Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all 10484 articles
Browse latest View live

Windows 10 tools not working with SEP

March 22, 2018, 7:31 am
$
0
0
I need a solution

Hello, 

i have an issue with W10 and SEP.

When i install SEP all W10 (Edge, photos, Start buton...) stop working; no error msg. the app open then close

DxDiag OS :

Operating System: Windows 10 Professionnel 64-bit (10.0, Build 16299) (16299.rs3_release.170928-1534)
Language: French (Regional Setting: French)
System Manufacturer: HP
System Model: HP 260 G2 DM
BIOS: 02.03
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz (4 CPUs), ~2.4GHz
Memory: 4096MB RAM

SEP installed: 

14.0.3897.1101 & 14.0.3752.1000

do you have any idea about this ?

Thanks 

N.Achraf

0
Search

SEPM Home page -> Endpoint Status

March 22, 2018, 9:13 am
$
0
0
I need a solution

Hello,

I am trying to find out what exactly Home page -> Endpoint Status shows. 

First thing is that it doesn't seem the numbers for "Total Endpoints" or for Offline for example is for past 12h or 24 hours as written in the article below:

https://www.symantec.com/connect/forums/home-tab-e...

Even though it is not for past month. When I check Total number or Offline, and run Computer status log for past month I am getting numbers close to these on the Home tab but not the same. If I run the log for past 12h or 24h, absolutely nothing common between both numbers. 

Anyone from Symantec to give more details on this? Can we assume that it is for past month and not 12/24h?

Thanks in advance

0

Unable to login to SEPM for some users

March 22, 2018, 9:20 am
$
0
0
I need a solution

Greetings.

I am managing a test server for my companies upgrade to SEP14 in the coming weeks.  My manager wants to ensure all of my team can login to the SEPM console, however two of them can not.  I set up the accounts myself, and only two out of 7 have a problem.  They keep getting a message stating wrong username ot password, but they are 100% positive they not typing it wrong.  I'm using LDAP authentication, and as mentioned, it works fine for me and a few others.  I even went and deleted one of them completely, and recreated their account as a full system administrator, and they still can't seem to login.

Is there any log created for failed attempts, or any other way to diagnose why these two users can't login?

Note, I can login fine on my PC, and also on those two users PCs.  So it's not a bad install of the SEPM console, just seems to be targeting those two.  I also had them try to login to the console directly on the server, and they still get the same denial.

Thanks!

-ricka

0

2018 Internet Security Threat Report Now Available (Free)!

March 22, 2018, 10:34 am

Unmanaged Detectors by Subnet - Only 1 subnet reports

March 22, 2018, 12:46 pm
$
0
0
I need a solution

I have two subnets and in each I have enabled unmanaged detectors. I only receive notifications in 1 subnet, the main one of concern doens't report any unmanaged clients (and I definitely know there are). Any suggestions? This is a very key and important feature we need.

0

SEPM Monitors - Report - Client Version vs Policy Version

March 22, 2018, 12:47 pm
$
0
0
I need a solution

I have generated a report by exporting in Montiors (SEP 14.1). One colunm heading displays Client Version, containing a mix of 12.1.xxxxx and 14.0.xxxxx.

A second column heading displays Policy Version, but seems to contain a consistant 14.0.xxxxx. Please explain the difference.

I have a mix of Mac clients, 10.11,10.10,10.8,10.9 , Windows 7, Windows Servers(2008 - 2012).

My Guess is that I have defferent versions of the SEP agent on my clients, but they all contain the updated definitions. Is this correct?

Should I be making an effort to get all of those client agents to 14.0.xxx?

Thanks

0

Need to migrate version 12.1.6 to 14x on new server and OS

March 23, 2018, 6:41 am
$
0
0
I need a solution

Hello, We currenlty are running Endpoint Protection 12.1.6 on server 2008 32 bit. We now want to go to version 14.x which I know has to be installed on a 64 bit OS. So we are going to insatll a new server with 2012 R2. My question is, what are the steps that I need to perform this and are we able to migrate the database from the 12.1.6 server to be used on the new server running 2012 R2 and Endpoint 14.X?

0

SEP 12.1.6.7 doesn't work on this version of Windows 10

March 23, 2018, 7:26 am
$
0
0
I need a solution

Hello,

A client was having some issues with their SEP and I did an uninstall and then attempted a reinstall using the same package of SEP it was previously using only to get the following error:

"Symantec Endpoint Protection doesn't work on either version of Windows. An updated app may be available."

