Video Screencast Help
Search Video Help Close Back
to help

Security Community Blog

Showing posts tagged with 11.x
Showing posts in English
Deleting Proxy settings from LiveUpdate configuration[Unmanaged Clients].
sezam | 07 Jan 2010 | 0 comments

Some days ago I faced with an issue.
In a big network all Live Update applications were configured with Proxy[Unmanaged clients]. But the proxy setting were needed to be disabled.

Network configuration is handled by files:
- Settings.LiveUpdate;

- 1.Settings.LiveUpdate;
- 2.Settings.LiveUpdate.

which are situated in C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate folder.

 
If You have a big environment and You need to perform disabling of proxy setting for FTP an WWW the best is create a script which will delete Settings.LiveUpdate and 1.Settings.LiveUpdate files.

I think It could be useful.

 

Read more
Error: "Authentication failure" when trying to log into Symantec Endpoint Protection Manager console with an additional Admin ac
Warrior6945 | 24 Dec 2009 | 1 comment

 Error: "Authentication failure" when trying to log into Symantec Endpoint Protection Manager console with an additional Admin account

When you login to the Symantec Endpoint Protection Manager console using the Default Administrator you can login successfully However if you create a new Admin and try to login you get an error "Authentication failure"
Reseting the password for the additional Admin account also does not help.

In the SEPM Console go to the Admin tab
Select Domains
Check if more than one Domain is present, if Yes then add the admin account to all the Domains 
Also while logging in to SEPM, you may select the correct Domain by clicking on the button "Options"
You should be able to login successfully.
Read more
SEP Firewall policy for Exchange Server 2007
alifarooqm | 16 Dec 2009 | 1 comment

Is there any one have installed the SEP client on Exchange Server 2007, what the basic firewall rules are required to get it working, if I allow the all trafiic its working fine but when I blocks the all ports except 443,80 which are only required for OWA or MS Outlook client its stop owrking any idea

thanks
Farooq

Read more
Virus scanning recommendations for computers that are running Windows Server 2008 R2, Windows Server 2008, Windows Server 2003
Rolf Niedhorn | 28 Nov 2009 | 1 comment

Hello, everyone,

Daniel Melanchton (Microsoft Germany) made a blog post regarding scan exclusions for Microsoft Products.

Because some people reported issues with user profiles since SEP 11 RU5, it is very interesting to look at Microsofts following recommodation:

Group Policy related files

Group Policy user registry information. These files are located in the following folder:

%allusersprofile%\

Exclude the following file:

NTUser.pol

Group Policy client settings file. These files are located in the following folder:

%Systemroot%\system32\GroupPolicy\

Exclude the following file:

registry.pol

You may find the whole article under the following link:

 http://support.microsoft.com/kb/822158/en-us (Article ID: 822158 - Last Review: October...

Read more
Installing SEP via Group Policy on Server 2008 R2 Core
snekul | 25 Nov 2009 | 1 comment

First, some background. We were setting up a new box running Server 2008 R2 Core on x64.  In my department, we push out SEP to all our servers via Group Policy.  On this new Server 2008 R2 Core on x64 box the install of SEP failed.  We were puzzled until we ran into another application (in this case VMware Tools) that did not install properly either.  We discovered that Server 2008 R2 Core does not have an "Installer" folder inside the Windows folder--this would usually be C:\Windows\Installer.  Upon creating the folder, VMware Tools installed fine and on a reboot, SEP installed just fine as well.

Also, we were pushing out RU5, as that is necessary for full support on Server 2008 R2.

So, if you run into trouble installing SEP (or anything else for that matter) on Server 2008 R2 Core, make sure you have an "Installer" directory in your Windows folder.

Read more
Endpoint Protection: different versions of SEP11 RU5
DominikG | 20 Nov 2009 | 0 comments
I recognized something strange, which has been quite confusing for some of our customers. Actually the current version von Endpoint Protection (11 RU5) is published with two different version numbers. The packages, you receive through LiveUpdate are listed as 11.0.5002.0 in the Endpoint Protection Manager, but packages you create from other sources, e.g. downloads from Symantec’s fileconnect , are listed as 11.0.5002.333.
 
This fact makes it possible to import both versions into the Manager, if you received the packages through LiveUpdate onto your MR4 system and then upgrade it to RU5. After that you will see that four packages with the mentioned two different version numbers get listed under “install packages”.
Now, if you install the package with number 11.0.5002.0 onto a client, it gets actually also listed as installed version 11.0.5002.333. So the whole issue is just wrong information in the Manager, which the software cannot...
Read more
Laptop Symantec Endpoint Protection
FrankPadavano | 10 Nov 2009 | 1 comment

To anyone who can assist,

I am running Symantec Endpoint Protection Version 11.0.3001.2224 on my 'laptop' and have an error with a scan recently completed.  I know that my files are corrupt as I have tmp files in my "Incomming Folder".  When I went online to find out how to correct the issue, it only provide me a solution for v 10.xxx and it only provides how it can be corrected via the Symantec System Center.  How can i revert to the previous definition set while working remotely on my laptop??

Regards

Frank

Read more
Know Current Definition date from Registry
Acretian | 28 Oct 2009 | 1 comment
Registry Location

For SEP
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV
 
For SAV
HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion
On the Key you can find two Values  
PatternFileDate  : Current Definition date
PatternFileRevision : Revision
These are Hexadecimal values
Example:
PatternFileDate  : 27090e - 2009 Oct 14 
27090e - YYMMDD Format
27 - 2009
27 Hex is 39 Decimal, this value is since 1970. So 1970+39 = 2009

09 is October (00- Jan, 0B - Dec)

0e Hex - 14 in decimal
PatternFileRevision : 16Hex - 22
16 HEX is 22 in Decimal 
Hope...
Read more
vdefhub.zip and Windows Vista
sandip_sali | 27 Oct 2009 | 0 comments

vdefhub.zip file cannot be viewed on an Vista machine whereas it can be viewd in the same location in an XP machine

vdefhub.zip is an hidden file in Windows Vista

  
Ø Click the round blue Start in the left corner
Ø Click Control Panel
Ø Click Folder Options
Ø Click the View tab
Ø Click Show hidden files and folders
Ø If you want to see system files as well, unclick Hide protected operating system files (Recommended)
Ø Click OK
Ø You should be able to view the file now

Read more
Symantec Endpoint Security (SEP 11.0) Renewal question
mthompson | 29 Sep 2009 | 4 comments

I'm a bit confused about the renewal of SEP11.0.  I know it no longer requires a license file or activation but i'm confused about yearly renwal.  Has that gone away?  My system never says its out of date or that the virus definitions have expired.  How am I to know if they have exprired or need renewal? Especially if my system always has a current up to date - date.

I also recenlty installed this on a completly different network for another company and it installed with old 2008 definitions with the warning that said it was out of date but than it did a Live Update and all was well.  I haven't registered anything yet, so this new system is doing the samething, how to know if it is out of date?

Do I really have to worry about this anymore if I buy it once, am I all good?  Confused on what the web-site says and what a Sales Rep says.

---- also on the same note, if I don't have to renew every year is this beacuse Symantec...

Read more