Jump to content

Client being flagged as virus

Recommended Posts

We are running Retrospect multi-Server on two WIndows Server 2008 R2 64 bit servers. Most of our clients have been recently updated to version


In the last week our Symantec AntiVirus server started flagging a Retrospect file named 'cntdwn.exe' (or something close to that) on almost every workstation as a virus and started quarantining the files. About the same time the Proactive backups stopped finding any machine to backup. We can still manually backup machines, and I have had to resort to writing scripts to manually do all the machines in each backup set.


Symantec claims they are not flagging anything.


Are we going to have to reinstall the client on every machine to clean this up? That will be over 500 machines. Recently a couple of the machines had the client removed and reinstalled. We then had to tell the server to forget the machine  and then re-add it before it would recognize the client.


This is becoming a major time sink and a hassle. Has anyone else run into this problem?

Link to comment
Share on other sites

An update on our situation. The file name is 'cntdown.exe'. When an exception was added to the Symantec list for that file name the problem went away. We were seeing the  flag from Symantec close to 40 times an hour. Now there are none. Also within an hour of the exception being added we had 32 machines respond to Proactive and backup.

Link to comment
Share on other sites

  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...