[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Symantec Antivirus Notification help with Corp Edition

Posted on 2006-07-14
5
Medium Priority
?
707 Views
Last Modified: 2008-01-09
I have a customer using Symantec Corp Edition and they have one virus poping up.

The name is :  kbdFIG.dll and symantec says it can't remove it.

I've started in SAfe mode and Disabled the System restore button and it still does it.

I've checked out Norton/Symantec site but I must be looking in the wrong spot.

Any help thanks!

Paul
0
Comment
Question by:paulbarstool
5 Comments
 
LVL 38

Expert Comment

by:younghv
ID: 17109181
Paul,
Are you sure of the spelling "kbdFIG.dll"?
I can't find any reference to it anywhere.
Vic
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 17112814
Does Symantec tell you the location of the said file?

Can we look at your hijackthis log?
Please download HijackThis 1.99.1
http://www.cyberanswers.org/forum/uploads/HijackThis1991.exe
Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.

Then go to the below link and login using your Experts-Exchange username and password.
http://www.ee-stuff.com
Click on "Expert Area" tab
type or paste the link to your Question
"Browse" your pc to the location of your Hijackthis log and click "Upload"
Copy the resulting "url" and post it back here.


OR: paste the log to either of these sites:
1. http://www.rafb.net/paste/
then at the bottom left corner click "paste"
Copy the address/url and post it here.

2. or at --> http://www.hijackthis.de/ 
and click "Analyse", click "Save".  Then post the link to the saved list here.
0
 
LVL 32

Expert Comment

by:r-k
ID: 17113507
I would suggest the following (already mentioned by rpggamergirl above)

Download and run HijackThis from http://www.hijackthis.de/
Copy-and-paste the resulting log back to that same web site (not here)
Click on "Analyze", and then click on "Save Analysis" at the bottom of the next page.
Finally post a link here to the saved analyzed page.

Then, do the following:

First locate the file named kbdFIG.dll (probably in c:\windows or c:\windows\system32)

Then:

(0) If running XP Home, boot in safe mode, if XP Pro or 2000, then start with step (1)

(1) Right click on the file in Windows Explorer or My Computer, select Properties

(2) Click on the Security tab.

(3) Click on the Advanced button.

(4) Uncheck the box labeled "Inherit from Parent...", then click "Remove"

(5) Close all windows.

(6) Reboot (into normal mode)

After reboot the file(s) will be unable to run (because no one can access them any more). The symptoms should be gone.

At that point I would suggest a full scan with Symantec AV again in case some other files were being masked by the dll.


0
 
LVL 1

Expert Comment

by:PJulius
ID: 17125673
You might want to try another antivirus utility as well; often different utilities will disagree on what they find and what they can kill. You might have more luck clearing out the infection with AVG Free or some other antivirus.
0
 
LVL 38

Accepted Solution

by:
younghv earned 750 total points
ID: 17126693
For 'on-line' scans that don't interfere with your existing AV, you can use:
http://www.kaspersky.com/virusscanner
http://housecall.trendmicro.com/
http://www.bitdefender.com/index.php?tab=0
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An overview of cyber security, cyber crime, and personal protection against hackers. Includes a brief summary of the Equifax breach and why everyone should be aware of it. Other subjects include: how cyber security has failed to advance with technol…
Securing your business data in current era should be your biggest priority. Numerous people are unaware of the fact that insiders commit more than 60 percent of security breaches. You need to figure out the underlying cause and invoke your potential…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question