Home > Symantec Endpoint > Symantec Virus Detection Error

Symantec Virus Detection Error


The Google Chrome Frame Plug-in is no longer supported by Google and has been retired as of February 25, 2014, and is no longer available for download. After an upgrade, a generic resource error occurs in SEPM Fix ID: 3746232 Symptom: After upgrading, a generic resource error occurs after using the Symantec Endpoint Protection Manager web console where Tamper Protection alerts on dfrgntfs.exe Fix ID: 3413532 Symptom: Tamper Protection alerts on the Windows defragmentation program (DFRGNTFS.EXE) after SONAR definitions update to revision 20131203.011. Clients are incorrectly identified as GUPs Fix ID: 3639309 Symptom: Clients are incorrectly defined as Group Update Providers when the client host name contains repeating letters. http://placedroid.com/symantec-endpoint/symantec-anti-virus-keeps-on-disabled-help.html

Translated Content This is machine translated content Login to Subscribe Please login to set up your subscription. The SQL user domain account does not have local logon user rights in the GPO, so BCP expectedly fails. When attempting to restore quarantined files, Central Quarantine Server (QServer) hangs Fix ID: 3672057 Symptom: When attempting to restore quarantined files, Central Quarantine Server hangs, and the restore never finishes. SEP Mac IPS detects "brute force remote logon" despite host exclusions Fix ID: 3669436 Symptom: Even if an IP address range-based exclusion is added in the IPS exclusion policy, Symantec Endpoint

Symantec False Positive Submission

Solution: Updated the installer to correctly install all necessary Symantec Endpoint Protection kernel components when only the Virus and Spyware Protection and Advanced Download Protection options are chosen. Macs experiencing high CPU usage for SymDaemon Fix ID: 3605884 Symptom: High CPU usage in SymDaemon causes the whole system to slow down. Supported Products A-Z Get support for your product, with downloads, knowledge base articles, documentation, and more.

Solution Use one of the following methods to prevent these messages: For 12.1 RU1 MP1 and above clients: Create a DNS or Host File Change Exception for svchost.exe or other applications Solution: Updated the IRON driver to make it thread-safe. Supported Products A-Z Get support for your product, with downloads, knowledge base articles, documentation, and more. Symantec Endpoint Protection Has Acted On The Risks SEPM sends notification for low disk space when there is adequate disk space Fix ID: 3551334 Symptom: Symantec Endpoint Protection Manager sends a low disk space notification when there is plenty

Index rebuild happens more than once in SEPM upgrade Fix ID: 3652818 Symptom: During the Symantec Endpoint Protection Manager upgrade process, the indexes are being rebuilt more than once per site, Symantec Endpoint Protection Detection Results Keeps Popping Up This issue occurs even when there are no running scans. Submit a Threat Submit a suspected infected fileto Symantec. https://support.symantec.com/en_US/article.TECH164391.html Solution: Fixed the logic in the high-performance file download routines for Symantec Endpoint Protection Manager’s httpd.exe implementation.

No Yes Report a Suspected Erroneous Detection (False Positive) Use this "wizard" to tell us about a situation where you believe that a Symantec or Norton product is incorrectly reporting a How To Turn Off Symantec Endpoint Protection Notifications With SEP installed, unable to create an Xbox package using developer tools Fix ID: 3615097 Symptom: Xbox XDK package creation with Microsoft Durango XDK/ADK’s MakePkg fails when Symantec Endpoint Protection is Refresh token expires every 2 weeks for RMM Fix ID: 3641927 Symptom: A hard-coded value for a refresh token for RMM (Web Services for Remote Management) caused the expiration of RMM If the file in question is still detected using the new Rapid Release definitions, proceed to the next step.

  • Solution: Optimized the index rebuild process during the upgrade.
  • Hosts File Change in File: c:\windows\system32\svchost.exe by: SONAR scan" Did this article resolve your issue?
  • If it is believed that a legitimate application is being identified in error, and no other outbreak is underway, best practice calls for the following steps to be taken: Apply the
  • Hosts File Change in File: c:\windows\system32\svchost.exe by: SONAR scan" If enabled the Proactive Threat Protection Logs will show: Risk: Hosts File Change by svchost.exe in c:\windows\system32.
  • Submitting False Positives from Quarantine To submit a file for analysis, which was quarantined, the following article can then be used: How to submit suspicious files via the online submission form
  • Replication fails with BCP errors: Unable to open connection Fix ID: 3660062 Symptom: After you change the Microsoft SQL Server TCP port, the BCP command line no longer includes the TCP
  • Solution: Added a check to notify installer to not prompt for a password during an AutoUpgrade feature set change.
  • Try these resources.

