SEP14.x no loner works on Windows 7 fresh install

December 13, 2019, 11:49 am

≫ Next: 2 .slf files each with half of the total number of current licenses

≪ Previous: SEPM affecting domain joining from remote system

$

0

0

I do not need a solution (just sharing information)

I have recently discovered that SEP 14.x is no longer compatible with Windows 7. when attemping to add a managed client to a workstation using prepared exe package on a machine that never has had sep on it  the installer fails and rolls back. Management console sends new client email but live update never runs and event viewer has new entries in application. 

Errors; event ID, 34, 35, when defender product disabled changes to 36, 37. installer error 1603.

 I tried all the tricks, manually installing from media, disable defender and or essentails, clean boot etc. no luck. Then i build a new install patched it to 2019-10. and voulla it worked. management console send email and live update runs. Or so i thought. when you open the aspplication it hanges and never opens and live update never finishes 'finalizing updates'. Version 12.6 installs on original worstation with out a hitch.

0

---

2 .slf files each with half of the total number of current licenses

December 13, 2019, 8:43 pm

≫ Next: Dump Folder Space Utilization

≪ Previous: SEP14.x no loner works on Windows 7 fresh install

$

0

0

I need a solution

about.slf

the license we have expires on Dec. 17, 2019

The problem is that we now have the possibility to extend it until the end of January, only that we have received 2 .slf files each with a number of half of the total licenses.

if I renew in SEPM console with the first .slf and then with the second I will have their sum finally?

we currently have a large number of licenses

0

Dump Folder Space Utilization

December 16, 2019, 1:27 am

≫ Next: Free memory and hard disk space require to download virus definition

≪ Previous: 2 .slf files each with half of the total number of current licenses

$

0

0

I need a solution

Hello everyone, the C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\dump is utilizing considerable amount of disk space. Is it safe to delete the temp files inside this if yes then how ?

0

• screen.png

Free memory and hard disk space require to download virus definition

December 16, 2019, 8:10 am

≫ Next: CRITICAL: SYMANTEC TRIAL LICENSE EXPIRED

≪ Previous: Dump Folder Space Utilization

$

0

0

I need a solution

What is the minimum free memory and hard disk space require to download virus and spyware definition by SEP client?

0

CRITICAL: SYMANTEC TRIAL LICENSE EXPIRED

December 16, 2019, 8:23 am

≫ Next: How to install SEP Package in the SEPM endpoint

≪ Previous: Free memory and hard disk space require to download virus definition

$

0

0

I need a solution

I recieve an email every week that warns me of a customer's trial license being expired since 2015.  The server for this was never connected to the internet, and is currently de-commissioned.  The hardware is not installed, powered, or working.  It never had an email server, and cetainly does not now have the capability to email.

How can I stop this email from coming in?

0

How to install SEP Package in the SEPM endpoint

December 10, 2019, 4:57 pm

≫ Next: symantec analysis

≪ Previous: CRITICAL: SYMANTEC TRIAL LICENSE EXPIRED

$

0

0

I need a solution

Good day everyone, I have a working SEPM and all SEP clients across my infrastructure are communication properly to this SEPM. My question would be how can I install the SEP on the Windows 2016 server where I also have my SEPM client installed. I noticed that this server is not protected by SEP and if I add this Win2016 server in the Clients -> Install a client -> (and the entire wizard of adding and remote pushing SEP), at the end of the process, it will just fail. So I just want to install SEP manually be it managed or un-managed. Thanks a lot folks!

0

symantec analysis

December 10, 2019, 8:08 pm

≫ Next: Free memory and hard disk space require to download virus definition

≪ Previous: How to install SEP Package in the SEPM endpoint

$

0

0

I need a solution

Dear all, 

How about the SMG.Heur!gen Malware and Remacc.Amyy Security Risk , is there influence for computers and network? Thanks a lot.

0

Free memory and hard disk space require to download virus definition

December 16, 2019, 8:10 am

≫ Next: CRITICAL: SYMANTEC TRIAL LICENSE EXPIRED

≪ Previous: symantec analysis

$

0

0

I need a solution

What is the minimum free memory and hard disk space require to download virus and spyware definition by SEP client?

0

---

CRITICAL: SYMANTEC TRIAL LICENSE EXPIRED

December 16, 2019, 8:23 am

≫ Next: SEP Upgrade from 14.2.1031 (MP1) to 14.2 RU2

≪ Previous: Free memory and hard disk space require to download virus definition

$

0

0

I need a solution

I recieve an email every week that warns me of a customer's trial license being expired since 2015.  The server for this was never connected to the internet, and is currently de-commissioned.  The hardware is not installed, powered, or working.  It never had an email server, and cetainly does not now have the capability to email.

