i was trying upgradeing our brightmail antispam application from 6.1.1.0 to 6.2.0.

I tried to install Brightmail Scanner (stopped tomcat before the installation), but it gave me "Internal Error 2753. F24713_regwizard.exe" at the end of the installation. So, i tried to install it again which worked. After this, i've installed Brightmail Control Center and it got installed without any problem.

after this, i tried to login to Brightmail Control Center with admin/symantec as the ID/PW. But somehow i was not able to login with it. I've also tried with our working password (the password that we was using before it gets reset while the installation).

all the related service including tomcat are started, but i still having issue with connecting to the control center.

Please let me know what could be causing this issue.

Thanks,
Seung

Hello,

I am a Windows 7 user. Two nights ago, I accidentally clicked on an advertisement while I was browsing on YouTube (Oh why didn't I get adblocker for Firefox?). I did a full scan my computer with Symantec Endpoint Protection and while scanning it paused for a good ten seconds at two strange files named system32/virusremoval.vbs and system32/newvirusremoval.vbs. I looked these files up and learned that these are indeed malicious files of some kind. I believe it is a browser hijacker. However, my computer has not shown any signs of change or slowing down. It's probably because I browse the internet in a non-administrative account, and the malicious programs do not have the ability to make changes to my computer? I'm not very efficient with computers, so I don't know. Anyway SEP scanned right through these files thinking they are harmless. So I downloaded MalwareBytes and ran a full scan. Nothing. I know these files are not good for my computer and they are hiding within my system files. Even though they aren't causing any harm so far, I would still feel better being rid of them. Can anyone give me some advice on how to remove them?

By the way, I cannot find these files when I search for them through explorer.

Thank you.

Hi folks,

Does anyone know what the correct file extenstion is for incidents in C:\Vontu\Protect\incidents ?  I just fixed an out of space issue with my database and I want to process all of the *.BAD files.

Thanks!

4463861 1283976295

I cannot recall if I read somewhere in some documentation that this should not be done, it will un-install all the server sottware...
Is this true??
Or do I deploy the client out to only the OTHER computers (servers, PCs, etc.) in the network??
Thank you, Tom

4463681 1283982903

If this is possible, how does one do so??
I am inquiring from curiosity. I do not see any place to change these items...
These are in the Servers and Clients views in the Management Console...
Thank you, Tom

4463551 1283982910

Just now installed SEP 11.x RU6 to a server.
Told it to use 8080 for the custom web port, also have server port 8443, remote access port 9090
Set up admin user etc., using embedded database, all appeared to proceed appropriately.
Can access http://<server IP>:9090 within the server itself but NOT outside of the server...

I have tried http://<server IP>:9090, http://<server IP>:8080, http://<server IP>:8443...

What must I do on the SEP server to make this web console visible from OTHER computers??

Should I uninstall and start over again?? (I dutifully followed Symantec's advice to use a separate port than 80 and took all the defaults otherwise.)

Thank you, Tom

4463431 1283972541

I'm finishing up a SAV to SEP migration. I'm installing SEP over SAV and in some cases (not all) once the SEP installer uninstalls SAV and installs SEP, the client will check into SEPM as well as check back into SSC causing inaccurate reporting. Is there a cause/fix in place for this?

I am testing out the Vontu appliance and would like to only scan one of my installed agents, but when I scan a filesystem endpoint, all the associated agents are scanned.  How can I stop this?

I've upgraded almost 600 machines to 11.0.6100.645 and almost all are uneventful.

I have three Windows 2003 servers which locked up hard on the upgrade from 11.0.5 to 11.0.6000 as well as 11.0.6100..    This is using the automatic routines for client update from SEPM.   The clients run AV only, no other component.

As the upgrade progresses, the server gets slower and slower.    Network eventually dies off.   Task manager quits working.   net start fails to complete.   Eventually the server just locks up, except for mouse movement.

