[Help] - Yeah, I'm sure it virus related

[straytoasters]

Starting a few days ago Symantec Anti-virus auto protect stopped working, if you try to activate it you get a error or popup "Rtvscan.exe - Corrupt File. The file or directory \program files\symantec\antivirus\savrt.dat. Please run the chkdsk utility". If you right click on pretty much anything Symantec tries to install itself (again), you can click cancel and do what you want though. Ok, well here is what I have done so far:

Ran the chkdsk

Removed SAV and reinstalled a fresh copy and updated with fresh virus defs.

No changes. Yeah, I havent done much, as I plan on just doing a format/reinstall, but I was just wondering if anyone had hear of what (virus) does this?

Straytoasters

[CptMurphy]

I've heard of viruses corrupting scanners. It's usually the ones that are really nasty and can survuve even after you reformat ur disk. If you want to be sure, get a copy of Active@killdisk. The free version overwrites ur disk with 0s. Not the best security but it'll really clean up the disk of any remnants of whatever you may have.

[LLXX]

Might be a boot sector virus. Those are difficult to remove. As previous poster mentioned, using programs that completely overwrite the disk will eliminate them.

(Corrupt files can also be caused by defective hardware, are you sure that the hard drive is working properly?)

[straytoasters]

I'm going to go ahead and 0 out the drive and see what happens in the next few weeks. Thanks.

Straytoasters

[Maelstorm]

I've heard of viruses corrupting scanners. It's usually the ones that are really nasty and can survuve even after you reformat ur disk. If you want to be sure, get a copy of Active@killdisk. The free version overwrites ur disk with 0s. Not the best security but it'll really clean up the disk of any remnants of whatever you may have.

How can a virus survive a reformat? Granted, you can do a quick format which will not touch the file data, but if nothing is pointing to it?

Might be a boot sector virus. Those are difficult to remove. As previous poster mentioned, using programs that completely overwrite the disk will eliminate them.

True, but it's been years since I heard of a boot sector virus. The last one that I can recall was Michaelangelo. Most virus/worms today use the OS resources to perform DDoS attacks, install keyloggers, adware/spyware, backdoors, rootkits, etc.

(Corrupt files can also be caused by defective hardware, are you sure that the hard drive is working properly?)

I had a Western Digital do that. Model WD1000BB-32CCB0. What would happen was that you could run all the tests in the world on it and it would pass, even zeroing out the drive would work. But when you installed Windows onto it, the physical media would lose it's magnetic charge. Unfortunately, the areas where this would happen would be in the middle of certian critial files like system.dat. That failure killed Windows. It would not even boot.

After it happened for something like 5 times, I replaced the drive. Beleive it or not, Western Digital wanted the old drive back and offered a discount on a bran new one right off the assembly line.

[Andromeda43]

DeInstall Norton completely

and replace it with AVG 7.1 FREE.

That will solve your problems. Honest!

I do it all the time for my customers.

They just love AVG.

Cheers

[bledd]

ditch norton, its a pos

use nod32 or kaspersky

[RJARRRPCGP]

Starting a few days ago Symantec Anti-virus auto protect stopped working, if you try to activate it you get a error or popup "Rtvscan.exe - Corrupt File. The file or directory \program files\symantec\antivirus\savrt.dat. Please run the chkdsk utility". If you right click on pretty much anything Symantec tries to install itself (again), you can click cancel and do what you want though. Ok, well here is what I have done so far:

Ran the chkdsk

Removed SAV and reinstalled a fresh copy and updated with fresh virus defs.

No changes. Yeah, I havent done much, as I plan on just doing a format/reinstall, but I was just wondering if anyone had hear of what (virus) does this?

Straytoasters

This problem can occur if your RAM is malfunctioning. Did you run Memtest86?

[Wicket20519]

True, but it's been years since I heard of a boot sector virus. The last one that I can recall was Michaelangelo. Most virus/worms today use the OS resources to perform DDoS attacks, install keyloggers, adware/spyware, backdoors, rootkits, etc.

Actually, we had one at my college a few semesters ago. The boot sector virus did something related to Denial of Service attacks....I'm afraid I can't remember.

But anyways, the IT Department Chair made his rounds explaining to everyone what was going on (the boot virus, DoS attacks, etc.) and that everyone needed to scan their floppy disks, flash drives, etc. for viruses before coming to class. Heh.

[straytoasters]

Sorry I havent gotten back to this before now (and I am the topic started) but I have found this...I moved a bunch of files, but no core system files or anything in the root c:\, windows or system32 areas, only music and video that I wanted to back up and the issue has went away. I did not notice it immeadiatly and Norton did not tell me anything new (if anyone is thinking that the defs updated and solved the issue). Real time protection is back on and seems to be working (but can you really ever be sure). I moved the data onto a different comptuer and thus far it is not showing the same symptons. I am going to incremintically copy the files back to their original location and see what happens. I am still going to 0 out the drive but I want to check this out anyway.