Mrossman4
asked on
rtvscan.exe runtime error on startup, SAV Corp
I've been searching all over the internet for this issue. It seems many people have had to deal wth it, but I could not find any solutions.
I am running Symantec Antivirus Corporate Edition 10.1.5.5000 and on serveral of my workstations I am getting a runtime error on startup caused by rtvscan. Something will not let the Symantec Antivirus service start. When I try to start it manually I get the same error and the service stops. I tried unistalling the program and reinstalling, but I still get the same message.
I am running Symantec Antivirus Corporate Edition 10.1.5.5000 and on serveral of my workstations I am getting a runtime error on startup caused by rtvscan. Something will not let the Symantec Antivirus service start. When I try to start it manually I get the same error and the service stops. I tried unistalling the program and reinstalling, but I still get the same message.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks jimmymcp02.
Do you know the link where I can download the newest version? Is there a way SAV Corp can keep itself up to date?
Do you know the link where I can download the newest version? Is there a way SAV Corp can keep itself up to date?
Oh i forgot to answer your second question....
Is there a way SAV Corp can keep itself up to date
virus definitions yes.
Maintanance releases or patches no....you need to get it from the site above
Is there a way SAV Corp can keep itself up to date
virus definitions yes.
Maintanance releases or patches no....you need to get it from the site above
ASKER
I went to the link to download the latest version and it looks like it is now:
Symantec_Endpoint_Protecti on_11.0.42 02_MR4_MP2 _AllWin_EN _CD1.zip
Is this just the newest version of SAV CORP?
Symantec_Endpoint_Protecti
Is this just the newest version of SAV CORP?
no.... that end point.... you do not want that one.... thats a whole new av.... if you want to test end deploy later that fine but if you want to download a temp fix go to 10.1.8 then deploy it
Delete existing instance of WMI object root\securitycenter:Antivi rusProduct using "wbemtest" utility or any utility you like from "WMI Tools" package. Then reinstall Symantec product
Here are the steps:
" Go to a command prompt and run wbemtest
" Click the Connect button
" Replace root\default with root\securitycenter and click Connect
" You will be returned to the original screen, now click the Enum Classes button, leave the Superclass info box that appears as is (empty) and click OK
" On the Query Results screen, highlight AntivirusProduct and choose the Delete button.
" Close the Query windows and exit wbemtest
" Now either reinstall or repair Symantec Antivirus Corporate Edition
Here are the steps:
" Go to a command prompt and run wbemtest
" Click the Connect button
" Replace root\default with root\securitycenter and click Connect
" You will be returned to the original screen, now click the Enum Classes button, leave the Superclass info box that appears as is (empty) and click OK
" On the Query Results screen, highlight AntivirusProduct and choose the Delete button.
" Close the Query windows and exit wbemtest
" Now either reinstall or repair Symantec Antivirus Corporate Edition
I forgot to mention, this resolved install issues with both Endpoint and Corp editions.
Mike4CCM's solution worked great. I had a user who got infected with some kind of malware that replaced the legitimate SAV solution and disabled it. I cleaned the machine with Malwarebytes, but the RTVScan.exe registry keys were probably still corrupted. I tried repairing and removing the SAV 10.1.8 installation and I kept getting the runtime error after boot-up.
I used his procedure below:
Mike4CCM
10.13.2009 at 07:47AM PDT, ID: 25560522
Delete existing instance of WMI object root\securitycenter:Antivi rusProduct using "wbemtest" utility or any utility you like from "WMI Tools" package. Then reinstall Symantec product
Here are the steps:
" Go to a command prompt and run wbemtest
" Click the Connect button
" Replace root\default with root\securitycenter and click Connect
" You will be returned to the original screen, now click the Enum Classes button, leave the Superclass info box that appears as is (empty) and click OK
" On the Query Results screen, highlight AntivirusProduct and choose the Delete button.
" Close the Query windows and exit wbemtest
" Now either reinstall or repair Symantec Antivirus Corporate Edition
After doing a repair, the SAV installatin worked normally again. Good job Mike4CCM!
I used his procedure below:
Mike4CCM
10.13.2009 at 07:47AM PDT, ID: 25560522
Delete existing instance of WMI object root\securitycenter:Antivi
Here are the steps:
" Go to a command prompt and run wbemtest
" Click the Connect button
" Replace root\default with root\securitycenter and click Connect
" You will be returned to the original screen, now click the Enum Classes button, leave the Superclass info box that appears as is (empty) and click OK
" On the Query Results screen, highlight AntivirusProduct and choose the Delete button.
" Close the Query windows and exit wbemtest
" Now either reinstall or repair Symantec Antivirus Corporate Edition
After doing a repair, the SAV installatin worked normally again. Good job Mike4CCM!
Most SAV 10.1.5.x bugs have been fixed with 10.1 MR6 (10.1.6.x). To solve them you need to upgrade. Check the following KB article:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007647555649398?Open&src=w
Symantec Certified Specialist