I've had to "clean" remove Symantec to get things working agian on some servers as the uninstall locks up too.   The common things are these are all 2003 servers running Microsoft DPM.       My 2008 R2 Exchange servers running 11.0.6000 didn't have problems going to build 6100.

Anyone else seeing anything similar?

cygwin is very slow, even to return a command prompt with SEP 11.0.6 installed.  a simple carriage return causes a 10 second delay for a command prompt to reappear. i have narrowed it down to the 'proactive threat protection'.  if i disable it, all is normal.  i have tried adding some applications (bash.exe, e.g.)  into the centralized exceptions with no success.

thanks for your help.

          We have a copy of Symantec Endpoint Protection SBE 12.0. We did not install the license file right away, and the program expired before we had a chance to do so and now will not update. We installed the license file into the Symantec Protection Center, where all the clients appear (including the server itself), but none of them see the updated license file (they all show "expired.") Short of uninstalling the whole mess and reinstalling it, what can be done to fix this? We have already tried updating the policies and restarting the services.

Hi all,

I just started deploying 11.0.6000.550 but see that RU6 MP1 (11.0.6100.645) is available.  When it comes to upgrades, I like to uninstall/install rather than just upgrade.

So I wanted to see if these steps sound correct to the forum:

1. On the SEPM server, export all SEP policies, export a copy of the database, and make notes of any other settings.
2. On the SEPM server, uninstall SEP 11.0.6000.550.
3. Reboot.
4. On the SEPM server, install SEP 11.0.6100.645.
5. Run the Management Server Configuration Wizard and point SEP to the existing SQL database.
6. Run the SEPM Console and import all previously exported SEP policies.
7. Make any other settings.
8. Export a client installation package.
9. ...
10. On the client, uninstall SEP 11.0.6000.550
11. Reboot.
12. On the client, install SEP 11.0.6100.645 from the new client package.
13. Done.

Are there any steps missing or extra?
Thanks, Tom.

Hi all,
I am Vaisakh. One of my client purchased symantec endpont 11.x with 275 licences. Now its my turn to install the product. I am not familiar with the product. I have a central server in Head Office with win 2003 server to be used to control all clients. And i have more than 20 branches connected with 128 and 512 kbps leased line. I want to configure the central server to download updates from the Symantec update server. And i want to configure all the HO clients to take updates from HO server. And also i need to configure one branch pc to  take updates from the HO server and distribute that with the corresponding branch clients.  I need to configure all branch clients to take updates only from the corresponding branch servers, they should not contact the HO server for updates. This is the goal to be achieved. I also need to help to configure custom client installation package for each branch. and also please specify what things are to be installed on HO server and the remote sites. also need help in configuring policies. if u need any more details pls revert

Hi all,
I am Vaisakh. One of my client purchased symantec endpont 11.x with 275 licences. Now its my turn to install the product. I am not familiar with the product. I have a central server in Head Office with win 2003 server to be used to control all clients. And i have more than 20 branches connected with 128 and 512 kbps leased line. I want to configure the central server to download updates from the Symantec update server. And i want to configure all the HO clients to take updates from HO server. And also i need to configure one branch pc to  take updates from the HO server and distribute that with the corresponding branch clients.  I need to configure all branch clients to take updates only from the corresponding branch servers, they should not contact the HO server for updates. This is the goal to be achieved. I also need to help to configure custom client installation package for each branch. and also please specify what things are to be installed on HO server and the remote sites. also need help in configuring policies. if u need any more details pls revert....Pls give me the solution by step by step...like...server, manager console configurations etc...installation procedure in detail....which installation should i choose....push or custom client installation package to be run locally on each computer...is there any need foe configuring liveupdate administrator some where

Hello,

I have a nessus report (hackersafe) stating that a vulnerability exists: "Microsoft Exchange X-LINK2STATE Heap Overflow PoC". The w2k3 machine (exchange 2k3) is fully patched, as is exchange. I google search revealed someone else with a similar issue.

Does anyone know if this is caused by Symantec mail security? I'm running version 6..5.0.67

Thanks!