Symantec endpoint protection issue....
Updated: 21 May 2010 | 9 comments
This issue has been solved. See solution.
We have installed Symantec end point solution antivirus software in windows 2003 64 bit OS. where we are facing problem with the antivirus software. The software is using high memory due to some leakage. We have consulted microsoft people. Microsoft people have suggested to check with the below aspect.
It appears that pooltag NDCM belongs to wpshelper.sys from Symantec Intrusion Detection - WpsHelper and its taking most of the NPP.
Its required to get the application vendor to update the driver and check if it's a know issue with this driver.
------------------------------------------------------------------
Pool Tag: NDCM
Type: Pool_Non-Paged
Leaking?: *YES*
First/Average/Last/High Values: 499.68 MB / 1050.29 MB / 1743.44 MB / 1743.44 MB
Mapped Driver: Unknown Driver
------------------------------------------------------------------
Pool Tag: _Total Pool Non-Paged Bytes
Type: Pool_Non-Paged
Leaking?: *YES*
First/Average/Last/High Values: 14.96 MB / 1087.96 MB / 1786.27 MB / 1786.27 MB
Mapped Driver: N/A
Please suggest me on this.
The pool log analysis as below:
----------------------Pool Log Analysis---------------------------------------------------------------------------------------------
Pool Tag: NDCM
Type: Pool_Non-Paged
Leaking?: *YES*
First/Average/Last/High Values: 499.68 MB / 1050.29 MB / 1743.44 MB / 1743.44 MB
Mapped Driver: Unknown Driver
------------------------------------------------------------------
Pool Tag: _Total Pool Non-Paged Bytes
Type: Pool_Non-Paged
Leaking?: *YES*
First/Average/Last/High Values: 14.96 MB / 1087.96 MB / 1786.27 MB / 1786.27 MB
Mapped Driver: N/A
Please suggest me on this.
Sincerely,
Nagender.
discussion Filed Under:
Comments
what version of SEP is this observed with ?
what version of SEP is this observed with ?
Kedar Mohile http://kedarmohile.blogspot.com
uninstall NTP component of
uninstall NTP component of SEP on the server
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Yeah , you should only have
Yeah , you should only have AV & AntiSpyware running on servers ... not the IPS or Firewall components.
m00
I am using symantec endpoint
I am using symantec endpoint protection 11.0 and i am also using IPSec in the machine.
What does this below lines
What does this below lines mean.
Its required to get the application vendor to update the driver and check if it's a know issue with this driver.
WpsHelper.sys is Intrusion
WpsHelper.sys is Intrusion prevention driver for NEtwork Threat Protection component of Symantec Endpoint Protection.
As Microsoft suggested make sure you are using the latest version of SEP 11.0.4202.xx.
If not upgrade it to this version and then check if it resolves your issue.
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
Thanks
Thanks Vikram,
I will upgrade the SEP and check it.
Sincerely,
Nagender.
We installed Norton Endpoint 11.0.4 , but PROACTIVE SUPPORT is
It is my first time installing end point and here is a network of less than 15 Computers.
I jsut dun know what to sum this problem up as,
but
* The Proactive Threat Protection is disabled.
* Live update is nort working
very obvious that the server is at risk but I am in a deep distress as a result.
Any1 should pls help me and God bless.
Urxcellency
Proactive Threat Protection
Proactive Threat Protection will remain Off by default on any server OS or 64 bit OS.
So if its a server then its fine.
If its a 32 bit client OS then try to repair the SEP from add or remove program or Uninstall or reinstall the SEP.
Also if your Liveupdate is not working I would like to know first is it a managed client or unmanaged client?
Would you like to reply?
Login or Register to post your comment.