We are usuing Symantec Endpoint Protection v11.0.4202. This makes compaq presario v3000 laptop slower. Host OS is XP. It effect on the performance badly.It works fine on the other computer and Laptop. Why that particular model getting slower??

Can anyone help???

    We are usuing Symantec Endpoint Protection v11.0.4202. This verson can not detect the virus named "Folder.exe" and "Autorun.exe". This two particular virus can detected by other antivirus software. The antiviurs is regularly updated. So what should we need to do? Can anyone help?

 

First off let me appologize for posting in the wrong area. About 2 years ago, I purchased a SGS 1620 appliance from a party online via ebay, the license for subscriptions is expired by a long shot so downloads and support are a no go, but we still have the base license for FW, VPN, etc.  My question is, and also why I posted this in the wrong area, does someone know where I can grab the vpn client 9 zip from?  I recieved the appliance in a sealed box with securirty tape that was from Symantec for a refurbished unit.  It came with 2 used media kits, and one sleve for the VPN client, with out the cd. If an employee would like to view my license details I can PM them to them.  It just very irritating that I dont have download access for any software for the unit since the license expired, and it is no longer supported at all starting in late 2009.  I still  like this unit very much and would like to continue using it, have given up on finding new licenses, but am pleased with the availibilty to still run as a firewall and vpn appliance.

Thank you,
Adam

We just replicated our old End Point Protection Manger server (11.5) over to our new Windows 2008 R2 server.  We assigned all our polices over to the new server and took down the old server.  We removed the old server from the replication lists and policy lists.  All client now use the new server for policy and updates.

However, the new server can't proccess any liveupdates.  All attempts come back with a return code of 1.  At the same time liveupdate is running I also see this error "Failed to create a folder to which to publish the package" which to means that it can't save the updates to publish to clients.  I gave the Authenticated users full control over the symantec  end point protection manager folder under Program Files (x86) as well.

Anyone have ideas on resolving this?  I rather have my clients protected.

Hello everyone. 

I recently started noticing that my desktop machine will not reboot or shutdown without being forced. Its triggering an event 1073. I have AV, PTP, and NTP installed on the affected client. I also have a laptop with the same installation. Its it not being affected in this regard. When I uninstall the client shutdown/reboot works normally. Opon reinstallation the behavior returns. I have performed an uninstall, test, reinstall several times and the the behavior is consistant.

So far google searches have not yielded any solution.

Does anyone have any idea what might be going on? 

Thanks for your time.

Sam

After installing Symantec Information Foundation Mail Security for Exchange 6.5.0.67 on a Server 2008r2 (in an ESXi) with Exchange 2010 the system starts with several errors and creates some thousands (!!!) events with the following errors:

event id 7024: The Microsoft Exchange Information Store service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

event id 7031: The Microsoft Exchange Information Store service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

After about 1 hour the errors gone and exchange is available again, but it´s not possible to access Mail Security. I´ll get an access denied info, though I´ve done everything as domain admin.

Seem´s to be really buggy, so beware of installing the new version in a productive environment at this time. :-(

greets
Bernhard

Symantec Antivirus 10.1.8.8000, on Widows 2003 R2 SP2. Whenever I right click anything - My Computer, folders etc, the SAV installation routine starts and I have to cancel out of it. I have attached 4 screen shots documenting the errors, numbered in the order in which they occur.

Just in case these may be related, here is the link to another mysterious problem.

• fourth.gif
• first.gif
• second.gif
• third.gif

Symantec Antivirus 10.1.8.8000, on Widows 2003 R2 SP2. I am logged on under the domain adminstrator account. At the local console,  there is no "Tools" option. Just file, view, scan, configure, histories, help and no tool bar. But when I RDP to the server, I can see the full SSC-[Console Root\SSC\System Hierarchy\server group name\server name] with Tools and the full tool bar.

Any insight into this would be appreciated. Thanks!

Dear colleagues,

We have succed upgrade SMSDOM 4 to 8 on Lotus Domino 8.5. thank you for all your kind of support
and We just updated the definition, it's work well
But when i clicked the icon "VIRUS DEFINITIONS" its shows Invalid or nonexistent document. What's its mean?
When i run command "Tell SAV info" it shows lastest definition

Thank you

I just downloaded and ran AdAware. It found win32.worm.autorun.

I have had Smantec AntiVirus on my machine for months and it never spotted it?

Currently I am running 10.1.5.500 with virus definition 3/12/2010 rev.3

What am I missing? Does Symantec AntiVirus not know about this?

I lost the password to my database.
RU5 with embeded database.

Does anybody know if the password listed in this file
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Server Private Key Backup\server_<datestamp>.xml
is really the password to the embedded database?  Is it DES encrypted? 

- <parameter>   <name>username</name>   <value>DBA</value>   </parameter> - <parameter>   <name>password</name>   <value>{DES}snipped</value>   </parameter>

There is a program I try to run and I end up getting this message. The farther I try to use features of the program (which Symantec is messing up) I get a few more a these messages with a slight variation after 'Common Files\' How do I stop this!

