Symantec Corporate v10

[Guest]

This has just been detected as a virus PWS.Bancos.a

Spoke to Symantec tech checked keys and all ok

So told to disable microsoft antispyware.

Using latest pattern 5805 in microsoft anti spyware beta

 

[Guest]

I just had a similar episode on both my Home and Work PC's. Unfortunately, I
wasn't as suspicious and allowed AntiSpyware to remove the registry keys.
Now my Symantec v8 is dead and I cannot re-install. I'll have to perform
some manual removal work before I'll be able to install Symantec again.

Other than this post, I've found nothing in other support areas about this
issue.

 

[Bill Sanderson]

This is a false positive in definition set 5805 for Microsoft Antispyware
beta1
..

Definitions 5807 have been released and are available now to eliminate this
false positive.

 

[Guest]

I was able to get my Symantec operational again by simply utilizing the
System Restore function. It must have restored the registry keys deleted by
AntiSpyware. I've downloaded the newer definitions and will be less trusting
of MSAS recommendations in the future. This is a big blow (in my opinion) to
the confidence one must have in their AntiSpyware vendor.

 

[Guest]

Agreed. This far into a beta -- the software should not disable critical
system security software (mainstream software, at that). I am seriously
contemplating removing the MS Antispyware beta software from all our machines.

I understand it's a beta, but this really is unacceptable.

 

[Bill Sanderson]

What have you tried, in terms of the Symantec uninstall and reinstall?

One post suggests that starting from the original CD may have better results
than attempting uninstall or repair install from add or remove programs.

I made one try before dinner time at finding info on this issue at
Symantec's site and failed.

They have uninstaller tools for their end-user versions, but I don't know
where to find equivalent tools for the Symantec Corporate line if they
exist.

--

 

[Bill Sanderson]

David--if you can email me off list I can offer some further assistance.

(e-mail address removed)

--

 

[Guest]

Thanks for all the help I had to use add remove and then reinstall v10.

As commented a shame Microsoft let this slip through

 

[Bill Sanderson]

I believe everyone involved realizes the seriousness of this situation.

I'm glad you've been able to recover--thanks for letting us know.
--

 

[Guest]

I get this message when i open SAV


SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Symantec AntiVirus\vpc32.exe
Event Info: Open Process
Action Taken: Blocked
Actor Process: C:\Program Files\Windows Defender\MsMpEng.exe (PID 1092)
Time: Wednesday, February 15, 2006 9:34:56 AM

 

[Bill Sanderson]

Thanks for posting that.

That's interesting--I suspect it is something that will need to get ironed
out by a Symantec signature change.

Windows Defender is still officially a beta, and vendors typically have not
been willing to include beta code, which may be more changeable than final
product code in such lists.

I suspect that Microsoft is aware of this, but I'll pass it along.

 

[Richard Hay]

Just as an add-on I am also running SAVCE 10 and am able to run the program
and run live update with no issues.

Running Windows XP SP2 all updates and Windows Defender.