Symantec Endpoint Protection Detection Results Keeps Popping Up

Malware will also seek to exploit existing vulnerabilities on systems making their entry quiet and easy. SEP for Linux installs old documentation Fix ID: 3627590 Symptom: The Symantec Endpoint Protection 12.1.5 (12.1 RU5) client for Linux installs the /opt/Symantec/symantec_antivirus/docs folder with old documentation. Symantec False Positive Submission Solution: Adjusted the process ID error return to allow for packets coming from a guest OS. Symantec Endpoint Protection Notification Keeps Popping Up This exclusion will prevent SONAR from taking any action on applications that have been excluded from these detections.

Solution Upgrade to the latest available release of Symantec Endpoint Protection to avoid the conditions which lead to these detections. this contact form The second retrieval tries to determine what is using the non-existing (broken) objects. Solution: Fixed the conversion of date/time columns when exporting the Computer Status logs. Heartbeat interval permanently reduced to 3 seconds or 1 second if the option to download policies and content from the management server is unchecked on SEPM Fix ID: 3680818 Symptom: If Symantec Pop Up Message

Solution: Securid.exe now launches by the Process Launcher service (semlaunchsrv.exe) and under the System account, so that it has access to the C:\Windows\SysWow64 folder. Errors on client package export when imported AD groups contain specific characters Fix ID: 3594776 Symptom: You import an Active Directory group containing special characters on Symantec Endpoint Protection Manager. Solution: The column header Last Scanned Time (Home > Reports, with the report type Computers by Last Scan Time) refers to the time the most recent scan finishes. have a peek here Solution: Corrected the spelling.

Solution: Tamper Protection adds an exclusion rule for this program. Symantec Endpoint Protection Detected Risks While You Were Logged Out Solution: Fixed the logic to address any changes to the exception type to allow it to save. This situation occurs when a particular scheduled scan launches when the user was logged out.

SEPM cannot push client package to itself with the Client Deployment Wizard Fix ID: 3626587 Symptom: On Windows servers, a local push deployment with the Client Deployment Wizard (CDW) in Symantec

Submit a Threat Submit a suspected infected fileto Symantec. If no user is logged on, the scan engine checks /Users, instead. Solution: Updated the code to handle string buffer resize exceptions to avoid process crash. Ariesms Thin client cannot connect to a Citrix Xen Desktop VDI after a virus definition update Fix ID: 3590578 Symptom: System freezes due to a deadlock in File System Auto-Protect driver after

They can then make changes to domain policies and then launch the installation again. Is it part of another software suite? Translated Content This is machine translated content Login to Subscribe Please login to set up your subscription. Check This Out Scheduled Reports run at a later time every day Fix ID: 2148375 Symptom: A scheduled report does not run on time in many common scenarios, such as the Symantec Endpoint Protection

SEP clients try to reach Download Insight website directly Fix ID: 3611350 Symptom: A Symantec Endpoint Protection component tries to connect to the external Symantec URL for Download Insight, ignoring proxy Education Services Maximize your product competency and validate technical knowledge to gain the most benefit from your IT investments. IPS alerts are being generated even though a host exclusion is set up Fix ID: 3583691 Symptom: If you configure reverse DNS lookup for use, the IPS exclusion list does not SEPM stops replicating with an error when a file named "Program" is located at the root of the SEPM install drive Fix ID: 3641315 Symptom: When an executable path contain spaces

If a volume lock is in process, SymEFA won't attach to the volume, and prevents SymEFA from trying to re-attach a volume when Auto-Protect closes its volume handle. TECH102135 June 29th, 2015 http://www.symantec.com/docs/TECH102135 Support / Event ID 40: Symantec Endpoint Protection has determined that the virus definitions are missing on this computer. Solution: Fixed a side issue of a previous fix, where state information was not retained. SEP 12.1 Release Update 1 (RU1) Maintenance Patch 1 (MP1) added a new exclusion category:DNS or Host File Change Exception.

Don't have a SymAccount? A1 - When downloading or uploading a file A2 - While using an application A3 - When installing an application A4 - When browsing the web A5 - During a scheduled Therefore, the policy does not save FileCache configuration changes. SMC maximum password length options differ between command line and user interface Fix ID: 3620589 Symptom: The SMC.exe -p command-line option does not work when the password defined in the Symantec

Provide feedback on this article Request Assistance Print Article Products Subscribe to this Article Manage your Subscriptions Search Again Situation Symantec Endpoint Protection (SEP)is detecting a file which is believed to