Category: Antivirus/Antimalware Tools and Issues

Reset Symantec Endpoint Protection Console Password
article #453, updated 4291 days ago

Go here:

C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tools

and run resetpass.cmd. A command prompt box will arise which (at least in this part of the world) will shortly contain the word “English”. Wait for it to come and go by itself.

Your SEPM login and password are now both “admin”. It will require a change at first login.

Categories:      

==============

VIPRE crash prevention registry key
article #452, updated 4293 days ago

The indomitable Liz Landry found this registry key, which should be used if VIPRE is causing PCs to bluescreen after installation. Go here:

HKLM\System\CurrentControlSet\Services\sbtis

Change the item inside named “Start” from 1 to 4.

Categories:      

==============

Emsisoft Commandline Scanner for antimalware
article #437, updated 4334 days ago

Works very well, esp. for remote work.

http://www.emsisoft.com/en/software/cmd/

Unpack it, go into the folder “Run”, and then see the a2cmd readme.

Categories:      

==============

Connect to a remote VIPRE console
article #439, updated 4340 days ago

You can run a VIPRE console on your desktop PC, and connect it to a VIPRE server somewhere else, over LAN or WAN:

http://kb.gfi.com/articles/SkyNet_Article/How-to-connect-remote-consoles?retURL=%2Fapex%2FSupportHome&popup=true

Categories:      

==============

HiJackThis is now open source
article #395, updated 4449 days ago

Trend Micro has placed their excellent HiJackThis to open source:

http://sourceforge.net/projects/hjt/files/

and there are new versions!!! Interesting instructions for its use, are here:

http://www.bleepingcomputer.com/tutorials/how-to-use-hijackthis/#HowToUse

Categories:      

==============

VIPRE Business, network configuration
article #90, updated 4477 days ago

Several ports may need to be opened in Windows Firewall, sometimes even if the service is turned off, and sometimes on both client and server. To accomplish this by command line, use these:

netsh firewall add portopening protocol=TCP port=18082 name=VIPRE_client_1
netsh firewall add portopening protocol=TCP port=18086 name=VIPRE_client_2
netsh firewall add portopening protocol=TCP port=18087 name=VIPRE_client_3
netsh firewall add portopening protocol=TCP port=18088 name=VIPRE_client_4

If you would like to have the above ports opened using an Active Directory group policy, edit the policy, go to Administrative Templates under Computer Configuration, then Network, Network Connections, and Windows Firewall.  Under both “Domain Profile” and “Standard Profile” you will find “Define Inbound Port Exceptions”.  In these, the following lines will be needed:

18082:TCP:*:enabled:VIPRE1
18086:TCP:*:enabled:VIPRE2
18087:TCP:*:enabled:VIPRE3
18088:TCP:*:enabled:VIPRE4

For our configuration of client install outside of the LAN, you’ll want port 591 added as a fifth item to the above, i.e., either this:

netsh firewall add portopening protocol=TCP port=18082 name=VIPRE_client_1
netsh firewall add portopening protocol=TCP port=18086 name=VIPRE_client_2
netsh firewall add portopening protocol=TCP port=18087 name=VIPRE_client_3
netsh firewall add portopening protocol=TCP port=18088 name=VIPRE_client_4
netsh firewall add portopening protocol=TCP port=591 name=VIPRE_client_5

or this:

18082:TCP:*:enabled:VIPRE1
18086:TCP:*:enabled:VIPRE2
18087:TCP:*:enabled:VIPRE3
18088:TCP:*:enabled:VIPRE4
591:TCP:*:enabled:VIPRE5

Categories:      

==============

"VIPRE Anywhere", VIPRE Business over the Internet
article #259, updated 4483 days ago

To configure VIPRE Business 5 to handle a laptop outside of the LAN, including installation of agents and automatic agent version updates, do this:

  1. Set up a router configuration where an external DNS name is pointed to the VIPRE server, for ports 18080-18088 as well as port 591 (and see related info below). Test it via a telnet on port 18082; if you press Enter, the server should respond.
  2. Set up a policy where that DNS name is specified as Policy and Update Server under Agent/Communication.
  3. Under the top-level server properties, under Agent Installation, make sure the port listed is set to 591. The default is 80, which is in use on many servers, certainly SBS.
  4. Create an MSI for the policy and copy it to the laptop.
  5. On the laptop, set up the necessary firewall exceptions to be found here.
  6. Install the MSI onto the laptop.

Categories:      

==============

Download VIPRE Enterprise
article #173, updated 4670 days ago

To download a 30-day trial which can be activated with a key, go here:

http://www.gfi.com/downloads/mirrors.aspx?pid=vpe

Categories:      

==============

"Windows Recovery" virus removal
article #306, updated 4710 days ago

Here is a procedure given by the ComboFix people:

http://www.bleepingcomputer.com/virus-removal/remove-windows-recovery

Categories:      

==============

Restore CMD and control panel capability et cetera
article #276, updated 4773 days ago

After malware and other registry corruption issues, CMD and control panel items and other things stop working. Use the following as a .REG file to fix it:

Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

Categories: