Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all 10484 articles
Browse latest View live

How to Remotely Uninstall SEP Antivirus 12.1

$
0
0
I need a solution

Ok, I know there is a featured post and several articles about how uninstallation of SEP Antivirus is pretty much a manual hands-on-the-machine affair.  Either that, utilizing a CleanWipe utility that, while I am unaware of this program, sounds like something similar to CCleaner.

Here is our company's problem and am hoping you all can assist.

1) We intend to lock down SAV from client access via the use of passwords (done through SEPM policies)

2) Almost all of our users are remote located in all of our state's counties.

3) All of our IT support is handled via remote control, Microsoft System Configuration Manager, Group Policy, or each applications management console.

4) We are being forced to move away from ESET AV and adopt SAV.  ESET allowed us, through their console to install, remove, and remotely manage the ESET application.

 

Knowing the above, and that our client-side SAV setups will have password protection, and our users are remote, please tell me how we can remotely uninstall SAV 12.1 from their systems should the need arise?

Touching each and every machine via a remote desktop tool to utilize Windows Add/Remove process is just not practical for large numbers of users.  Using the msiexec command line in a Group Policy "logon" script won't work if we have password protected our SAV installations. 

 

Thank you.


After successfully upgrading SEP Client from 11.0.4 into 12.1 RU1 legacy FTP software stopped working ?

$
0
0
I need a solution

Hi People,

Can anyone please assist me in resolving this issue with the 

Everytime the user tries to use open up the application, there is pop up saying 

[SID: 20903] FTP Generic Command Overflow detected which comes from the old Solaris server, after that the whole people in the department cannot use their FTP software to pull out the report from the server ?

how to safely ignore any false positive "attacks" from that server, because previously in version 11 it works as normal.

SEPM 12.1 Home Page not showing currect information

$
0
0
I need a solution

Hi,

I am using SEPM 12.1, on SEPM home page it is not showing currect information. On Endpoint Status it is showing blank.

Please help to close it ASAP.

 

Regards

Harvansh Singh

Symentec Upgrade

$
0
0
I need a solution

dear All,

How can i upgrade the SEPM 11.x to 12.1.2 .give me the step by step graphical solution and give me the client side upgrade process.

OS Attack

$
0
0
I need a solution

Hi,

 

Iam getting the following errors time and again. Found solution to be a microsoft patch installation but even after installing the same, the message is still coming. Please help:

 

[SID: XXXXX] OS Attack: MSRPC Server Service RPC CVE-2008-4250 detected

 

The client will block traffic from IP address <10.x.x.x> for the next 600 seconds.

 

Regards,

Anish

SEP Clients unexpected behavior in SEPM

$
0
0
I need a solution

Greetings to All,

Im using SEPM and SEP 12.1.1000.157 RU1 in the corporate environment.

All clients are managed and in compter mode, 1 domain, replication site 1.

Im facing several weird issues with Symantec Endpoint Manager with the Clients.

1.After deployment, clients shows up in wrong container despite the installer was export from the correct container.

2.After the client restart, the client went missing from the SEPM container.

  If the client is not missing,I noticed that the names of the client change randomly including the logon user from time to time which makes it difficult for me to track and diagnose the issue.

3. The missing client from the container still recieves the latest policy I have changed. (I tried to check is it in user mode view, but unfortuately that's not the case)

I have tried importing the Sylink into the client, but it points to the wrong container or simply just won't show up in the SEPM. Client shows connected to the server.

Test connecting using the secars test string it returns with the value "which looks like upper LL and inverted LL" , I don't understand.

I am not sure whether any settings or policies will cause such an issue describe above.

Thank you

Regards,

Yap

Installation features "Proactive Threat Protection"

$
0
0
I need a solution

We select Basic Content installation package, but found there is still "Proactive Threat Protection" installed.

We want to install minimize package on server device, so we uncheck "Proactive Threat Protection" in Client Install Feature Set.

1. May we know if any function will be affected without "Proactive Threat Protection" ? What does "the client software provide reduced protection against threats" mean?

We only need virus detection and clean action on our server. Can SEP work normally without "Proactive Threat Protection" ? We don't want to enable this tech .

2. What about download Insight, we cannot find where to uncheck it from installlation package, but disable it in policy. Warning message displayed on SEP icon, is there anyway to remove this warning from SEP , or not to install this feature ?

