Go here:
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tools
and run resetpass.cmd. A command prompt box will arise which (at least in this part of the world) will shortly contain the word “English”. Wait for it to come and go by itself.
Your SEPM login and password are now both “admin”. It will require a change at first login.
The indomitable Liz Landry found this registry key, which should be used if VIPRE is causing PCs to bluescreen after installation. Go here:
HKLM\System\CurrentControlSet\Services\sbtis
Change the item inside named “Start” from 1 to 4.
Works very well, esp. for remote work.
http://www.emsisoft.com/en/software/cmd/
Unpack it, go into the folder “Run”, and then see the a2cmd readme.
You can run a VIPRE console on your desktop PC, and connect it to a VIPRE server somewhere else, over LAN or WAN:
http://kb.gfi.com/articles/SkyNet_Article/How-to-connect-remote-consoles?retURL=%2Fapex%2FSupportHome&popup=true
Trend Micro has placed their excellent HiJackThis to open source:
http://sourceforge.net/projects/hjt/files/
and there are new versions!!! Interesting instructions for its use, are here:
http://www.bleepingcomputer.com/tutorials/how-to-use-hijackthis/#HowToUse
Several ports may need to be opened in Windows Firewall, sometimes even if the service is turned off, and sometimes on both client and server. To accomplish this by command line, use these:
netsh firewall add portopening protocol=TCP port=18082 name=VIPRE_client_1
netsh firewall add portopening protocol=TCP port=18086 name=VIPRE_client_2
netsh firewall add portopening protocol=TCP port=18087 name=VIPRE_client_3
netsh firewall add portopening protocol=TCP port=18088 name=VIPRE_client_4
If you would like to have the above ports opened using an Active Directory group policy, edit the policy, go to Administrative Templates under Computer Configuration, then Network, Network Connections, and Windows Firewall. Under both “Domain Profile” and “Standard Profile” you will find “Define Inbound Port Exceptions”. In these, the following lines will be needed:
18082:TCP:*:enabled:VIPRE1
18086:TCP:*:enabled:VIPRE2
18087:TCP:*:enabled:VIPRE3
18088:TCP:*:enabled:VIPRE4
For our configuration of client install outside of the LAN, you’ll want port 591 added as a fifth item to the above, i.e., either this:
netsh firewall add portopening protocol=TCP port=18082 name=VIPRE_client_1
netsh firewall add portopening protocol=TCP port=18086 name=VIPRE_client_2
netsh firewall add portopening protocol=TCP port=18087 name=VIPRE_client_3
netsh firewall add portopening protocol=TCP port=18088 name=VIPRE_client_4
netsh firewall add portopening protocol=TCP port=591 name=VIPRE_client_5
or this:
18082:TCP:*:enabled:VIPRE1
18086:TCP:*:enabled:VIPRE2
18087:TCP:*:enabled:VIPRE3
18088:TCP:*:enabled:VIPRE4
591:TCP:*:enabled:VIPRE5
To configure VIPRE Business 5 to handle a laptop outside of the LAN, including installation of agents and automatic agent version updates, do this:
- Set up a router configuration where an external DNS name is pointed to the VIPRE server, for ports 18080-18088 as well as port 591 (and see related info below). Test it via a telnet on port 18082; if you press Enter, the server should respond.
- Set up a policy where that DNS name is specified as Policy and Update Server under Agent/Communication.
- Under the top-level server properties, under Agent Installation, make sure the port listed is set to 591. The default is 80, which is in use on many servers, certainly SBS.
- Create an MSI for the policy and copy it to the laptop.
- On the laptop, set up the necessary firewall exceptions to be found here.
- Install the MSI onto the laptop.
To download a 30-day trial which can be activated with a key, go here:
http://www.gfi.com/downloads/mirrors.aspx?pid=vpe
After malware and other registry corruption issues, CMD and control panel items and other things stop working. Use the following as a .REG file to fix it:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"