Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts tagged with Endpoint Protection (AntiVirus)
Showing posts in English
sezam | 07 Jan 2010 | 0 comments

Some days ago I faced with an issue.
In a big network all Live Update applications were configured with Proxy[Unmanaged clients]. But the proxy setting were needed to be disabled.

Network configuration is handled by files:
- Settings.LiveUpdate;

- 1.Settings.LiveUpdate;
- 2.Settings.LiveUpdate.

which are situated in C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate folder.

If You have a big environment and You need to perform disabling of proxy setting for FTP an WWW the best is create a script which will delete Settings.LiveUpdate and 1.Settings.LiveUpdate files.

I think It could be useful. | 01 Jan 2010 | 5 comments

please tell me prefect idea how to rid off this problem | 29 Dec 2009 | 1 comment

I have used Norton products since the DOS days when I became an electronic engineering technician.  I have tried other products
and always ended-up returning to Norton when I got hit by undefined viruses.  The last time I tried other AVs was in 2002 when a
malicious worm hit the internet.  My PC was infected of course.  I wasn't using Norton's product because of personal financial
restraints then.  Eradicating the worm was a  long and difficult process.  I learned a very important lesson, again!  Do not EVER,
for any reason, move away from what you know works.  I worked for a major international office supply corporation in the Technology
Department from 2000 to 2007.  I have shared my experience using Norton products to many customers.  Not one came back to
express any difficulties after purchasing the AV.  However, the ones who do, would leave my department having purchased a Norton...

Warrior6945 | 24 Dec 2009 | 1 comment

 Error: "Authentication failure" when trying to log into Symantec Endpoint Protection Manager console with an additional Admin account

When you login to the Symantec Endpoint Protection Manager console using the Default Administrator you can login successfully However if you create a new Admin and try to login you get an error "Authentication failure"
Reseting the password for the additional Admin account also does not help.

In the SEPM Console go to the Admin tab
Select Domains
Check if more than one Domain is present, if Yes then add the admin account to all the Domains 
Also while logging in to SEPM, you may select the correct Domain by clicking on the button "Options"
You should be able to login successfully.
alifarooqm | 16 Dec 2009 | 1 comment

Is there any one have installed the SEP client on Exchange Server 2007, what the basic firewall rules are required to get it working, if I allow the all trafiic its working fine but when I blocks the all ports except 443,80 which are only required for OWA or MS Outlook client its stop owrking any idea


DominikG | 08 Dec 2009 | 4 comments
I am receiving many support requests related to scan errors of the scan engine, which are caused by a suboptimal usage of the system resources, or because someone simply did not configure the parameters in the right way.
The scan engine is not software that can be set up and is good to go. In each environment, there has to be done some tuning to avoid errors and/or performance issues.
For that reason I talked to Symantec’s tech support to get a little help on how to configure the resource parameters correctly.
So if you are experiencing scan errors in a large amount or get reports of bad performance, please check the following steps:
1. Open the scan engine interface and go to “reports” -> “resources”
2. Note the value of “thread pool size”
3. Note the value of “Load statistics” -> “queued...
Rolf Niedhorn | 28 Nov 2009 | 1 comment

Hello, everyone,

Daniel Melanchton (Microsoft Germany) made a blog post regarding scan exclusions for Microsoft Products.

Because some people reported issues with user profiles since SEP 11 RU5, it is very interesting to look at Microsofts following recommodation:

Group Policy related files

Group Policy user registry information. These files are located in the following folder:


Exclude the following file:


Group Policy client settings file. These files are located in the following folder:


Exclude the following file:


You may find the whole article under the following link: (Article ID: 822158 - Last...

snekul | 24 Nov 2009 | 1 comment

First, some background. We were setting up a new box running Server 2008 R2 Core on x64.  In my department, we push out SEP to all our servers via Group Policy.  On this new Server 2008 R2 Core on x64 box the install of SEP failed.  We were puzzled until we ran into another application (in this case VMware Tools) that did not install properly either.  We discovered that Server 2008 R2 Core does not have an "Installer" folder inside the Windows folder--this would usually be C:\Windows\Installer.  Upon creating the folder, VMware Tools installed fine and on a reboot, SEP installed just fine as well.

Also, we were pushing out RU5, as that is necessary for full support on Server 2008 R2.

So, if you run into trouble installing SEP (or anything else for that matter) on Server 2008 R2 Core, make sure you have an "Installer" directory in your Windows folder.

DominikG | 20 Nov 2009 | 0 comments
I recognized something strange, which has been quite confusing for some of our customers. Actually the current version von Endpoint Protection (11 RU5) is published with two different version numbers. The packages, you receive through LiveUpdate are listed as 11.0.5002.0 in the Endpoint Protection Manager, but packages you create from other sources, e.g. downloads from Symantec’s fileconnect , are listed as 11.0.5002.333.
This fact makes it possible to import both versions into the Manager, if you received the packages through LiveUpdate onto your MR4 system and then upgrade it to RU5. After that you will see that four packages with the mentioned two different version numbers get listed under “install packages”.
Now, if you install the package with number 11.0.5002.0 onto a client, it gets actually also listed as installed version 11.0.5002.333. So the whole issue is just wrong information in the Manager, which the software cannot...
FrankPadavano | 10 Nov 2009 | 1 comment

To anyone who can assist,

I am running Symantec Endpoint Protection Version 11.0.3001.2224 on my 'laptop' and have an error with a scan recently completed.  I know that my files are corrupt as I have tmp files in my "Incomming Folder".  When I went online to find out how to correct the issue, it only provide me a solution for v and it only provides how it can be corrected via the Symantec System Center.  How can i revert to the previous definition set while working remotely on my laptop??