How can I stop this email from coming in?

0

SEP Upgrade from 14.2.1031 (MP1) to 14.2 RU2

December 16, 2019, 10:27 am

≫ Next: Chrome Version 79.0.3945.79 Aw, Snap

≪ Previous: CRITICAL: SYMANTEC TRIAL LICENSE EXPIRED

$

0

0

I do not need a solution (just sharing information)

Is it possible to upgrade the clients from 14.2.1031 MP1 to 14.2 RU2 without upgrading the SEPM Server?

0

Chrome Version 79.0.3945.79 Aw, Snap

December 10, 2019, 8:42 pm

≫ Next: Can be use MD5 Blacklists from SEPM to use with SEDR?

≪ Previous: SEP Upgrade from 14.2.1031 (MP1) to 14.2 RU2

$

0

0

I need a solution

I am having the issue which stated at https://support.symantec.com/us/en/article.tech256... again.

I am running SEP 14.2.3332.1000 and having the application control data definition 191025252

Now, i am using reg key ("RendererCodeIntegrityEnabled") workaround.

Any idea?

0

Can be use MD5 Blacklists from SEPM to use with SEDR?

December 16, 2019, 10:11 am

≫ Next: SEP Upgrade from 14.2.1031 (MP1) to 14.2 RU2

≪ Previous: Chrome Version 79.0.3945.79 Aw, Snap

$

0

0

I need a solution

My SEPM Environment has integrated with SEDR and already have enabled System Lockdown for blacklists mode.
Question: On SEPM already has blacklists using MD5 value, It requires creating blacklists using MD5 on SEDR or not?
I don't sure if Integrated between SEPM and SEDR can be only MD5 on one side or must import md5 to both?

0

SEP Upgrade from 14.2.1031 (MP1) to 14.2 RU2

December 16, 2019, 10:27 am

≫ Next: how to block microsoft store

≪ Previous: Can be use MD5 Blacklists from SEPM to use with SEDR?

$

0

0

I do not need a solution (just sharing information)

Is it possible to upgrade the clients from 14.2.1031 MP1 to 14.2 RU2 without upgrading the SEPM Server?

0

how to block microsoft store

December 17, 2019, 3:45 am

≫ Next: Installing Windows clients with Microsoft SCCM/SMS

≪ Previous: SEP Upgrade from 14.2.1031 (MP1) to 14.2 RU2

$

0

0

I need a solution

Hello

please i need to block microsoft store , any suggestions

0

Installing Windows clients with Microsoft SCCM/SMS

December 11, 2019, 7:42 am

≫ Next: how to block microsoft store

≪ Previous: how to block microsoft store

$

0

0

I do not need a solution (just sharing information)

Follow “Steps1” to “Step 4” from below procedures provided by Symantec Support.

Step	Description
Step 1	Export a managed client installation package from Symantec Endpoint Protection Manager that contains the software and policies to install on your client computers. By default, a managed client installation package contains a file named Sylink.xml, which identifies the server that manages the clients.
Step 2	Create a source directory and copy the Symantec client installation package into that source directory. For example, you would create a source directory and copy the Setup.exe file that you exported from Symantec Endpoint Protection Manager.
Step 3	In SCCM/SMS, create a custom package, name the package, and identify the source directory as part of the package.
Step 4	Configure the Program dialog box for the package to specify the executable that starts the installation process, and possibly specify the MSI with parameters.

Once you completed the above procedures, follow below recommendations.
Step	Description
Step 5	Open System Center Configuration Manager (SCCM) 2016Console and look for Applications from the Software Library. Click Software Library, Overview, Application Management;
Step 6	Right Click, Applications and select CreateApplication
Step 7	Create Application Wizard will open From General, select Automatically detect information about this application from installation files; Click Browse and locate any dummy MSI file, then Click Next
Step 8	From Import Information, Click Next
Step 9	From General Information Enter the Application details; Select Install for system if resource is device; otherwise install for user; then Click Next
Step 10	From Summary, Click Next

