SAV: Symantec Antivirus Corporate Edition 10.1

By gunnalagDesktop

List all SAV client services

C:>net start | grep -i symantec
   Symantec AntiVirus
   Symantec AntiVirus Definition Watcher
   Symantec Event Manager
   Symantec Settings Manager
   Symantec SPBBCSvc

C:>

Client configuration, Log file locations and check-in times:

DAT’s File  : C:Program FilesCommon FilesSymantec SharedVirusDefs
GRC.DAT File: C:Documents and SettingsAll UsersApplication DataSymantecSymantec AntiVirus Corporate Edition7.5 folder GRC.DAT
Quarantine  : C:Documents and SettingsAll UsersApplication DataSymantecSymantec AntiVirus Corporate Edition7.5Quarantine
Logs        : C:Documents and SettingsAll UsersApplication DataSymantecSymantec AntiVirus Corporate Edition7.5Logs
Install log    : tempsav_inst.log
SSC cmd line: "C:Documents and SettingsAll UsersStart MenuProgramsSymantec Client SecuritySymantec AntiVirus.lnk"

Check-in time: By default,
    – clients check in with their parent management servers once an hour
    – clients are configured to check in for configuration updates every 60 minutes.

Server configuration, Log file locations and check-in times:

GRC.DAT File:       C:Program FilesSAV GRC.DAT
Private keys:       C:Program FilesSAVSymantec AntiViruspkiprivate-keys
Root certificates:  C:Program FilesSAVSymantec AntiViruspkiroots

Client Check-in:
    – Parent management servers review their lists of clients once an hour.
    – If ( client check-in fails for >  30 days) then that client is removed from the list of clients and a log stating that client is deleted is logged.

Understanding GRCUPDATE notation:

=========================GRCUPDATE Time template=========================

Group level – server config changes

———————————–

<5 bits common forever> <7 bits same> <9 bits Change >

B0008 2500160 D382D6502

===================================

Group level – client config changes

———————————–

<5 bits common forever> <11 bits same> <5 bits Change >

B0008 25001809303 5B301

===================================

Server level – client config changes compared to group level changes

———————————–

<5 bits common forever> <9 bits same> <7 bits Change >

B0008 250018093 503C803

====================================

Server level – client config changes compared to server level changes

———————————–

<5 bits common forever> <7 bits same> <9 bits Change >

B0008 2500180 A04071F01

====================================

Registry key of the GRCUpdateTime setting 

HKEY_LOCAL_MACHINESOFTWAREIntelLANDeskVirusProtect6CurrentVersionGRCUpdateTime

By gunnalag

You might also like:

Procedure to extend Windows System Partition with non-adjacent or non-contiguous unallocated Free space

FIX: Arrow Keys Navigation does NOT work in Excel

Fix: Microsoft Office Icons Missing or Replaced with Generic white icons

Leave a Reply

Your email address will not be published. Required fields are marked *