SRTSP detections
We recently upgraded to SEP RU5 on our two SEPM servers and are about 50 percent of the way through the client upgrades. An issue that has occurred in the past with previous versions has resurfaced. Our nightly scheduled scans are detecting previously quarantined risks in the C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP directory. We only have a handful of PC's that have a repository of previously quarantined risks, but we have found that the computer starts to exhibit some really bizarre behavior after this happens. The only way out of this helpdesk nightmare is to remove SEP, take ownership of the SRTSP folder and deleted it, and reinstall SEP again.
So is there any downside to adding the quarantine directory in centralized exceptions and why wouldn't it be by default?
Comments
Give full permission to the
Give full permission to the user who has looged in to the folder :\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine
In the command prompt navigate to "C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine and Delete all files by typing the command del *.*
Restore the default privileges by removing the user added with Full Control. and then run a full scan.
Prachand Kumar MCSE-2003 Symantec Technical Specialist (SCTS)
Would you like to reply?
Login or Register to post your comment.