran a certain function of a program. I ran clamwin on one of the client computers and it came up with the folowing:
ERROR: Can't open file C:\Program Files\Symantec AntiVirus\SAVRT\0927NAV~.T
ERROR: Can't open file C:\WINDOWS\system32\config
ERROR: Can't open file C:\WINDOWS\system32\config
ERROR: Can't open file C:\WINDOWS\system32\config
ERROR: Can't open file C:\WINDOWS\system32\config
ERROR: Can't open file C:\WINDOWS\system32\config
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\vd20d603.vdb: Trojan.Aavirus FOUND
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\vd20e404.vdb: Trojan.Aavirus FOUND
-- summary --
Known viruses: 46717
Engine version: 0.88
Scanned directories: 3388
Scanned files: 37672
Infected files: 2
Has anyone ever had this? This comes up after I uninstall/install symantec as well. symantec 10 enterprise. I am running clamwin on the server right now. Is this just in the quarantine file? If not why when I uninstall symantec will the program work? How do you go about tracing how a virus got into the system? Any help would be appreciated.
FNBGPPL
ERROR: Can't open file C:\Program Files\Symantec AntiVirus\SAVRT\0927NAV~.T
ERROR: Can't open file C:\WINDOWS\system32\config
ERROR: Can't open file C:\WINDOWS\system32\config
ERROR: Can't open file C:\WINDOWS\system32\config
ERROR: Can't open file C:\WINDOWS\system32\config
ERROR: Can't open file C:\WINDOWS\system32\config
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\vd20d603.vdb: Trojan.Aavirus FOUND
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\vd20e404.vdb: Trojan.Aavirus FOUND
-- summary --
Known viruses: 46717
Engine version: 0.88
Scanned directories: 3388
Scanned files: 37672
Infected files: 2
Has anyone ever had this? This comes up after I uninstall/install symantec as well. symantec 10 enterprise. I am running clamwin on the server right now. Is this just in the quarantine file? If not why when I uninstall symantec will the program work? How do you go about tracing how a virus got into the system? Any help would be appreciated.
FNBGPPL
ASKER
These ended up being false positives from clamwin
fnbgppl
fnbgppl
ah i c so all good now?
ASKER
Yes, but have you ever heard of symantec virus 10 enterprise causing problems with some interaction with ethernet cards. Specifically amdtek an983 10/100?
no i havent, norton shouldnt be touching anything to do with hardware whats it doing
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
not with symantec no, but then they have been known to do some stupid things to machines in the past, unless it detected the new driver as an issue, you may want to plug the driver name into the web site and see if there is any issues with it...
ASKER
I'll do that thanks alot
no worries mate
cheers
cheers
i would say anything in the symanted folder that it picks up will be quarrantined items. when you uninstall symantec it doesnt delete a lot of files, you have to manually do it yourself or do a google search for norton removal tools and take your pick..
permissions errors on the other folders i think, you can tryin running the scan in safe mode
also make sure you turn off system restore as it harbours malware....
Cheers!