Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all 10484 articles
Browse latest View live

An unusual pattern

December 11, 2013, 11:30 am
$
0
0
I need a solution

We have had some machines that have SEP installed, we are mostly current, but there are a few stand outs. The stand outs manifest this way. 1. They will NOT upgrade past the version they are one. 2. For some reason there is a trust relationship, which forces me to remove and re add them to our domain.

Every single one of these PC's are heavily infected and the old version of SEP didn't do a thing to clean it up. The clients do communicate with the manager and get definition updates, but it is as if SEP doesn't work at all. I have to Remove and RE add the PC to the domain. Once I do, I run cleanwipe, then install the most recent version of SEP. Most of the time I have to run Malwarebytes in order to remove the threats.

This is what was found on the most recent PC with this issue

 

Trojan.Zbot
Trojan.Maljava
Trojan.Maljava
Trojan.Maljava
Trojan.Maljava
Trojan.Maljava!gen35
W32.Fujacks.CE!html
Search

Cannot determine the SEPM database schema

December 11, 2013, 12:16 pm
$
0
0
I need a solution

I am running SEPM 12.1.4 on a Windows Server 2008 R2 machine. I had to do a disaster recovery and reinstall the SEPM. I followed the directions for preparing for disaster recovery. I backed up the database and the disaster recovery file. The SEPM installs fine but I am receiving an error during the Management Server Configuration. In Step Two: Existing Database Parameters I input the Dtatabase name, user name and password. When I click Next I receive the error below.

12-11-2013 2-11-05 PM.png

 

Any idea why I would be receiving this error?

 

Thank you.

 

Scan Duration

December 11, 2013, 12:58 pm
$
0
0
I need a solution

Hi,

I have a script that is pulling Scan Duration as one of the columns.  I am assuming this is in seconds.  How can I get it to print in HH.MM.SS format?

Thanks in advance.

 

 

query on unmanage client

December 12, 2013, 12:31 am
$
0
0
I need a solution

Incase i can install the client in unmanage condition PTP defintion will be updated time to time or not?

client report

December 12, 2013, 12:40 am
$
0
0
I need a solution

I have several group on Symantec Manager where clients are of different version(12.x), i am not able to download all the group report one by one.

guide me to get in single tab?

Client Install Package - " Distribute upgrades over..."

December 12, 2013, 1:50 am
$
0
0
I need a solution

if Distribute upgrades over is set to 1

Whats happens to clients that are turned of for the coming 1 days? will they not get the upgrade?

 

 

 

thanks

Blue blank screen when system shutdown

December 12, 2013, 3:03 am
$
0
0
I do not need a solution (just sharing information)

Hi all,

in the first step I am sorry my english isn't very good.

To the problem:
We have a problem with blue blank screen before system shutdown. User clicks to start button and then to system shutdown. System goes almost to shutdown but before turn off system remains in blank blue screen with mouse (no BSoD). We have this problem from about December 2012 after deployed SEP12 RU2.
When we uninstalled Symantec Endpoint Protection problem has been solved.
After SEP12 install problem has been back.
Problem isn't solved in SEP12 RU2 MP1 and SEP12 RU3.
When computer is in descripted problem then with the mouse can be moved, CTRL+ALT+DEL not responding, network is online but only using ping from another computer. User can shutdown system only using power button.
In system log is standard record "The Event log service was stopped."...

We tested individualy drivers SEP12 and when we stopped driver srtsp.sys (Symantec Realtime Storage Protection) then system worked good.

We noticed that the problem is only on computers with Altiris Recovery Solution and
at the same time after finishing Recovery snapshot. We have this "Recovery Solution" very long time without any problems.

We were looking for solving about Recovery, but version of driver (ofmlvdrv.sys) is same in Altiris Recovery 6 and 7.
We do not expect that solution will by the way of modify "Recovery Solution".

On the website about "New fixes and features in Symantec Endpoint Protection 12.1.4" is nothing about my problem... But I will try it...

Do you have the same problem?

Question about GUPs, GUP lists, and limiting GUPs

December 12, 2013, 10:33 am
$
0
0
I need a solution

Hello,

I have a question about GUPs on SEP 12.4.  We have over 1000 machines including servers, laptops, workstations across our state.  We have 27 districts made up of multiple counties.  A single District Server supports all the counties within that district.  Each county has its own subnet.

Initialy we set up our GUP list within LiveUpdate policy using IP addresses of our Remote District Servers.  Thus, the only GUPs we had were the 27 District Servers.  I had forgotten that clients ONLY talk to a GUP if it is in that client's subnet.  Thus, the outlying counties in a district did not talk to the District Server\GUP.  Any updates those clients needed came directly from our SEPM server.  A single server.

We've had problems with tens of thousands of SEP sessions overloading our firewall at our main office where our SEPM server resides.

