Endpoint Protection

 View Only

  • 1.  Rtvscan Constantly accesss log file

    Posted Jan 07, 2009 09:48 AM

     

    My laptop seems to be contantly accessing my disk.  When I use Process Monitor,

    I found that Rtvscan is constantly accessing a log file (not even writting to it) 

    even no applications are running. Any idea what is causing this and how to stop it?

    The Log file doesn't grow. 

     

     

    Time of Day       Process Name   PID       Operation          Path

    35:28.9 Rtvscan.exe      188       CreateFile         C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs\01072009.Log

    35:28.9 Rtvscan.exe      188       CreateFile         C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs\01072009.Log

    35:28.9 Rtvscan.exe      188       QueryFileInternalInformationFile   C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs\01072009.Log

    35:28.9 Rtvscan.exe      188       QueryStandardInformationFile     C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs\01072009.Log

    35:28.9 Rtvscan.exe      188       CloseFile           C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs\01072009.Log

    35:28.9 Rtvscan.exe      188       QueryStandardInformationFile     C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs\01072009.Log

    35:28.9 Rtvscan.exe      188       ReadFile           C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs\01072009.Log

    35:28.9 Rtvscan.exe      188       CloseFile           C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs\01072009.Log

    35:28.9 Rtvscan.exe      188       CreateFile         C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs

    35:28.9 Rtvscan.exe      188       QueryDirectory  C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs\*.log

    35:28.9 Rtvscan.exe      188       QueryDirectory  C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs

    35:28.9 Rtvscan.exe      188       CloseFile           C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs

     

     

     



  • 2.  RE: Rtvscan Constantly accesss log file

    Posted Jan 19, 2009 04:58 PM

    Hi The Howler,

     

    Based on the log produced, we can say a couple things:

     

    1.  RTVScan is accessing our log directly quite a lot, especially if the log size isn't changing, and...

    2.  We're not sure what it's doing, other than there is activity related to its log file for the day.

     

    You can answer #2 above using the vpdebug feature for SAV, which provides log information for everything RTVScan is doing. For information on vpdebug, please see the following document:

     

    Debugging secure communication in Symantec Antivirus Corporate Edition 10.x and Symantec Client Security 3.x:

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2005041515105448 

     

    Let me know if that helps.  If not, I'd suggest contacting support.

     

    Best,

     

    Eric



  • 3.  RE: Rtvscan Constantly accesss log file

    Posted Feb 04, 2009 10:24 AM

    hi, That seems strange. You can ove the logs to a different folder, make sure the logs folder does not contain any files, restart the symantec services and check again. You would get to know whether any file is getting created or whether rtvscan is again scanning that folder.

     

    Sandy