Solved

How to remove Risk Found! from Symantec AntiVirus primary server?

Posted on 2008-10-30
6
1,401 Views
Last Modified: 2013-12-09
We have Symantec AntiVirus corporate (10.1.6.6000) I haven't had any experience managing it, though now I have that task. I have opened up Symantec System Centre on the primary server (we have only 1 antivirus server) and it shows Risk Found! for the primary server. This is also a Domino server and runs Symantec Mail Security for Domino. Attempting anything in System Centre gives an error about being unable to find the server (itself). Would really appreciate some guidance to deal with this issue.
0
Comment
Question by:cameronsaa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22855660
was the virus found in the server or was the virus found in one of the clients that the server manages?
try restarting the server running the sav for exchange and try again.

0
 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22862741
or youcan right click on the client that is show as infected then there is an option that say clear risk status....that will make the client not show up as infected but you still need to make sure the file was succesfully quarentine or deleted
0
 

Author Comment

by:cameronsaa
ID: 22864655
@jimmymcp02: Thanks for replying. No, no clients were showing as infected. btw its sav for Domino, not Exchange. The server itself showed with the Risk Found!. Scan of the server comes up clean.

Management console running on the server can't contact the server. Server still seems to be downloading and pushing out updates to clients ok.
0
SendBlaster Pro 4 - Bulk Email Sending Software

SendBlaster 4 Pro - Best Bulk Emailing Sending Software
Automatic Subscribe / Unsubscribe Processing
Great for Newsletters & Mass Mailings
Optional HTML & Text Composition
Integration with Google Features
Built in Spam Score Checking
Free Professional Templates - Feature Packed!

 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22864675
>>Management console running on the server can't contact the server. Server still seems to be downloading and pushing out updates to clients ok.

That should not happen....look at your event logs perhaps and upadate was installed and it requireds a reboot in order to take effect.
0
 

Author Comment

by:cameronsaa
ID: 22872714
The server reboots daily.
There are a bunch of warnings in the app log: Could not scan 1 files inside <file path> due to extraction errors encountered by the Decomposer Engines.
Event ID: 6
Source: Symantec AntiVirus

I updated definitions on a client (to 3/11/08) and find that the server is still on an older set (2/11/08), that shouldn't be either I don't think!

Hopefully its just a misconfiguration and we haven't been pwned!
0
 
LVL 20

Accepted Solution

by:
jimmymcp02 earned 500 total points
ID: 22952436
Ok thanks for clarify.

as for the could not scan 1 file you will see that when the scan tries to scan zip files that contain exe. (most of the time is the virus def folders or databases) in which case you dont have to worry but you should double check your scan settings to make sure its setup propertly there are certain folders and files that need to be excluded from scans.
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you got the Conficker. You could go to each machine and run the eye chart test (http://www.confickerworkinggroup.org/infection_test/cfeyechart.html), but in a bigger environment, or if you prefer to work smarter and not harder, you need some …
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question