We chose to add an OS check to our GUP list, so that any machine with an OS of "XP" or "win7x64" could now become a GUP in addition to our District Servers.  We now have nearly 800 GUPs.  That's out of a total of just over 1000 machines.

Questions:

1) Is there a way to limit the number of GUPs created?

2) When GUPs request updates, do they get the delta from SEPM, or do they also check the GUP list like clients do?

Search

Moving SEPM database to a SQL cluster from stand alone

December 12, 2013, 11:36 am
$
0
0
I need a solution

Hello,

Our SEPM farm database is currently on a standalone SQL 2008 SP2 server, we are thinking about moving this database to a SQL cluster which might be a different version of SQL then what it is on.  Can someone please guide me on instructions / best practices from Symantec's perspective on the steps required.  Also, if the symantec database is on a default instance with the default SQL port, would it be ok to change this?

Thank you.

1386879972

bootmgr is missing

December 12, 2013, 2:19 pm
$
0
0
I need a solution
 

good



after applying a policy of blocking USB, does not start the computer operating systema, when you start generating a mesage bootmgr is missing,

image attached with the Privacy



We can help identify what is happening, we are using the SEP version 12.1



thank you very much

What will i lose with PCs at Version11 still?

December 12, 2013, 3:22 pm
$
0
0
I need a solution

Hello - just a quick question.  I got am email from Symantec stating that support for Version 11 will cease in January 2013.  What exactly does that mean?  Will my pcs that are still at version 11 get updated anymore? Signature and engine updates?

 

thanks

Updating SEP Manager (connected thru proxy)

December 12, 2013, 7:08 pm
$
0
0
I do not need a solution (just sharing information)

As per experience before.

Whether it was SEP 11.x or 12.x, I have encountered that during the very first attempt to update the SEP Manager (after installation), I usually get an error where in the definitions are not updated.

The SEP Manager is connected thru a proxy server.

Initial troubleshooting done is downloading the JDB virus definitions (and the client definition for the server itself).

After uploading the JDB virus definitions to the SEP Manager, virus protection is updated.

And after trying to use LiveUpdate on the SEP Manager console, downloading was good already.

And good news is, it regularly updates itself; no download errors so far and it never misses connecting thru LiveUpdate.

Just sharing. I just hope my problem is not experienced also by others, especially on current version (and hopefully on the upcoming Beta).

Symantec system recovery 2013 license key

December 12, 2013, 9:47 pm
$
0
0
I need a solution

Hi,

I have the following license : SYMC PROTECTION SUITE ENTERPRISE EDITION 3.0 PER USER RENEWAL BASIC 12 MONTHS EXPRESS BAND F

For Symantec endpoint protection, I know that the .slf file should be used. I have downloaded the Symantec System Recovery 2013 and want to know how can I get the license key to use with it. I was already using Symantec System Recovery 2011 before, but the license key will not work for the 2013 version.

Thanks for your help.

Arvind

Import Package Folder in SEPM

December 12, 2013, 11:05 pm
$
0
0
I need a solution

Team,

I have an SEPM with following Client Versions of Package.

Symantec Endpoint Protection version 12.1.671.4971 for WIN32BIT 
Symantec Endpoint Protection version 12.1.671.4971 for WIN64BIT 
Symantec Endpoint Protection version 12.1.671.4971 for Mac 
Symantec Endpoint Protection version 12.1.2015.2015 for WIN32BI
Symantec Endpoint Protection version 12.1.2015.2015 for WIN64BIT
Symantec Endpoint Protection version 12.1.2015.2015 for Mac 
Symantec Endpoint Protection version 12.1.3001.165 for WIN32BIT 
Symantec Endpoint Protection version 12.1.3001.165 for WIN64BIT 
Symantec Endpoint Protection version 12.1.4013.4013 for Mac

But the following directory {"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\outbox\ImportPackage"}is of 97.5 GB. Just wanted to Know would that consumes that much amount of HDD Space.

 

Sathish.

SEP 12.1 RU2 Installer "Wizard was interrupted"

December 13, 2013, 12:13 am
$
0
0
I need a solution

Hi I am having issues with 3 Windows Server 2003 machines that had SEP12.1 RU2 running fine. I proceeded to upgrade those machines to  Windows Server 2008 R2 and the SEP icon reported that its not functioning properly. I proceeded to uninstall, and reinstall. No go, received "Wizard was interrupted" upon reinstallation. Did CleanWipe, reboot and reinstalled but still received the same "Wizard was interrupted" error. Have no access to the logs yet...

 

Any ideas?

Search

sep 12.1.4 not installing on windows7 machine

December 13, 2013, 3:44 am
$
0
0
I need a solution

Team,

Facing a big issue while installing sep 12.1ru4 on windows 7 machine, I have tried many system but still no luck, not even single system. No error, nothing is appearing.

