Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Search results for query: *

  1. bugguy51

    Pushing VirusScan 8.5 out via Group Policy

    Molenski: SetupVSE.exe loads the appropriate language pack before starting the .msi, as the installer is designed to use the workstation default. I'm sure you noticed that, when you ran VSE850.msi, the buttons in the installer splash were labeled with object labels rather than button...
  2. bugguy51

    Symantec Human Tech Support

    Also got a subscriber MichaelYork who purports to be a Symantec support tech. You can find him on the Symantec/Norton Antivirus Forum, i.e., Thread 742-1534041--The Bug Guy
  3. bugguy51

    console upgrade x3 amounts of data traffic

    Lots of ways around that, but first you need to define your environment a little better. Are you using ePO to manage your A/V clients, or is each just running independent with a scheduled job to update daily? If they're all running independent, where are they connecting to for their updates...
  4. bugguy51

    More information about Antivirus XP 2008

    Actually, a lot of the affected workstations across my Enterprise DID defend themselves very well against a safe-mode boot--about the time the boot attempted to process MUP.SYS, the workstation restarted again on its own, makeing a safe-mode impossible. Be aware, also, that I've caught this...
  5. bugguy51

    Blaster/Sasser.variant: crippling system

    Well, no...Wasn't much interested in talking to them after I'd cleaned up about a dozen users' workstations. In addition to creating its own app directory, XP 2008 Antivirus drops an .exe into \SYSTEM32 which loads and locks on startup. It also hides the Display Properties>Desktop and...
  6. bugguy51

    US Dept. of Justice Trojan... anyone know what it does?

    The original DOJ complaint trojan's been around for a couple of months, so if you just got blipped by this one yesterday, you probably got the new variant described here: http://vil.nai.com/vil/content/v_142478.htm We got an emergency notification/profile release at midnite, based on detection...
  7. bugguy51

    Norton System Works will not uninstall

    Dennis: It's an added "undocumented security feature"--wouldn't want a miscreant running around uninstalling your security suite....Solution and a link to Symantec's uninstall utility are provided in thread742-1438798.--The Bug Guy
  8. bugguy51

    HELP! NAV won't tell me Virus' Name so I can emlimiate it!

    mrlar: Depending on how it's priced and what their support is like, F-Secure A/V is a capable product, and their engineers very proactive. When we were evaluating alternative Enterprise A/V solutions about 2 years ago, their product tested very positively. They only lost out because their...
  9. bugguy51

    8.5i On access

    And they've made a liar of me yet again! After Gold Level told me to go fish 'til 8.5 Patch 4 is released in mid-October, I found Patch 3 posted on the Service Portal today. Someone needs to get their stuff together...... The Bug Guy
  10. bugguy51

    8.5i On access

    Nope, that's NOT a typo. I pounded on Gold Support again today, as a couple of issues that were addressed in "Patch 2" are holding up planning a deployment of 8.5 for me. Reply was that Patch 4 is a roll-up of everything that was supposed to be addressed in 2 & 3. Release date is...
  11. bugguy51

    Epolicy 3.5 not updating VSE 7.1 Clients

    What you're looking at there is one cycle of your Deployment task. That ran okay, but all it's supposed to do is install client applications. You need to search the log for a run of your update task (search by task name as it appears in your ePO task list)--it will appear in the first line of...
  12. bugguy51

    Epolicy 3.5 not updating VSE 7.1 Clients

    The contents of the agent activity log will tell you why updates are failing. It generally lives at \Documents and Settings\All Users\Application Data\McAfee (or Netrowk Associates)\Common Framework\DB\Agent_(machine name).xml. My suspicion is that every update that occurs ends with an "unable...
  13. bugguy51

    Challenge and response

    Yeah, I had considered handing it off to a vendor, but, thinking it through to its logical conclusion, I'll eventually be managing it, so I need to make a lot of the platform policy decisions. Improves my chances of correcting the problem the day that it quarantines a half-dozen production...
  14. bugguy51

    Challenge and response

    McAfee also has another product called Policy Enforcer (additional license, more licensing $$$, but still much cheaper than most NAC solutions) that snaps into ePO 3.5 and above called Policy Enforcer--am currently doing a proof-of-concept of it. When an unmanaged rogue device is discovered on...
  15. bugguy51

    scanning for non-compliant workstations

    Sorry, got interrupted while reading your post and replied before I finished reading. Pretty much every compliance tool I've seen will inventory everything on the network that has a MAC address and/or IP. Generally, the real malicious intruder on your network will disable NetBIOS and hard-code...
  16. bugguy51

    scanning for non-compliant workstations

    HelpOut: If you're using ePO v3.5 or above, what you need is already there. They rolled some Foundstone products into the suite and called it Rogue System Detection. Description can be found beginning on page 165 of ePO_36_ProductGuide.pdf and probably nearby in the v3.5 guide. Be prepared...
  17. bugguy51

    McAfee Patch 15

    AeroDyna: Patch 15 (and all software patches) are (now apparently only) available at the McAfee Service Portal (https://mysupport.mcafee.com) under Support By Doing > Download Software Updates. Unfortunately, if you don't currently have a user account at the Service Portal, you'll need your...
  18. bugguy51

    Multiple EPO 3.6 Servers

    If you're running true MS clustered servers (ver. 2K3 allows that only with Enterprise Server edition, at a premium Microsoft price...), the active platform of the cluster array always holds the same address, regardless of which physical platform it is. When the active cluster node fails over...
  19. bugguy51

    backup

    The ePO db is the critical item to get you back to the point-in-time where your server destructed--without a restorable db, you would have to recreate all the objects, policies, etc. that currently exist in your schema. Along with restoring the db from the appropriate point-in-time SQL backup...
  20. bugguy51

    Windows 2003/Domain Controller File Exclusions

    ...I based this on (probably vanished several years ago), but here's what I've excluded, based on Microsoft recommendations: D:\NTDS\DB Logs\EDB*.log D:\NTDS\DB Logs\Res1.log D:\NTDS\DB Logs\Res2.log D:\NTDS\DB Logs\NTDS.pat D:\NTDS\Database\*.* D:\NTDS\Ntds.dit D:\NTDS\Ntds.pat...

Part and Inventory Search

Back
Top