Auto-Protect Problems
Hi,
I'm evaluating Symantec Endpoint Protection and so far my
impressions are, go back to Eset.
I downloaded some test viruses from eicar which Symantec
found after it was downloaded while Eset stopped it before it downloaded
although that’s not too big a problem. Another minor problem is that when i downloaded
the test file it just disappears, no prompt or any sort of notification, the
file isn’t under the "view quarantine tab", so how would i get a file
back if i wanted to? But my biggest
problem is auto protect. It constantly takes up 100% of my cpu and seems to be
finding a never ending stream of .tmp files somehow related to the test virus.
I left the computer on overnight and in the morning it was still going.
Can
somebody tell me why it’s doing this and if i fix it as i really want to like
it.
Thankyou,
Schybanas
Comments
HI, Please let us know the
HI,
Please let us know the version of the SEP client, as well as the system configuration of the test machine.
If you are downloading a threat from EICAR.com, and if the SEP autoprotet is detecting it, the access to that file is blocked as soon as its written on the hard drive.
Also, its possible to configure from an Antivirus policy that detection notifications for the threats downloaded from EICAR can be disabled.
You can also try the following:
Add .TMP and .PART to the list of file extensions to scan will catch eicar when downloaded
Set Auto Protect to Scan All files
Aniket
1st make sure you are using
1st make sure you are using latest version of SEP that is 11.0.5002.33
2nd never run these kind of test with 2 antivirus running together with their realtime protection ON..they will have conflicts between themselves and you will get un-expected results that will never make you happy.
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
Thanks Aniket, I am running
Thanks Aniket,
I am running 11.0.5002.333
Adding tmp and part file and enabling notifications both worked great and i havent seen the autoprotect dialogue for a while. So all seems to be going well!
Maybe a second restart was all it needed? Anyway, thanks for your help.
Nikhil R.
Great to know that things are
Great to know that things are working well for you.
if you are using firefox or chrome for browsing, they download the files as .part and as .tmp .
So, if these extensions are added for the antivirus engine to scan, any downloaded files will be scanned by the SEP autoprotect.
Aniket
Woah, spoke too soon. I did
Woah, spoke too soon.
I did a live update and out pops auto protect and the lag that comes with it.
Oh well, thanks for your help but i think we're going to stick with eset for now.
Thankyou,
Nikhil
Hi, Try removing the temp
Hi,
Try removing the temp extension from the scan list and let me know if the results are the same.
Aniket
Hi, Thanks for your help but
Hi,
Thanks for your help but either way i still have the same problem.
Unfortunately i have had to uninstall symantec and reinstalled nod32.
Thankyou for your time and i hope one day i might be able to use symantec again, hopefully without problems. (maybe i'll try again when it comes up to renewing our nod32 subscription)
Thankyou very much,
Nikhil
Would you like to reply?
Login or Register to post your comment.