I just want to install sep 12.1.4 manually on all windows 7  system. Please help me.

patch pour ItunesHelper.vbe

December 13, 2013, 3:46 am
$
0
0
I need a solution

Bonjour,

Help, je suis infecté par un virus appelé ItunesHelper.vbe, ce dernier infecte les clès USB et crée des raccourcis à la place des fichiers, j'ai un antivirus ENDPOINT version 12, ce dernier n'a pas détecté ce virus, je voudrais savoir si ce symantec a le patch pour supprimer ce virus car sinon tout le monde sera infecté quelques soient dans les bureaux et dans les salles informatiques. merci

Live update error for New SEPM 12.1 M******* Initial license 115 11/27/2012 11/26/2015 M*********

December 13, 2013, 4:42 am
$
0
0
I need a solution

We are not able to do live update. we are getting an Error as return error code 4. Our Proxy is configured properly. Server is getting full internet access also.

December 13, 2013 4:10:26 PM IST:  Transaction log truncation succeeded and finished.  [Site: RSPBF5]  [Server: RSPBF5L2-SRV1]
December 13, 2013 4:10:25 PM IST:  Transaction log truncation started.  [Site: RSPBF5]  [Server: RSPBF5L2-SRV1]
December 13, 2013 3:58:11 PM IST:  Retry timestamp is over the maximum retry window, switching to regular schedule run.  [Site: RSPBF5]  [Server: RSPBF5L2-SRV1]
December 13, 2013 3:47:11 PM IST:  LiveUpdate retry failed.  Will try again.  [Site: RSPBF5]  [Server: RSPBF5L2-SRV1]
December 13, 2013 3:47:11 PM IST:  LUALL.EXE finished running.  [Site: RSPBF5]  [Server: RSPBF5L2-SRV1]
December 13, 2013 3:47:11 PM IST:  LiveUpdate encountered one or more errors. Return code = 4.  [Site: RSPBF5]  [Server: RSPBF5L2-SRV1]
December 13, 2013 3:45:51 PM IST:  LUALL.EXE has been launched.  [Site: RSPBF5]  [Server: RSPBF5L2-SRV1]
December 13, 2013 3:45:51 PM IST:  LiveUpdate retry started.  [Site: RSPBF5]  [Server: RSPBF5L2-SRV1]
December 13, 2013 3:30:51 PM IST:  LiveUpdate retry failed.  Will try again.  [Site: RSPBF5]  [Server: RSPBF5L2-SRV1]
December 13, 2013 3:30:51 PM IST:  LUALL.EXE finished running.  [Site: RSPBF5]  [Server: RSPBF5L2-SRV1]

1387098040

Backdoor.Pihar need solution

December 13, 2013, 6:25 am
$
0
0
I need a solution

Hi

My machine is infected with Backdoor.Pihar. I am getting below security log every hour. Please help.

 

[SID: 27101] System Infected: Backdoor.Pihar Activity detected.
Traffic has been blocked from this application: C:\Windows\System32\svchost.exe

My machine is using Symantec Endpoint Protection-Ver 11.0.5002.333

 

Regards

Vishal

SEP 11 Manager Not Updating

December 13, 2013, 7:02 am
$
0
0
I need a solution

SEPM v 11.0.6005.562

We have 2 SEPM servers and both have not updated 32-bit AV since 2013-09-30-002. There are approximately 4500 clients that use these as primary and secondary management servers. The installation has been in place and running "fine" for more than 2 years (I believe, I didn't install it).

By design, the 2 SEPMs check LiveUpdate every 4 hours for updates. Source Servers for LU for the site are (2) interal LiveUpdate servers. These servers are downloading from Symantec OK and then distributing OK (they are also the Distribution Centers). I can verify this by looking at the content on the servers. Also, if I set the LU policy on a group of SEPM clients to look to these internal LU servers, the clients will download newer definitions than what the SEPM has. (This is not a workable solution for us, though, as many of the clients are on slow links and spread across the US; we have GUPs defined for each physical location (about 1,000) so that each link only pulls the file once and then distributes to clients (~4 - 8) on the same subnet. Another thing I noticed, though, is that when I updated all the GUPs, the remaining clients were still not updating... that may be related or another issue altogether, i'm really not sure.

Some of the things I've tried (based mostly on recommendations from this forum) without success:

  • Re-Install LiveUpdate on the Manager
  • Delete and re-download LiveUpdate content on the Manager
  • Repair the Manager
  • Repair the Manage, Reconfigure DB
  • Point the Manager to Symantec instead of internal LU servers
  • Load JDB from Symantec ; On the primary SEPM, this seemed to process and built a new (current date) folder in {C60... with a FULL.ZIP file , but after a few minutes that new folder was deleted leaving 20130930002 as the 'newest'. It appears to have worked on the backup SEPM as the dashboard reports a newer version of defs and the content folder includes the corresponding numbered folder.
 
Any recommendations on where I should be looking to try to get the Primary to update its 32-bit defs would be much appreciated.
 
Thanks in advance for any help!
1386950648
Viewing all 10484 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>