spacer
Support - Platinum Support
tab end BCS Web Site divider MySupport divider Log Out navbar end
navbar end home symantec alerting service security center knowledge base navbar end
spacer
BCS Knowledge Base

spacer
spacer

Rate This Document
1x3 spacer
1x1 spacer

print this documentDocument ID:2008120810393048
Last Modified:08/27/2010

About the Symantec Endpoint Protection Support Tool

Situation:The Symantec Endpoint Protection Support Tool is a utility designed to quickly and efficiently diagnose common issues encountered with Endpoint Protection and the Endpoint Protection Manager. With this release, the utility is limited to diagnosing problems on the local computer (that is, the computer that is running the utility). If a problem is identified, the tool will direct you to a solution, or the information can be provided to Tech Support, who can guide you through the next steps.

Solution:
Overview/FAQ

Who is the utility designed for?
The utility is designed to assist customers and support personnel with data gathering and troubleshooting.

What does the utility do to my computer?
The support utility does not permanently alter any files on the computer. The utility is a collection of modules or scripts, each of which performs checks by gathering information regarding conditions on the local computer. These script files are copied to the temporary directory and are deleted when you exit the utility.

Because of this design, the utility does not permanently install anything on your computer when it runs.

Does this utility support remote connections?
Yes. You can run the utility over an RDP connection or by using other commercial remote administration utilities.

The utility didn't help me. What next?
In the event that the utility is unable to diagnose your issue, contact Technical Support:
My Support - Web Support
Contact Telephone Technical Support


Acquiring the tool
To acquire the tool, follow this link: The Symantec Endpoint Protection Support Tool.


Using the tool
After you start the utility, it downloads any new releases of the utility while you read the license agreement. If the tool finds an update, it updates and restarts itself automatically. Once you have the latest version, click "accept" to go to the Select Issue screen.

Note: If you make any system changes after running the tool, you must run the tool again to ensure an accurate report.


The Select Issue screen
The Endpoint Protection Support Tool is a combination of modular, discrete "checks." This screen presents a categorized list of the checks that the utility looks for. By selecting criteria, you increase the number of checks that the utility runs, which increases the thoroughness as well as the amount of time required for the tool to run. Due to time constraints, it is best to select only the checks that are relevant to your issue.

For example, if you are having trouble installing the Endpoint Protection Client, select "installation" and then "SEP Client."

Required Checks
If either the Symantec Endpoint Protection client or Manager is installed, the utility performs a series of operational checks for these programs, regardless of which options you selected. In particular, if the Manager is installed, you are prompted for the password. Typically, this is the same password that you use to log in into the Manager.


Running time
The design goal of the utility is to complete a comprehensive check of system variables in under two minutes. Due to variations among computers both in hardware and role, a computer with the following specifications was chosen as a benchmark:


Operating SystemMicrosoft Windows XP Professional Service Pack 3
Processor1.80 GHz Pentium
RAM1 GB


The support tool is designed to complete all of the checks under "Issue Selection" in under 2 minutes on this computer. The time that the tool takes to run on other machines may vary.


Tasks
Once the utility finishes collecting the data for your issue(s), the task screen shows the options for analyzing the collected data.

Review Reports
If you are experiencing an issue with Symantec Endpoint Protection or Symantec Endpoint Protection Manager, click Review Reports to see a summary of the collected information. The information is grouped into the following sections:
  • Errors lists individual problems found by the tool. Click each error for detailed information.
  • Warnings, which are issues that warrant some attention but which probably are not critical.
  • OK lists items which passed the checks that the tool ran against them.
  • Information outlines general information about your computer, such as available disk space, operating system information, etc.
  • Applications lists the items that are in "Add/Remove programs," along with each program's manufacturer and version information.

Return
This section returns you to the issue selection screen, where you can change the checks that you want to run.

Collect additional data
This option performs an intensive scan of the computer. This can take ten minutes or more. This additional data can help identify issues that previous checks did not detect.

Save Report
This option saves the information that the selected checks found. If you require assistance with your issue, you can send the saved report file to Technical Support.

How To Submit The Report
This option shows the options available for opening a Technical Support ticket.

Exit
Click Exit to close the utility and delete the files that were extracted to the temporary directory.

Running the tool from a command line
The Support Tool can be run from a command line, with a number of command line options. For detailed information, read the document Command line options for the Symantec Endpoint Protection Support Tool.


Technical Information:Release Notes

Release 1.0.3080 (8/26/2010)
This release of the Support Tool includes the following fixes:
  • Corrected a problem in which hidden files saved by Load Point Analysis were retaining the Hidden attribute.
  • Corrected an issue in which the Secars communication test was failing on computers that run Symantec Protection Center.
  • The Support Tool now correctly enumerates running processes on 64-bit computers.
  • Corrected a user interface issue which was hiding the Symantec Power Eraser option with the Endpoint management console installed (version 11x and 12x).


Release 1.0.3070 (8/17/2010)
This release of the Support Tool adds support for Symantec Endpoint Protection Release Update 6 Maintenance Patch 1 (RU6 MP1). Customers with earlier versions will be notified of the latest release upon running the tool.


