Solved

How to remove Risk Found! from Symantec AntiVirus primary server?

Posted on 2008-10-30
6
1,397 Views
Last Modified: 2013-12-09
We have Symantec AntiVirus corporate (10.1.6.6000) I haven't had any experience managing it, though now I have that task. I have opened up Symantec System Centre on the primary server (we have only 1 antivirus server) and it shows Risk Found! for the primary server. This is also a Domino server and runs Symantec Mail Security for Domino. Attempting anything in System Centre gives an error about being unable to find the server (itself). Would really appreciate some guidance to deal with this issue.
0
Comment
Question by:cameronsaa
  • 4
  • 2
6 Comments
 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22855660
was the virus found in the server or was the virus found in one of the clients that the server manages?
try restarting the server running the sav for exchange and try again.

0
 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22862741
or youcan right click on the client that is show as infected then there is an option that say clear risk status....that will make the client not show up as infected but you still need to make sure the file was succesfully quarentine or deleted
0
 

Author Comment

by:cameronsaa
ID: 22864655
@jimmymcp02: Thanks for replying. No, no clients were showing as infected. btw its sav for Domino, not Exchange. The server itself showed with the Risk Found!. Scan of the server comes up clean.

Management console running on the server can't contact the server. Server still seems to be downloading and pushing out updates to clients ok.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22864675
>>Management console running on the server can't contact the server. Server still seems to be downloading and pushing out updates to clients ok.

That should not happen....look at your event logs perhaps and upadate was installed and it requireds a reboot in order to take effect.
0
 

Author Comment

by:cameronsaa
ID: 22872714
The server reboots daily.
There are a bunch of warnings in the app log: Could not scan 1 files inside <file path> due to extraction errors encountered by the Decomposer Engines.
Event ID: 6
Source: Symantec AntiVirus

I updated definitions on a client (to 3/11/08) and find that the server is still on an older set (2/11/08), that shouldn't be either I don't think!

Hopefully its just a misconfiguration and we haven't been pwned!
0
 
LVL 20

Accepted Solution

by:
jimmymcp02 earned 500 total points
ID: 22952436
Ok thanks for clarify.

as for the could not scan 1 file you will see that when the scan tries to scan zip files that contain exe. (most of the time is the virus def folders or databases) in which case you dont have to worry but you should double check your scan settings to make sure its setup propertly there are certain folders and files that need to be excluded from scans.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Trend Micro says it has blocked 9 encryption attempts 6 343
Windows 10 4 37
How do I Uninstall Sophos endpoint Security 8 67
How do I get rid of mic.com pop ups on my MAC? 9 1,039
HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now