Step 11	From Completion Window, Click Close to complete the Application Wizard. Symantec EndPoint Protection Application is now created with below details.
Step 12	From Applications List; Right Click on Symantec EndPoint Protection; then Select Properties
Step 13	From Symantec EndPoint Protection Properties Look for Deployment Types; Click Add; Then follow Create Deployment Type Wizard
Step 14	Create Deployment Type Wizard will open From Specific settings for this deployment type, Select Script Installer from the dropdown;
Step 15	From General Information Enter Name and Administration comments; then Click Next
Step 16	From Content, From Content locations, click Browse then locate the location of Setup.exe; Sample: \\sccm01\Sources\Applications\Symantec\Client Installations\My Company_Head Office_WIN64BIT From specify the command used to install this content, Click Browse, select Setup.exe file; then Click Next
Step 17	From Detection Method Click Add Clause…
Step 18	Detection Rule Pop-up will open, From Specify the file or folder to detect this application, Click Browse, locate the Setup.exe file from local SCCM folder; Click Ok twice; then Click Next
Step 19	From User Experience, Select Install for system if resource is device; otherwise install for user; Click Next four times until Completion; then Click Close
Step 20	From Symantec EndPoint Protection Properties Delete the MSI File; Click Yes; then Click OK Note* Make sure to keep Symantec EndPoint Protection with Script Type only. Now you have working Symantec EndPoint Protection application and start deploying

0

---

how to block microsoft store

December 17, 2019, 3:45 am

≫ Next: Is it SEP 15 still?

≪ Previous: Installing Windows clients with Microsoft SCCM/SMS

$

0

0

I need a solution

Hello

please i need to block microsoft store , any suggestions

0

Is it SEP 15 still?

December 17, 2019, 5:45 am

≫ Next: SEP 14/15 runs in Safe Mode?

≪ Previous: how to block microsoft store

$

0

0

I need a solution

You'd think as a 10-year partner of Symantec I'd have an answer to this but alas, Symantec's communication to partners is spotty at best.  I get every email they send, but not once do I recall hearing that there was a renaming of the product.  Today I go to symantec.com and find that "Endpoint Protection" no longer exists, now it's Symantec Endpoint Security Enterprise, I'm 96.7% sure.  Is that correct, SEP 15 is basically now "SESE" ?  I know there's "SES Complete" as well but that's clearly understood, just the SES E" version I wanted to check on.  

And let's hope they never come up with Symantec Endpoint Xchange or what not.  

0

SEP 14/15 runs in Safe Mode?

December 17, 2019, 6:01 am

≫ Next: Questions on Memory Exploit Mitigation

≪ Previous: Is it SEP 15 still?

$

0

0

I need a solution

Hi all.  I lack the ability to confirm this for myself anytime soon due to lack of a machine with SEP 14/15 that I can reboot , but does SEP fully run in safe mode?  I ask because of that recent security bulletin about whatever the ransomware name was where it reboots the computer and runs itself in safe mode so AV is bypassed.  I have to think SEP is robust enough to run at all times but as I said, I can't test :(

Thank you.  

0

Questions on Memory Exploit Mitigation

December 11, 2019, 9:02 pm

≫ Next: Live Update from GUP server

≪ Previous: SEP 14/15 runs in Safe Mode?

$

0

0

I need a solution

Hello there,

We are planning to enable MEM protection in our environment with on-prem SEPM. I have gone through a few articles listed below for Memory exploit mitigation but still have a few queries. Can someone please help me on this ? Thanks.

1.  Currently MEM policy is conifgured as "Set the protection action for all techniques to log only" but I don't find any logs related to MEM in SEPM (Monitors > Logs > Network and Host Exploit Mitigation log type > Memory Exploit Mitigation log content > View Log). Does that mean MEM doesn't see any exploits from the listed applications ?

2. Does MEM protects both 32 bit & 64 bit applications running on 32 bit or 64 bit operating systems ?

3. I see some posts and articles where MEM blocks the legitimate applications, causing the applications to crash etc.. So MEM detections are more of false positivies ?

4. Is it advisable to enable MEM protection in production environment ?

Articles I checked so far:

https://support.symantec.com/us/en/article.howto127047.html

https://support.symantec.com/us/en/article.howto127057.html#v121578842

https://support.symantec.com/us/en/article.HOWTO127178.html

https://support.symantec.com/us/en/article.TECH251437.html

Let me know if there are any other MEM articles which will be helpful. 

0

1576522423

Live Update from GUP server

December 11, 2019, 10:11 pm

≫ Next: Is it SEP 15 still?

≪ Previous: Questions on Memory Exploit Mitigation

$

0

0

I need a solution

Hello,

We have GUP server installed in the location but still, the client system is taking an update from Live Update Server instead from GUP server. Please let me know what could be the issue.

0