[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Virus within symantec

Posted on 2006-03-22
11
Medium Priority
?
1,082 Views
Last Modified: 2013-12-04
I had computers that began to reboot when they ran a certain function of a program.  I ran clamwin on one of the client computers and it came up with the folowing:

ERROR: Can't open file C:\Program Files\Symantec AntiVirus\SAVRT\0927NAV~.TMP
ERROR: Can't open file C:\WINDOWS\system32\config\default
ERROR: Can't open file C:\WINDOWS\system32\config\SAM
ERROR: Can't open file C:\WINDOWS\system32\config\SECURITY
ERROR: Can't open file C:\WINDOWS\system32\config\software
ERROR: Can't open file C:\WINDOWS\system32\config\system

C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\vd20d603.vdb: Trojan.Aavirus FOUND
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\vd20e404.vdb: Trojan.Aavirus FOUND
-- summary --
Known viruses: 46717
Engine version: 0.88
Scanned directories: 3388
Scanned files: 37672
Infected files: 2

Has anyone ever had this?  This comes up after I uninstall/install symantec as well.  symantec 10 enterprise.  I am running clamwin on the server right now.  Is this just in the quarantine file?  If not why when I uninstall symantec will the program work?  How do you go about tracing how a virus got into the system?   Any help would be appreciated.

FNBGPPL
0
Comment
Question by:fnbgppl
  • 5
  • 4
9 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16292063
Hi fnbgppl,

i would say anything in the symanted folder that it picks up will be quarrantined items. when you uninstall symantec it doesnt delete a lot of files, you have to manually do it yourself or do a google search for norton removal tools and take your pick..

permissions errors on the other folders i think, you can tryin running the scan in safe mode

also make sure you turn off system restore as it harbours malware....

Cheers!
0
 
LVL 1

Author Comment

by:fnbgppl
ID: 16333448
These ended up being false positives from clamwin

fnbgppl
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16337330
ah i c    so all good now?
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
LVL 1

Author Comment

by:fnbgppl
ID: 16337820
Yes, but have you ever heard of symantec virus 10 enterprise causing problems with some interaction with ethernet cards.  Specifically amdtek an983 10/100?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16337897
no i havent, norton shouldnt be touching anything to do with hardware    whats it doing
0
 
LVL 1

Accepted Solution

by:
fnbgppl earned 0 total points
ID: 16337926
sending me a bsod and reboot on some machines and just logging the user off on others.  I ended up having to reinstall an older version of the driver which fixed the problem, but touching 100 computers was not a joy.  I was just wondering if you had any idea of how it could have even occurred.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16337963
not with symantec no, but then they have been known to do some stupid things to machines in the past, unless it detected the new driver as an issue, you may want to plug the driver name into the web site and see if there is any issues with it...
0
 
LVL 1

Author Comment

by:fnbgppl
ID: 16337965
I'll do that thanks alot
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16338059
no worries mate

cheers
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question