Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all 10484 articles
Browse latest View live

SEP 15 - file hash calculated incorrectly

February 20, 2019, 1:17 pm
$
0
0
I need a solution

Just started to test SEP 15, and installed it on my test machine using the default policy.

It identified a file, NTOSKRNL.EXE, with the following filehash:

5379732000000000000000000000000000000000000000000000000000000000

This hash is not correct, as using the powershell get-filehash command provides this instead:

C732B1DD3480285B6666641BC417A0C897884331229F47B055B79A9E42DF4282

Which is a known file on VT.  Any idea why Symantec's hash calculation would be incorrect?  Or what I should do next?

0
Search

To notify users about the Environment in Sepm

February 20, 2019, 3:56 pm
$
0
0
I need a solution

Hello
I'm looking for a tip who can help me to add an customized image on the login screen of sepm.. The idea is to let the Administrators to know what environment are they logging on to.

I know this was already achieved by modifying a Php file, but just can't get it to work.
Thanks for the help!

0

Ultraviewer Remote Control SW (Flagged as Heuristic Virus)

February 20, 2019, 11:43 pm
$
0
0
I need a solution

Hello Symantec team/community,

Recently installed Ultraviewer as an alternative for Teamviewer,

could you elaborate on why it's getting flagged as an heuristic virus

Incident Details
UltraViewer_setup_6.2_en.exe (Heur.AdvML.C) detected by Auto-Protect

Threat Name
Heur.AdvML.C

Threat Type
Heuristic Virus

File Name
C:\Users\CoffralReginaldGondo\Downloads\UltraViewer_setup_6.2_en.exe

Action Required
Resolved - No Action Required

Thank you in advance for your time and consideration.

0

Clients with disabled Status

February 21, 2019, 6:18 am
$
0
0
I need a solution

Hello all,

we have a customer with about 850 clients in "disabled" status. Mostly SONAR and/or Tamper Protection. The number varies a lot and was above 3000 a couple of weeks ago... 

Any adivce on how to solve issues with malfunctioning components? I also don't really understand what is causing the client to report that a component is malfunctioning...!?

Thanks in advance!

0

New Phishing threat

February 21, 2019, 7:15 am
$
0
0
I need a solution

Hello,

There is a new phishing threat that deletes the url links from office document (.xml.rels) If this type of files is tempered with will anti-virus block it? Is there something in the works for addressing this issue? For full explaination see link below

Thanks

https://www.helpnetsecurity.com/2019/02/20/phisher...

0
1550765238

Custom Scan - is it more customizable?

February 21, 2019, 8:51 am
$
0
0
I need a solution

I only see the following folders in the Custom Scan section:

Common_Appdata

Common_DesktopDirectory

Common_Documents

Common_Programs

Common_Startup

Program_Files

Program_Files_Common

System

System_Drive

User_Profile

Windows

Is it possible to be more selective with these custom scan?  What if just want to exclude one of these folders?  Or just scan a single drive letter?

Thanks,

Brett

0

Need to update Client list to remove old licenses

February 21, 2019, 12:43 pm
$
0
0
I need a solution

So, we recently rolled out several new computers on our network, and now we're getting an Over-Deployed warning.  We're currently synced with Active Directory so we're unable to remove the clients from the Manager directly, and deleting the computers from the Active Directory is out of the question.  I've already updated the time period to remove old clients from the network from 10 days to 3, but it appears that change hasn't applied yet, as some of the clients that are almost a week old and off the network are still listed.

What I'd like to do is force the SEPM to poll the network and delete any clients that meet the new timing window, if that's possible

0

Host Integrity checkup

February 21, 2019, 9:34 pm
$
0
0
I need a solution

Need to  implement Host Integrity checkup in  end users pc so that every workstations meets the compliance.  Here need  to check whether workstations has the  latest patch of AV or not. If it fails then workstation must be able to communicate with AV server only and should not be able to communicate with any other networks until its compliant

0
Search

Remotepush

February 22, 2019, 12:21 am
$
0
0
I need a solution

Hi All,

May I know what is the difference between Remote push and Push deployment wizard.

For some machine when i tried to deploy the symantec via Remote push- it is not happening but it is working with push deployment wizard tool.

 As per my knowlegde we use both Remote push and Push deployment wizard for the deploying the package-- they both plays the same role.

But still i could find the odd thing in it.

Please suggest on this

Regards,

Harish

0

SEPM Cloud Portal policy status question

February 22, 2019, 9:09 am
$
0
0
I need a solution

I recently enrolled my on prem 14.2 SEPM to the Cloud Portal and I'm having difficulty finding documentation on the interpretation of the Policy>Policy Status column.  Every policy shows a status of "Draft".  When I click on the eliptical for policy options I see the following choices: Apply, Duplicate, Remove, Delete and Publish.  First, can anyone tell me what the "Draft" status means?  Also what is the difference between "apply policy" and "publish policy"?

