Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Issues with newly deployed Sep 12.2.2 manually scanning folders and opening console

Created: 13 Jun 2013 | 7 comments

We deployed SEP 12.1, then upgraded to 12.2015.2015.  We sent the install packages to 7 machines.  They work fine for a few days then, one by one, start doing the following:

1) Right clicking on a folder or CD drive and selecting "Scan for Viruses" returns an error "DoScan Error "Failed to Initialize" scanning engine"

There are not error messages in Symantec or Event Viewer

2) Double clicking the Symantec icon in the systray you get "SymCorpUI.exe - Application Error" The application failed to initialize properly (0xc0000022). Click on OK to terminate the application

There are no errors for this event as well.

If I reinstall the client it works fine for a couple days and then starts the above behavior again.

The only thing I can think of is that we installed SEP clients over top of the old Corporate Edition.  Sep Management Console and db were created on brand new 2008 R2 servers

Any thoughts?

Thanks

Operating Systems:

Comments 7 CommentsJump to latest comment

.Brian's picture

What version of SAV was it installed over? SEP will install over 10.x without issue.

What happens if you run a repair on the client via add/remove programs?

When you removed, did you run cleanwipe or just uninstall via add/remove?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

lucifudge's picture

We installed over 10.X.  I just ran a repair on one of the machines and I can open the console, but manual scans give the DoScan error.  We had one of the machines not allowing the console to open or scan on Tuesday, I came in this morning, and it works fine, no changes made.

When we removed, we just used add/remove, no cleanwipe

lucifudge's picture

So we found a fix for the DoScan error which is to go to HKLM>Software>Symantec and change the USER permission from READ to Full Control.  The problem goes away. 

We locked down the ability for users to change settings on their client (like turn debug on, change Client Management, Add Exceptions, etc.)

Could this have cause the Registry to label certain portions of the registry as read only, thus preventing scans or opening of the console?

lucifudge's picture

The results were:

SEP 12.1 Submission Control Data Definitions are corrupt

SEP 12.1 Iron Revocation Definitions are corrupt

SEP 12.1 Iron White List Definitions are corrupt

SEP 12.1.2000+ Extended File Attributes Verify Trust Definitions are corrupt

SEP 12.1.2000+ SRT SP Settings Definitions are corrupt

I wonder if this is caused by our network being closed, no internet access

Rafeeq's picture

its saying that defs are corrupt, can you call support, get cleanwipe, run it then install a fresh copy of new SEP 12.1.3? hopefully that should fix all the issues.

Ambesh_444's picture

Agreed with above comments.

Please download this tool and run..

http://www.symantec.com/business/support/index?page=content&id=TECH170752

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."