SYMANTEC TAMPER PROTECTION ALERT

Target:  C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Event Info:  Set Information Process
Action Taken:  Logged
Actor Process:  C:\Program Files\xxxxxxxxxxx\xxxxxxxxxxxxx\xxxxxxxxxxxx.exe (PID 1400)
Time:  Friday, March 12, 2010  8:57:03 PM

 (I blanked out file names)

I tried to edit "centralized exception" but it didn't work. I copied and pasted the directory following Actor Process. I'm not very techy so why is this and how can I fix it!? (I'm running windows 7)

It appears that the View Unapproved Applications List in System Lockdown adds very little value since you cannot directly import this information into a new or existing file fingerprint. Is this by design?

I did the following steps to accomplish the import without the need to touch a remote system or run 3rd party tools like checksum.exe to obtain the new list of applications. A lot of the steps below can be automated with excel marcros, pearl scripts, and possibly SQL queries.

Adding unapproved applications to the file fingerprint list 1.       Enable Learn Applications that run on the client computers 2.       Follow the system lockdown recommended steps. 3.       Let everything run for a few days. 4.       View unapproved applications in System Lockdown. 5.       CTRL-A and copy all applications. Paste to Excel. 6.       Delete All columns except for Application. 7.       Search for Applications. 8.       Export the Query Results. Name the Export file with a .txt extension 9.       Go back to the excel spreadsheet with the unapproved applications data in column A and import the application search query export to column B. Use delimited data type. 10.    Delete all imported columns except for Name and File Fingerprint and column A which was the unapproved application list. 11.    (Optional) Step - Filter all columns and compare unnapproved application list column with the Name column. Delete cells that dont contain the same application name found in Column A and B. (Macro).
12.    Once a final list is filtered delete Column B leaving the Unapproved Application Column and File Fingerprint column.
13.    Save with a .txt extension. (Saving with a .csv or xls make work as well).
14.   Import and append to existing file fingerprint or create a new one.
15.   Let the SEP clients update the new policy.
16.  Reset the unapproved applications test and run it again.
17. Rinse and repeat.

Sure would be easier to have the option to right-click the unapproved list of applications and add it to a new file fingerprint or existing fingerprint.

Hello, this is the first time I have tried to push and run a SEP client from the SEPM on a Windows 7 machine. The software is installed, but is not updating both the Antivirus
and Antispyware definitions (currently September 17th 2009 r21), Network threat protection (currently July 30th 2009 r1)  and it says it's waiting for updates for the Proactive Threat protection.

Is anyone running into this problem? I need to be able to manage clients on Windows 7 computers going forward.
Thanks for the help.
-Mike

I need to execute Intelligent Updater in some computers.
Normally when executing it a new window appears asking if you really want to execute the update, and waiting a response (Yes or No) from the user to continue the execution.
 I would like to know how to "skip" that question to execute the update.
I have to write a script or something like that. So if there is a parameter to set the response to "Yes" it  would be fine.
Thanks a lot.

Hi

I am using the article below to resolve a file system problem I am having on a Windows XP computer.

http://service1.symantec.com/support/ent-security.nsf/docid/2007112113262148?Open&seg=ent

I did all the solutions but it did not solve my problem. However for Solution 2 i was unable to complete this task.

Please help.

Thanks

Carolin

What's the difference between using system lockdown and an ADC policy with a White List of approved apps and end it with a black list to block everything else?

Hi,

I've install Symantec Endpoint MR5 and after the first restart, I've lost the Windows login screen (CTRL - ALT - DEL).

The computer is a IBM ThinkPad T60 and I run Windows XP SP2.

All the Windows update have been done (whitout SP3) and no Virus is on the computer because I've update and run a full scan before restarting the computer.

Someone ever see a problem like this ?

Thanks,

Francois 

Symantec Information Foundation Mail Security for Microsoft Exchange
Version 6.0.10.295 for Exchange

Administrator Alert: The Symantec Mail Security Quarantine has exceeded a set limit.

I used to get roughly 25 of these emails a day until recently.  Not sure what happened as no changes were made but the emails have stopped coming.  All the settings are the same and I am still checked off to be notified when the threshold is met.
Anyone run into this before?

On a side note-

On the home tab it shows that it is fully up to date but in the activity summary and total violations it is always completely blank.

I recently took over for their "IT" guy and have quite a mess to deal with.

I've picked up a unknown virus on one of my sites. Characteristics of the virus is that it misreport freespace on the harddrive causing a harddrive full message to such a extend that no application or document want to open or a virus scan is impossible.
The unknown usage cannot be traced. I've formatted the PC and installed Windows XP o/s from the original recovery disk and when attempt to install Norton 10.1.7 it gave me a error "Insufficient rights....." in the administrator's account when the installation tried to load the services. I've tried installing SEP11 as well but it does a rollback action as soon as the services want to load.
Maybe someone reckonises the virus and can assist me with a removal tool before this spread to any of my other sites, currently I have seven (7) PC's on the same site displaying the same problem.