0

SEP Computer need to restart

February 22, 2019, 9:26 am
$
0
0
I need a solution

Dear,

One question for you, when send a deploy from the sepm console, an the computer is in the state restart requiered, the new definition send form SEPM is take from the client or the computer has to be restart .

Regards

Miguel Angel

0

Google File Share and SEP Cloud Colliding?

February 22, 2019, 12:21 pm
$
0
0
I need a solution

Could it be possible that SEP is causing file share to have issues. On a few of the computers here on the network they just seem to be constally downloading the same files which is causing the network to slow down immensley.

0

ccSvcHst.exe flooding security logs with failed write access

February 22, 2019, 12:23 pm
$
0
0
I need a solution

Only on my Domain Controller (Windows Server 2k8 R2) I am seeing my security logs flooded with Failed Audit Access events during every system scan. The process is ccSVCHst.exe (running as System) and it appears it is failing access on most everything under C:\Windows\*.

I have checked the specific file permissions on a few of the failed items and System only has Read & Execute. The failed audit flag is showing ccSvcHst.exe is being denied WRITE accesses to each file which is why the event is being logged. I wanted to see why ccSvcHst.exe virus scanner is needing WRITE permissions to these files and how to best fix this. I did not want to exclude C:\Windows\* from the daily scans as that would be a large chunk of critical files not getting scanned. I also did not want to grant WRITE access to System for all those files until I found out why it needed WRITE accesses. 

I have this same SEP scan running on my Windows 7 clients and it has none of these errors shown even though the NTFS file permissions are identical with only allowing System Read & Execute. 

0

Extended Support SEP 12 - LUA Server

February 22, 2019, 12:34 pm
$
0
0
I need a solution

Dear,

At the momment in my environment some Windows Xp and Windows 2003 are online and dont is possible to migrate to other version after the time of end support to SEP 12 ( Next 4/3/2019) and they going to buy a extend support .

My question about is , I have to update the sepm license and its all? or a have to make another change?

Additional , I am using a LUA Server to download the virus def, the lua still recieve the definition from Sep 12.x ?

Regards

Miguel Angel

0

How to hide the pop up Console window when I run sms.exe

February 22, 2019, 7:28 pm
$
0
0
I need a solution

Hey guys:

When I stop SEP network thread protection in this way: Win+R, and then type "smc -disable -ntp" and press ENTER, it worked but popped up a Console window and then closed it by itself.

So is there any way that I can hide the pop up console window? Such as appending other arguments. I try to run this command "smc -h" or "smc --help" but it show nothing.

I want to hide it because I try to program with SEP in python, but this pop up window causes some error.

Thank you in advance!

0
1550972304
Search

Why printer Lexmark generate attack in network

February 25, 2019, 12:22 am
$
0
0
I need a solution

Hi everyone 
I have a question about attack printer Lexmark in network. How can I scan or diagnostic problem? I don't have add printers in symantec manager. what the printer can look for on the web.

Thank you for your response

0

Firewall policy - strange behaviour

February 25, 2019, 9:01 am
$
0
0
I need a solution

I have SEP 14.2 

At server side I've created the firewall policy in which allow all traffic for choosed network service (TCP 3422 and UDP 3422 - remote, both directions;  Ethernet 0x892e outgoing). 

But at client side this ploicy not works ... I've set traffic logging - but it also not works ...

If I create same rules directly at client side - it works and traffic allowed.

In system log I see that policy was successfully installed.

Where am I wrong ?

0

How can I automatically place clients in specific groups by IP from the SEMP console without a script?

February 26, 2019, 7:38 am
$
0
0
I need a solution

How can I automatically place clients in specific groups by IP from the SEMP console without a script? 

The main idea is that customers automatically know to move to the groups that correspond to their corresponding subnet.

0
1551197878
5451421

Application in server performance issue

February 26, 2019, 8:00 am
$
0
0
I need a solution

Hi All,

Currenty we are facing problem with the application running in the server in which the SEP client is installed. At the time of symantec scan the application in the server almost unusable. We have also added the application folder and its path in exclusion list to ignore the scan. still we are facing the same issue. Please suggest us to avoid slowness of application while performing scan.

0

No of machines can be added as Multiple GUPs

February 26, 2019, 8:43 am
$
0
0
I need a solution

Hi,

We are creating Multiple and explicit GUPs in our enviroment and have few questions

1. How many machines we can add as Multiple GUP in the liveupdate policy. If we add 100 machines as multiple with name and IP address.

Is there any performance problems?

2. How many subnets we can add to map a particular GUPs? Is there any limitations. 

Regards

Sharma

0
Viewing all 10484 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>