Nick,
As my previous post was edited by "shannons" for posting email content, and left somewhat confusing, I felt I needed to post yet again to clarify what I was saying earlier.
You had ask what made me think those were the 4-culprit files?
Well, when running " navx -c / ", I feel those are the 4-culprit files, because no other files are listed, archive or non-archive in the scan results. If those are not the 4-culprit files, then why does navx display them at all? Why not display all 529,825 files in the same manner? I assume the switch " -c " that was given to us to run with navx has something to do with it. However, we were not provided with any additional switches, or any references to what the switches represented. So only you, or people from Symantec are going to have that information.
To answer your next question of what happens with a manual scan or contextual menu scan?
When a manaul scan of the files is performed via the context menu, there are no errors. As far as that goes, when a manual scan is performed at all, even on the entire drive, there are no errors. The notorious error of " Virus Infected file could not be repaired. Archive restored." only appears during scheduled scans. So, there's one place to start looking in the code. How does scheduled scans differ from manual scans?
I have been working with Mike Romo from Symantec via email, but he has stopped responding. I would hope that it is because he is on vacation, and not because he is choosing to not deal with the issue? I'll give him the benefit of the doubt, as he did appear genuinely concerned in his emails. However, I do completely agree with " pjp " about working on new products. It's like I told Symantec Product Manager, Mike Romo in our numerous emails back and forth, "I realize Symantec is working on newer and better products for the Mac platform, but it makes it really hard for someone like myself to up sale not only myself, but my clients as well on new Mac products from Symantec, when known issues like these have never been resolved with the products we were currently sold on."
Symantec Product Manager, Mike Romo had stated that this problem had been duplicated in house, yet you say it hasn't? Who are we to believe? The Symantec Product Manager or the Symantec Manager of SQA Engineering? It's turning into a complete he said she said syndrome, leaving us the customers out the cold with faulty product.
This isn't the only problem either. In addition to this problem, we are still awaiting a fix for the " SymDaemonCrash.Log "
On a less critical note (only because it is never seen by 98% of my clients or Symantec product users), is the whole "SymDaemon.crash.log" issue. I'm sure you are aware of this also, but it is where the following log file:
/var/log/crashreporter.log
produces this message every time the system is shut down:
Wed Apr 8 00:27:19 2009 crashdump[875]: crashdump started
Wed Apr 8 00:27:20 2009 crashdump[875]: Started writing crash report to:
/Library/Logs/CrashReporter/SymDaemon.crash.log
but yet the log:
/Library/Logs/Crashreporter/SymDaemon.crash.log
...is always empty?
So, there is my two cents worth so to speak, and I hope this additional information helps in some way Nick. Please feel free to contact me via email or phone if I can help in any way.
The bottom line is that both of these issues are old known issues, and need to be resolved. Or, at the very least, Symantec needs to " Man Up " so to speak, and just tell us the end users that there is going to be no resolution to these issues, and that any further development for NAV v11 outside of virus definition updates is no longer going to take place.
Respectfully, ...albeit very frustrated and disapointed,
Thmas...