I ran the CleanWipe Utility and then attempted the reinstall again, same error. I tired an older version of the package, same error.

Our help desk guy built a new PC last week on the same build of Windows 10 and using the same package. No issues.

Anyone have any idea what I should try next? Or what could be causing this error? Compatability doesn't seem to be the issue.

Thanks!

0
Search

Install AntiVirus Symantec on Mail-Server Debian 9 with Amavis

March 23, 2018, 9:43 am
$
0
0
I need a solution

Hi,
I would like to protect the mail-server of our company, which provides the service of email boxes for customers, with Symantec AntiVirus.

These are two servers in geographic cluster, one public and the other of backup that intervenes in case of failure of the master, with Linux Debian 9, Postfix, Amavis, Spamassassin and currently ClamAV.

Symantec antivirus should replace Clamav (low performance) to protect our customers' email accounts so that they do not receive infected emails.

In the configuration file of Amavis  named 15-av_scanners are preconfigured different antivirus software and with regard to Symantec there are these two configurations:

  ### http://www.symantec.com/
  ['Symantec CarrierScan via Symantec CommandLineScanner',
    'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
    qr/^Files Infected:\s+0$/m, qr/^Infected\b/m,
    qr/^(?:Info|Virus Name):\s+(.+)/m ],

  ### http://www.symantec.com/
  ['Symantec AntiVirus Scan Engine',
    'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}',
    [0], qr/^Infected\b/m,
    qr/^(?:Info|Virus Name):\s+(.+)/m ],
    # NOTE: check options and patterns to see which entry better applies

I kindly ask what is the best way to protect the mail-server and where to find the prices, files and instructions to proceed.

Thanks a lot,
Luca

0

UMEngx86.dll causing unexpected exceptions... need a way to force load it

March 23, 2018, 1:20 pm
$
0
0
I need a solution

As a software developer, I have an app that consistently crashes when SEP injects the UMEngx86.dll into my application.

It's a terrible user experience for my customers (and for me) to need tell my customers that they need to turn off SEP Active Threat Protection in order to run my app!

I started to try to identify what part of my app is crashing when SEP is injected... but since my last reboot, SEP no longer injects UMEngx86.dll into my application.

To debug this problem to see if it's my fault or a fault in SEP, I need a consistent way to have SEP predictably load UMEngx86.dll into my application.

SEP has a "whitelist" to always allow execution of apps without subjecting them to scanning or DLL injection.

SEP has a "blacklist" to always prevent certain apps from even executing.

What I need is a "graylist" rule or some other debug mechanism that lets me identify an app by a specific file name (optionally on a specific computer or group of computers), such that these apps are always injected with the UMEngx86.dll, to aid in debugging problems triggered by SEP.

Note that the failure was consistently occurring ONLY when these DLLs are injected:
C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.2415.0200.105\Data\Definitions\BASHDefs\20180306.005\UMEngx86.dll

C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.3897.1101.105\Data\Definitions\BASHDefs\20180317.001\UMEngx86.dll

It never occurs on a clean VM (no SEP) nor when the DLL is not injected.

The Windows Error Report isn't always the same. Two examples follow:

Sig[3].Name=Fault Module Name
Sig[3].Value=StackHash_af85
Sig[4].Name=Fault Module Version
Sig[4].Value=0.0.0.0
Sig[5].Name=Fault Module Timestamp
Sig[5].Value=00000000
Sig[6].Name=Exception Code
Sig[6].Value=80000003
Sig[7].Name=Exception Offset
Sig[7].Value=PCH_F3_FROM_ntdll+0x000771AC

Sig[3].Name=Fault Module Name
Sig[3].Value=StackHash_738d
Sig[4].Name=Fault Module Version
Sig[4].Value=0.0.0.0
Sig[5].Name=Fault Module Timestamp
Sig[5].Value=00000000
Sig[6].Name=Exception Code
Sig[6].Value=c000041d
Sig[7].Name=Exception Offset
Sig[7].Value=PCH_A7_FROM_MSCTF+0x0001E91B

Thanks,
--Steve

0

SEPM 14 shows users from active directory is Offline

March 23, 2018, 8:26 pm
$
0
0
I need a solution

We integrate AD to our SEPM14 and create a group for Users. The integration was successful but after checking the Users Group, only one user shows online, others are offline. We also check the SEP Client and its show online.

May we know the reason. Attached file fyr.

