?
Solved

How to remove Risk Found! from Symantec AntiVirus primary server?

Posted on 2008-10-30
6
Medium Priority
?
1,403 Views
Last Modified: 2013-12-09
We have Symantec AntiVirus corporate (10.1.6.6000) I haven't had any experience managing it, though now I have that task. I have opened up Symantec System Centre on the primary server (we have only 1 antivirus server) and it shows Risk Found! for the primary server. This is also a Domino server and runs Symantec Mail Security for Domino. Attempting anything in System Centre gives an error about being unable to find the server (itself). Would really appreciate some guidance to deal with this issue.
0
Comment
Question by:cameronsaa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22855660
was the virus found in the server or was the virus found in one of the clients that the server manages?
try restarting the server running the sav for exchange and try again.

0
 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22862741
or youcan right click on the client that is show as infected then there is an option that say clear risk status....that will make the client not show up as infected but you still need to make sure the file was succesfully quarentine or deleted
0
 

Author Comment

by:cameronsaa
ID: 22864655
@jimmymcp02: Thanks for replying. No, no clients were showing as infected. btw its sav for Domino, not Exchange. The server itself showed with the Risk Found!. Scan of the server comes up clean.

Management console running on the server can't contact the server. Server still seems to be downloading and pushing out updates to clients ok.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22864675
>>Management console running on the server can't contact the server. Server still seems to be downloading and pushing out updates to clients ok.

That should not happen....look at your event logs perhaps and upadate was installed and it requireds a reboot in order to take effect.
0
 

Author Comment

by:cameronsaa
ID: 22872714
The server reboots daily.
There are a bunch of warnings in the app log: Could not scan 1 files inside <file path> due to extraction errors encountered by the Decomposer Engines.
Event ID: 6
Source: Symantec AntiVirus

I updated definitions on a client (to 3/11/08) and find that the server is still on an older set (2/11/08), that shouldn't be either I don't think!

Hopefully its just a misconfiguration and we haven't been pwned!
0
 
LVL 20

Accepted Solution

by:
jimmymcp02 earned 1500 total points
ID: 22952436
Ok thanks for clarify.

as for the could not scan 1 file you will see that when the scan tries to scan zip files that contain exe. (most of the time is the virus def folders or databases) in which case you dont have to worry but you should double check your scan settings to make sure its setup propertly there are certain folders and files that need to be excluded from scans.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
PREFACE The purpose of this guide is to provide information to successfully install the MS SQL client tools for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technology…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question