Yes I was referring to the external scans for PCI compliance and not Symantec's virus scans.
I did find a solution. I think it's ironic that Symantec forces known security problems but I did find a way to pass the tests. I blocked all traffic on that port on an external firewall. Symantec is still trying to use the port, and the weak ciphers, but since the port is blocked no one outside the network can access it and the PCI scans are clean.
Since I access that port only from the server itself I don't need remote access and since I'm inside the firewall I'm not blocked by the firewall setting.
Given how long 40 bit ciphers have been a known weakness I'm disappointed that Symantec hasn't fixed the problem.
Jerry