Molenski:
SetupVSE.exe loads the appropriate language pack before starting the .msi, as the installer is designed to use the workstation default. I'm sure you noticed that, when you ran VSE850.msi, the buttons in the installer splash were labeled with object labels rather than button...
Also got a subscriber MichaelYork who purports to be a Symantec support tech. You can find him on the Symantec/Norton Antivirus Forum, i.e., Thread 742-1534041--The Bug Guy
Lots of ways around that, but first you need to define your environment a little better. Are you using ePO to manage your A/V clients, or is each just running independent with a scheduled job to update daily? If they're all running independent, where are they connecting to for their updates...
Actually, a lot of the affected workstations across my Enterprise DID defend themselves very well against a safe-mode boot--about the time the boot attempted to process MUP.SYS, the workstation restarted again on its own, makeing a safe-mode impossible. Be aware, also, that I've caught this...
Well, no...Wasn't much interested in talking to them after I'd cleaned up about a dozen users' workstations. In addition to creating its own app directory, XP 2008 Antivirus drops an .exe into \SYSTEM32 which loads and locks on startup. It also hides the Display Properties>Desktop and...
The original DOJ complaint trojan's been around for a couple of months, so if you just got blipped by this one yesterday, you probably got the new variant described here:
http://vil.nai.com/vil/content/v_142478.htm
We got an emergency notification/profile release at midnite, based on detection...
Dennis:
It's an added "undocumented security feature"--wouldn't want a miscreant running around uninstalling your security suite....Solution and a link to Symantec's uninstall utility are provided in thread742-1438798.--The Bug Guy
mrlar:
Depending on how it's priced and what their support is like, F-Secure A/V is a capable product, and their engineers very proactive. When we were evaluating alternative Enterprise A/V solutions about 2 years ago, their product tested very positively. They only lost out because their...
And they've made a liar of me yet again! After Gold Level told me to go fish 'til 8.5 Patch 4 is released in mid-October, I found Patch 3 posted on the Service Portal today. Someone needs to get their stuff together......
The Bug Guy
Nope, that's NOT a typo. I pounded on Gold Support again today, as a couple of issues that were addressed in "Patch 2" are holding up planning a deployment of 8.5 for me. Reply was that Patch 4 is a roll-up of everything that was supposed to be addressed in 2 & 3. Release date is...
What you're looking at there is one cycle of your Deployment task. That ran okay, but all it's supposed to do is install client applications. You need to search the log for a run of your update task (search by task name as it appears in your ePO task list)--it will appear in the first line of...
The contents of the agent activity log will tell you why updates are failing. It generally lives at \Documents and Settings\All Users\Application Data\McAfee (or Netrowk Associates)\Common Framework\DB\Agent_(machine name).xml. My suspicion is that every update that occurs ends with an "unable...
Yeah, I had considered handing it off to a vendor, but, thinking it through to its logical conclusion, I'll eventually be managing it, so I need to make a lot of the platform policy decisions. Improves my chances of correcting the problem the day that it quarantines a half-dozen production...
McAfee also has another product called Policy Enforcer (additional license, more licensing $$$, but still much cheaper than most NAC solutions) that snaps into ePO 3.5 and above called Policy Enforcer--am currently doing a proof-of-concept of it. When an unmanaged rogue device is discovered on...
Sorry, got interrupted while reading your post and replied before I finished reading. Pretty much every compliance tool I've seen will inventory everything on the network that has a MAC address and/or IP. Generally, the real malicious intruder on your network will disable NetBIOS and hard-code...
HelpOut:
If you're using ePO v3.5 or above, what you need is already there. They rolled some Foundstone products into the suite and called it Rogue System Detection. Description can be found beginning on page 165 of ePO_36_ProductGuide.pdf and probably nearby in the v3.5 guide. Be prepared...
AeroDyna:
Patch 15 (and all software patches) are (now apparently only) available at the McAfee Service Portal (https://mysupport.mcafee.com) under Support By Doing > Download Software Updates. Unfortunately, if you don't currently have a user account at the Service Portal, you'll need your...
If you're running true MS clustered servers (ver. 2K3 allows that only with Enterprise Server edition, at a premium Microsoft price...), the active platform of the cluster array always holds the same address, regardless of which physical platform it is. When the active cluster node fails over...
The ePO db is the critical item to get you back to the point-in-time where your server destructed--without a restorable db, you would have to recreate all the objects, policies, etc. that currently exist in your schema. Along with restoring the db from the appropriate point-in-time SQL backup...
...I based this on (probably vanished several years ago), but here's what I've excluded, based on Microsoft recommendations:
D:\NTDS\DB Logs\EDB*.log
D:\NTDS\DB Logs\Res1.log
D:\NTDS\DB Logs\Res2.log
D:\NTDS\DB Logs\NTDS.pat
D:\NTDS\Database\*.*
D:\NTDS\Ntds.dit
D:\NTDS\Ntds.pat...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.