Hello,
When I tries to kill the process with the command "Taskkill /F /IM ccSvcHst.exe", it successfully executed and SEP completly stopped.
How do we prevent symantec process getting killed by taskkill command ?
Client OS : Windows 7 Pro , Widows 10 Pro
SEP Version : 14 Build 1904
Thank you.
Hello,
I have verified that it is no longer possible through the link below the software registry in the White List.
https://submit.symantec.com/whitelist/
I am a software manufacturer and generally they are detected by symantec as false positive. How do I proceed now since I do not want to wait for my software to be detected and then request to be included in the white list.
Thank you,
William
Hello,
I'm looking for a way to query a system via command line to see if Auto protect is running and if the SEP client is managed or un-managed. If it's managed is it checking in?
Thanks!
Hello, We are on SEP version 14 MP2. Whenever i scan my linux endpoints, the scan result in the SEP Manager shows 1000s of files/folders as skipped on the endpoint. I am running the scan as root user and we don't have any exceptions configured. How can i get a list of files/folders that were skipped during the scan ? I am disappointed that the SEP Manager doesn't even show details of directories that were skipped. Morever, there isn't even any log file generated on the local linux endpoint itself that logs these details .
I've been pushing SEP v14 MP2 from the console over the last month. Some Server 2012 R2 servers fail to boot after the next restart. It is during the Windows splash screen with the racing dots. This is random and the server boots just fine after a forced power reset. I suspect this is while Windows bootexe is trying to process the sisnat file, but don't have any proof as this is before the event log starts. I had 5 fail to boot last night out of a couple dozen. Anyone else experience this situation and is this a known issue with a fix?
Hi, Is it just me or are we all experiencing the same issue?
I have checked under Windows Definitions for the Latest from Symantec: and it says "Information is currently unavailable". I have followed the steps on the on the link below and all are successful. Are you also experiencing the same issue?
https://support.symantec.com/en_US/article.TECH964...
Thanks,
MabundaG
Hello,
i want to know if there is a way to block managing other SEP version except 14 ?
the users continue to install other version than SEP 14 and i want to force them to use this version.
Thanks
N.Achraf
Why symantec endpoint not detect Amazon Assistant aa.hta virus?
any information about this?
Dear All,
we have about 60 computers using symantec endpoint.
We use Outlook to send and receive mail.
Some excel files attached in outlook can not be opened with error as below:
The file you are trying to open, "Name xxx .xls', is in a different format than specified by the file extension. Verify that the file is not corrupted and is from a trusted source before opening the file. Do you want to open the file now
If we stop the symantec, it can open normally (smc -stop)
we using outlook 2007 and windows: 7
Please help me.
I have created the rule(Block) for youtube in firewall .When i open the youtube.com it is opening but video is not playing.How to block the youtube website.
Gibt es einen Virenschutz (Malware, etc.) für das Surface HUB außer dem Windows Defender?
Hi,
i reconfigured the directory server to LDAP SSL. Now i cannot login. I also do not find my "local admin" password. Seems like Keepass didn't save.
Do i have to perform a database restore from yesterday? Or is it possible to reconfigure the directory servers without logging in?
Best regards
Stephan
Hi Team,
My team facing issue after new patch update from last to last Monday. We have created Pega OpenSpan Robotics projects before this patch and we were able to execute the automations without any issue, after patch update Symantec is writing the codes which is crashing the IE whenever we are trying to execute the automation.
After investagation Pega OpenSpan Robotics Team have provide the information that Symantec is executing the code which is overwriting their codes.
Attached is Log file which points to Symantec which is trying to execute 5 byte code which is replacing the orginal code which is causing Internet Explorer to Crash everytime. Also Pega Team have given interim solution to disable "GENERIC EXPLOIT MITIGATION" and run automation.
Attached is also screenshot of PEGA OpenSpan Robotics team comments.
Request you to let me know how the issue can be fixed without disabling this option. Please feel free to reach out to me.
Regards,
Nithin Shivakumar
+91-9986754770
I recently installed Endpoint Protection (14) on an office network and within a week 3 desktops suffered catastrophic failures in a complete loss of their Email boxes -- all data completely gone. The users have Thunderbird Email and what happens, apparently, is EP detects a virus in the file and since it doesn't know how to manipulate a Thunderbird email box it essentially quarantines the entire email box, yet when you go to the control panel and attempt to restore the quarantined file, EP can't do it. Not from the client, not from the server. Even Symantec Technical Support, escalated 3 levels, can't restore the file.
After escalating this to the highest level on the continent, I am told that "yes, EP 14 does not know how to manipulate a Thunderbird mailbox and so yes, this patern of catastrophic damage is know to us and our 'best practices' document tells you to add exceptions for your email boxes. We have special hooks for Outlook but we know that we can't handle Thunderbird."
I'm puzzled by two things:
First, if Symantec knows that this is a problem with their software, why don't they fix their software?
Second, if Symantc knows that this is a problem and they can't or won't fix the problem, why doesn't their software come configured as default to skip the files it knows it can't manipulate?
I feel like I was shipped a box that contained a burning fuse and I'm being told that it was my fault for not expecting that and dousing the fuse before installation.
That said, I did run into a large number of technicians that told me that they've never before in history ever even once experienced any kind of problem of any sort with Endpoint Protection ... so maybe the problem is that the problem never passed the tech support/engineering barrier.
We have the security PC doing AppScan on regualr basis but being blocked by Intrusion Prevention
How can I create Exception for this PC to do the AppScan?
Hi,
I recently upgraded our SEPM to 14 and been pushing out the new version to all clients.
On the Clients page >> Policies tab >> General Settings >> Restart settings >> Custom restart >> Prompt and allow user to delay restart until: Scheduled time.
What is the Scheduled time? Where can I find that?
Henry
i have more than 2500 clients and some clients are having windows xp and windows 2003
i have 12.1 two servers one is active and second is replica and i have SQL on both servers and replication time is 1 AM over the night daily
now i want to upgrade version 14 but i want to keep version 12.1 servers to get update for windows xp and 2003 server. i have more than 50 remote sites and each site i have one GUP and the link speed is only 1 Mbps if i upgrae from 12.1 to version 14, than version 14 SEPM doesn't support 12.1 definition and clients with 12.1 will not update the latest definition and on remote site i can not upgrade my all clients on a single day because i dont have any SCCM or desktop manager so i have to use autoupgrade through SEPM server
i am looking a solution that i will keep old servers and add new servers as well version 12.1 will communication with old sepm and version 14 will communication with sepm 14
i will upgrade version 14 but its time taking once i will upgrade all client i will remove sepm 12.1
can you please suggest me what to do and how to do ?
Thanks
Hi
When i block the traffic for example for MS Word to our proxy, word will stops responding, until the tcp-timeount.
I suspect, that SEP dropo the traffic, without sending a feedback back to the source (MS word).
How can i presume, that SEP makes a reject? Am I the only one with this issue?
Puemer
Quick Questions:
SEP, If I will delete a host on SEPM because it is offline on SEPM. Does it will return and report again to SEPM? (I will not uninstall the agent)
HIPS, How will I exclude the Nessus scanner on HIPS, looks like Symantec blocking the scanners.
I would like to add an IP the the SEPM so that workstations in the environment will not respond as being attacked and locking the IP out for 600 sec
What is the step by step?
Thanks!!