8185471
1357890859

Block Web Sites filtered by proxy with FW Rule

$
0
0
I need a solution

Referencing back to this forum post - https://www-secure.symantec.com/connect/forums/blo....

- Essentially when trying to block a DNS Domain with a FW rule, traffic is blocked if it does not traferse a proxy server. A simple test enabling/disabling the proxy server settings in the web browser proves this problem

How do I block traffic to DNS Domain e.g *.yahoo.com when that in fact is filtered by and probably offered by the proxy server?

Are there any updates & thoughts on this problem?

Thanks

 

 


Clients Disappear After Moving to a Different Group

$
0
0
I need a solution

The other day I moved a client to a different group using the web management console.  The client never showed up in the new group and no longer shows up in the group it was in either.  I even checked the database for all clients and it was not there.  The client had previously had a duplicate ID, but had just had the Repair Cloned Image tool ran on it and was showing up properly with a unique ID before I tried moving it.  It is as if the client has disappeared alltogether.  

Unfortunately, I do not have admin access to the client as another administrator is reponsible for the machine.  Short of reinstalling the client or importing the sylink file, is there anything I can have the admin try?  We are running 12.1.2015.2015.

Thanks!

Sylink.xml missing from install folder

$
0
0
I need a solution

Gurus

 

I need to change my clients to a new Symantec server but can not find the sylink.xml file on the new server ,under the imsatll folder, what am I missing.

 

Thanks a bunch

Change Virus Definition Location From C:\..\All Users\ to D:\...

$
0
0
I need a solution

The C drive on a server is filled because the server was designated to store program files and all other data on the D drive.

The All Users exist on C:\ and when SEP client downloads new defintions it is placed in the following location:

C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection

How do I change the destination location for virus defintions [above location] to a location on the D drive?

Thanks!

Email from SEPM using Internal SMTP

$
0
0
I need a solution

I have a number of sites with SEPM and have appreciated that on NEW deployments of version 12 the application emails me even if I do not specify an email server.  It asks who to notify and lo and behold, email starts to flow.  This is true of the Small Business and the Enterprise product.  I just upgraded an existing site (ie. not a new deployment) from 11.5 to 12.1.  It won't send me email notifications unless I specify a server.  Yet a new installation of the same software will send notifications using some internal mechanism.  How can I make my upgrade work the same way?  Do I have to specify a mail server on the upgrade?

8190401
1357951465

xss or Cross Site Scripting

$
0
0
I need a solution

hello i am msc student in software engineering currently i study about xss or Cross Site Scripting malware's my question about that to  you is that where can i found the list of xss worms,viruses i need them thank you

HELP PLEASE - Google redirect; IE downgraded; email hijacked

$
0
0
I need a solution

Dec. 6, my email was hijacked. Several of my folders disappeared and although I think they are on my computer, I can't get to them.

This happened at the same time that I found a Google redirect on my G+ page. If I go to my G+ page, https://plus.google.com/u/0/108990336060003345586#101969579025737871617/posts/, I can watch it redirect. I checked the certificates and I see the final one which is the bad one. I also checked the  properties of the page and can see the redirect information, but I can't figure out how to undo it. The hacker took over as admin.

This also affected my IE8. My computer thinks I am now using IE7 again. This causes problems for my blog. It has also changed my Twitter account to mobile because it says I need to update my browser.

I have spent weeks on this, trying to fix it so I can get back to giving things away on my blog. I am afraid since I am not sure if it will affect others or not.

 

Any help is appreciated.

sav: command not found

$
0
0
I need a solution

Hi guys,

I'm running Ubuntu 12.10, kernel version 3.5.0.21-generic, 64-bit, US English.

According to the KnowledgeBase articles on SAV for Linux, Ubuntu is a supported distribution; however the kernel of my OS is unsupported. But not to worry, I managed to install SAV for Linux version 1.0.14-13 successfully on the abovementioned OS with the help of friends on this forum.

I encounter a problem trying to scan a file located in my home directory. I am a practised Microsoft Windows user and I was under the impression in Ubuntu that I could just right-click the file that I wish to scan and SAV for Linux will start scanning. To my horror I discovered there was no such option as "SAV for Linux" or "Scan for viruses" when I right-clicked the file to be scanned under Ubuntu.

Hence I brought up a terminal window and below is the output of the error message. Please note the file to be scanned is called test.iso which is located in /home/sharon/ directory.