Thank you

0

SEPM Failover

March 25, 2018, 1:42 am
$
0
0
I need a solution

Hi folks,

I'm deploying two SEPM servers in datacenter A and data center B pointing to SQL DB hosted in Datacenter A. Do I need a seperate hardware device for failover between two SEPM servers?

Also I'm after the data flow design between SEP components.  Can someone share insight at the earliest?

Regards,

Harry

0

The application was unable to start correctly (0xc0000022).

March 26, 2018, 4:13 am
$
0
0
I need a solution

Lately some of our clients cannot start SEP, SymCorpUI.exe gives an error:

"The application was unable to start correctly (0xc0000022). Click OK to close the application"

It might be after the latest windows patches, but I'm not sure. Any ideas?

0

Auto scan USB

March 26, 2018, 5:01 am
$
0
0
I need a solution

Does SEP 14.x support auto scan of usb devices when connected? Can setup the policy to block USB devices once detected the antivirus?

0

SEP and Bitlocker causing BSOD

March 26, 2018, 7:38 am
$
0
0
I need a solution

We recently rolled out SEP 14.1 to our clients and we have had a handful (probably 15 of about 8000) get into a BSOD condition where the SEP early protection driver seems to conflict with BitLocker. The solution we have been implementing to get things working is to unencrypt the drive manually in Safe Mode, boot normally and remove sep, reencrypt, then reinstall SEP. 

These PCs have all been for users that could not spare their PCs for a root cause analasys so the above is all i know for sure at thie time. Does anyone have any insight on this?  

-Win 10 1607 with Feb 2018 updates

-SEP 14.1 build 3876.1100

0
Search

SEPM 12.6 MP5 - SEP Accidental Update To 14/0.1 MP1

March 26, 2018, 12:53 pm
$
0
0
I need a solution

Our server team inadvertently updated SEP on our SEPM 12.6 MP5 Servers to SEP 14.0.1 MP1 and now the Servers show Virus Definitions Not Available.

Consoles are 12.6 MP5

now - SEP client version is 14.0.1 MP1

I am manually copying the .jdb file to these servers as they are in a secure location and do not have access to the internet.  The clients have the definitions that were copied today and seem to be fine.  When I display the servers under Clients --> My Company --> Servers it shows Virus Definitions Not Available.  The Servers are failover servers and manage each other.  

Is there anything I can do short term to get  the concoles virus definitions up to date?  

I do realize I can uninstall SEP or upgrade SEPM ... looking for something quicker.

Thanks!

0
1522100675

SEP client version 14 syamntec CMC SmcGui( 32bit)

March 26, 2018, 1:39 pm
$
0
0
I need a solution

Hello All,

In one sep clinet shwoing mutiple syamntec frame work and syamntec CMC SmcGui. the sep client is latest version.

Os :windows 2012

64bit

issues: showing multiple syamntec frame work services and CMC SmcGui.

Am attachinting the screen shot for your refrence.

I request you to help on this.

0

Unable to install Symantec Client 14.0 in 2012

March 26, 2018, 9:39 pm
$
0
0
I need a solution

Hi All,

Iam trying to install Symantec Client 14.0 in Windows 2012. Previously, we had 12.4100 installed in the server and we tried installing 14.0 over it which failed. We then uninstalled the exisitng symantec 12.4100 version and tried installing 14.0 for which it doesn't install and also doesn't throw any errors. 

While trying to install again, the error which throws is "pending system changes that requires a reboot". We even tried rebooting the server but to no help. Please let us know how to further troubleshoot fixing the issue.

Regards,

Anishk

0

Creating case in Mysymantec

March 26, 2018, 9:52 pm
$
0
0
I need a solution

Hi all,

Iam trying to create a case in mysymantec. I have selected my product as Endpoint protection and asks for "choose entitlement". This option is blank for me and i don't know how to proceed further. Please help.

Regards,

Anishk

0
1522131763

Quick Reports vs Time Range

March 27, 2018, 2:03 am
$
0
0
I do not need a solution (just sharing information)

Hello,

Can someone confirm that Time Range in Quick Reports is correlated with Last Time Status Changed? Meaning that when You have servers that are offline for more than 24hrs they will not be visible in the report with Time Range set as "Past 24 hours".  (Type of report doesn't matter it affects all as far I can see)  This is a bit confusing when generating daily reports with 24h time range :) In that case, I think past month in time range should do the job having 25 days client deletion period. 

Cheers..  

0
Viewing all 10484 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>