======================================start of quote of error message=======================================

sharon@sharon:~$ sav manualscan --scan test.iso
No command 'sav' found, did you mean:
 Command 'savr' from package 'sdcc-ucsim' (universe)
 Command 'savi' from package 'savi' (universe)
 Command 'save' from package 'atfs' (universe)
 Command 'dav' from package 'dav-text' (universe)
 Command 'gav' from package 'gav' (universe)
 Command 'sac' from package 'sac' (universe)
 Command 'say' from package 'gnustep-gui-runtime' (universe)
 Command 'sar' from package 'sysstat' (main)
 Command 'sar' from package 'atsar' (universe)
 Command 'sv' from package 'runit' (universe)
 Command 'sa' from package 'acct' (main)
sav: command not found

sharon@sharon:~$ sav info --autoprotect
No command 'sav' found, did you mean:
 Command 'savr' from package 'sdcc-ucsim' (universe)
 Command 'savi' from package 'savi' (universe)
 Command 'save' from package 'atfs' (universe)
 Command 'dav' from package 'dav-text' (universe)
 Command 'gav' from package 'gav' (universe)
 Command 'sac' from package 'sac' (universe)
 Command 'say' from package 'gnustep-gui-runtime' (universe)
 Command 'sar' from package 'sysstat' (main)
 Command 'sar' from package 'atsar' (universe)
 Command 'sv' from package 'runit' (universe)
 Command 'sa' from package 'acct' (main)
sav: command not found

sharon@sharon:~$ cd /opt/Symantec/symantec_antivirus/
sharon@sharon:/opt/Symantec/symantec_antivirus$ sav manualscan --scan /home/sharon/test.iso
No command 'sav' found, did you mean:
 Command 'savr' from package 'sdcc-ucsim' (universe)
 Command 'savi' from package 'savi' (universe)
 Command 'save' from package 'atfs' (universe)
 Command 'dav' from package 'dav-text' (universe)
 Command 'gav' from package 'gav' (universe)
 Command 'sac' from package 'sac' (universe)
 Command 'say' from package 'gnustep-gui-runtime' (universe)
 Command 'sar' from package 'sysstat' (main)
 Command 'sar' from package 'atsar' (universe)
 Command 'sv' from package 'runit' (universe)
 Command 'sa' from package 'acct' (main)
sav: command not found
sharon@sharon:/opt/Symantec/symantec_antivirus$

==========================================end of quote of error message====================================

Thank you in advance for your help.

P.S.: I did search for solutions to "sav: command not found" on Google as well as on this forum and could not find the solutions to my issue. Hence this post.
 

8190851
1357977709

USB Logs monitoring through SPEM12.1

$
0
0
I need a solution

Who we can monitor the usb logs in dtails.

Like what data copy from usb to system and from system to usb with file name and  all.

We are usign the SEPM12.1.

Thanks

Email Signature jpeg images getting blocked

$
0
0
I need a solution

Hi,

 

The jpeg image used as signature in email is getting blocked by symantec. We are using SEPM 12.1. Can you please help me out with this ?

 

Regards,

Anish

SEPM

$
0
0
I need a solution

I want to Change the OS of existing SEPM, What will be the step

 

Symantec Entpoint Protection Problem

$
0
0
I need a solution

I keep getting a Denial of Service is logged message bubble that pops up.  When I check the log, this is what is in there...Any thoughts on how to fix it?

 

 

EventUserLogged ByDescriptionDate and Time
Definition File LoadedAEA3SystemNew virus definition file loaded. Version: 150102w.1/3/2013 9:59
Scan OmissionAEA3Scheduled scanCould not scan 126 files inside c:\Aflac Tools\Office 2007\OfficeProfessionalPlus2007.EXE due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:04
Scan OmissionAEA3Scheduled scanCould not scan 8 files inside c:\Aflac Tools\Virus\20100912-005-v5i32.exe due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:05
Definition File LoadedAEA3SystemNew virus definition file loaded. Version: 150103af.1/4/2013 12:16
Scan OmissionAEA3Scheduled scanCould not scan 8 files inside c:\Aflac Tools\Virus\Symantec SEP\FieldForce_SEP.exe due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Scan OmissionAEA3Scheduled scanCould not scan 1 files inside c:\Aflac Tools\WinZip.v8\SETUP.WZ due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Scan OmissionAEA3Scheduled scanCould not scan 1 files inside c:\Aflac Tools\WinZip.v8\winzip81.exe due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Symantec Endpoint Protection StartupAEA3SystemSymantec Endpoint Protection services startup was successful.1/6/2013 19:42
Definition File LoadedAEA3SystemNew virus definition file loaded. Version: 150107q.1/7/2013 23:30
Scan OmissionAEA3Scheduled scanCould not scan 1 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ient_s1.cab due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Scan OmissionAEA3Scheduled scanCould not scan 2 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ient_s2.cab due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Definition File LoadedAEA3SystemNew virus definition file loaded. Version: 150105q.1/6/2013 19:51
Scan OmissionAEA3Scheduled scanCould not scan 3 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ient_s3.cab due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Scan OmissionAEA3Scheduled scanCould not scan 4 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ient_s4.cab due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Definition File LoadedAEA3SystemNew virus definition file loaded. Version: 150106i.1/6/2013 23:24
Definition File LoadedAEA3SystemNew virus definition file loaded. Version: 150108v.1/8/2013 23:29
Scan OmissionAEA3Scheduled scanCould not scan 2 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ient_s5.cab due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Scan OmissionAEA3Scheduled scanCould not scan 1 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ie_s1.cab due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Scan OmissionAEA3Scheduled scanCould not scan 2 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ie_s2.cab due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Symantec Endpoint Protection ShutdownSYSTEMSystemSymantec Endpoint Protection services shutdown was successful.1/9/2013 10:50
Scan OmissionAEA3Scheduled scanCould not scan 2 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ie_s3.cab due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Symantec Endpoint Protection StartupAEA3SystemSymantec Endpoint Protection services startup was successful.1/9/2013 10:54
Scan OmissionAEA3Scheduled scanCould not scan 4 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ie_s4.cab due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Scan OmissionAEA3Scheduled scanCould not scan 2 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ie_s5.cab due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:06
Symantec Endpoint Protection ShutdownSYSTEMSystemSymantec Endpoint Protection services shutdown was successful.1/9/2013 11:40
Scan OmissionAEA3Scheduled scanCould not scan 3 files inside c:\Aflac2000\Credant\CredantAssist.zip due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:07
Symantec Endpoint Protection StartupSYSTEMSystemSymantec Endpoint Protection services startup was successful.1/9/2013 11:42
Scan OmissionAEA3Scheduled scanCould not scan 1 files inside c:\Documents and Settings\1000\My Documents\Dropbox\bah laptop\W2-2010bah.zip due to extraction errors encountered by the Decomposer Engines.1/3/2013 10:22
Definition File LoadedAEA3SystemNew virus definition file loaded. Version: 150110aj.1/11/2013 11:06
Scan OmissionAEA3Scheduled scanCould not scan 126 files inside c:\Aflac Tools\Office 2007\OfficeProfessionalPlus2007.EXE due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:38
Scan OmissionAEA3Scheduled scanCould not scan 8 files inside c:\Aflac Tools\Virus\20100912-005-v5i32.exe due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 8 files inside c:\Aflac Tools\Virus\Symantec SEP\FieldForce_SEP.exe due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 1 files inside c:\Aflac Tools\WinZip.v8\winzip81.exe due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 1 files inside c:\Aflac Tools\WinZip.v8\SETUP.WZ due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 1 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ient_s1.cab due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 2 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ient_s2.cab due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 3 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ient_s3.cab due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 4 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ient_s4.cab due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 2 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ient_s5.cab due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 1 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ie_s1.cab due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 2 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ie_s2.cab due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 2 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ie_s3.cab due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 4 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ie_s4.cab due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 2 files inside c:\Aflac Tools\Worksite Pro 3.0\CDImage\Internet Explorer 5.5\i386\en\ie5\ie_s5.cab due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:40
Scan OmissionAEA3Scheduled scanCould not scan 3 files inside c:\Aflac2000\Credant\CredantAssist.zip due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:41
Scan OmissionAEA3Scheduled scanCould not scan 1 files inside c:\Documents and Settings\1000\My Documents\Dropbox\bah laptop\W2-2010bah.zip due to extraction errors encountered by the Decomposer Engines.1/9/2013 20:55

 

Upgradation from 12.1 to 12.1 R2

$
0
0
I need a solution

Hi,

Currently i am working with 12.1 and want to upgrade the version of sepm 12.1 R2.

How can i do this any solution..?

Viewing all 10484 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>