Release 1.0.3060 (8/10/2010)
This release of the Support Tool includes the following new features and fixes:
  • The Support Tool now presents a warning if Intrusion Prevention is either not installed or not enabled on compatible operating systems.
  • The Support Tool now detects which features of Symantec Endpoint Protection are currently installed, as well as their status in the "Information" report.
  • The Information report now includes location information if a policy using Location Awareness is in use.
  • The Information report now includes the User Interface Control setting of Server, Client or Mixed.
  • Corrected an issue where deployment-related firewall checks were run on standalone clients.
  • Corrected an issue where Load Point results were displayed with incorrect page counters.
  • Updated the Load Point analysis report display, increasing the readability of the legend.
  • Load Point results will no longer be displayed if network and/or reputation database access is lost during the data collection.
  • Corrected an issue where, if the Support Tool was run on a machine experiencing DNS issues, Load Point analysis would take longer than expected.
  • If the Support Tool is run in debug mode, the log file is now copied to the same location where the sdbz file was saved after exiting the utility.
  • Certain elements in the Support Tools report display would render incorrectly if the Internet Explorer font size was changed. Reports now scale correctly.
  • The Support Tool now ensures that a file is a valid Support Tool report before any attempt to open the file.
  • Corrected an issue where load point analysis was not being conducted in silent mode.
  • Resolved javascript issues when opening reports using the Support Tool.
  • The Power Eraser dialog box now displays what definitions were used in the scan.
  • Power Eraser now supports Internet Explorer Proxy PAC files. Note that they must be specified by URI, and not by a UNC path.
  • When browsing upon saving an SDBZ, the default location is now where the Support Tool was executed from.
  • If the Support tool is executed with either Symantec Endpoint Protection or Symantec Endpoint Protection Manager installed, the issue selection screen will now display the version information.

Known issues:
  • Windows 2003 Datacenter Edition is identified as Standard Edition. This is due to the way Datacenter identifies itself.

Release 1.0.3050 (7/2/2010)
This release of the Support Tool includes the following new features and fixes:

Symantec Power Eraser
This build of the Support Tool includes the first public release of Symantec Power Eraser. Power Eraser is designed to complement mainline antivirus applications by detecting and remediating specific types of threats:
    • New variants of existing threats for which there is no coverage by the current definition sets
    • Fake antivirus applications, and other Rogue-ware
    • Rootkits
    • System settings that have been tampered with maliciously

Because Symantec Power Eraser uses aggressive methods to detect these threats, there is a risk that it can select some legitimate programs for removal. Use standard antivirus applications and troubleshooting techniques first; if they do not remove all of the threats, use Symantec Power Eraser.

Other changes
  • Added a status indicator to the Support Tool's data collection process, which indicates the overall progress, as well as which item the Support Tool is currently processing.
  • Optimized the Support Tool's working directory cleanup procedure. After closing the utility, moving or deleting the executable can be done much sooner. This also resolves issues with error dialogs appearing when the Support Tool is closed mid-operation.
  • Attempting to open invalid report files, or files without the extensions .sdb and .sdbz, will no longer cause the Support Tool to crash.
  • Additional autorun.inf information is now collected and displayed under Load Point Analysis.
  • Updated text in the "Information" report to more clearly outline the current user's account credentials.
  • Updated the font size and scaling to better accommodate different screen resolutions.
  • Files flagged by the Reputation Database as being "Symantec Untrusted" are now automatically flagged without any additional checks being run.
  • The Information report now lists the number of processors installed on the machine.
  • The Support Tool now presents the option to open .sdb files, in addition to .sdbz files.
  • Updated the presentation of file totals under Load Point Analysis.
  • Centralized exceptions issued by Symantec Endpoint Protection Manager are now displayed under the Information screen in the Support Tool.
  • Load Point Registry values are now displayed in a table format.
  • Added additional navigation links, as well as a "back" link, for selecting additional reports.
  • Corrected an issue which caused the GUI to flash when the mouse cursor passed over "Next" and "Previous" on the issue selection screen.
  • With Windows 2008 R2, under the report for IIS configuration, an error condition was being created for "Log On As". The Support Tool no longer expects a case sensitive string.
  • The Support Tool will now determine if it is being run in a virtual environment. This information is found in the Summary Screen under "Information".
  • .sdbz files opened with the Support Tool will now be cleaned up correctly upon exit.

Release 1.0.3030 (6/9/2010)
This release of the Support Tool includes the following new features and fixes:
  • The file save dialog now defaults to the location from which the Support Tool was run.
  • Firewall rules on Windows 2008 are now detected correctly. Note: This only covers Rules; exceptions for individual ports are not detected on Windows 7 or Windows 2008.
  • Updated the Information screen to label Endpoint Protection Manager correctly. Previously, it was labeled simply as Endpoint Protection in the summary.
  • The Endpoint Protection Manager installation and use requirement reports have been merged into one report, depending on whether the Manager is installed.
  • When running remote deployment checks, The Support Tool now checks for the availability of TCP port 445 in addition to port 139.
  • There is now a command line switch for displaying a listing of the various command line options that the Support Tool uses: -h.
  • The file save dialogs are now modal. It is no longer possible to display multiple file save windows.
  • When displaying the text of an autorun.inf file, the font color has been changed from yellow to black.
  • BCP.exe is now labeled as being a part of SQL Client Tools (rather than the Native Client).
  • The Support Tool now displays a warning if the installation check for Endpoint Protection 11 is selected while Endpoint Protection Small Business Edition is installed, and vice versa.
  • In the Load Points report, running processes are now sorted in descending order based upon their CPU time usage.
  • The minimum install requirements check for Symantec Endpoint Protection Manager now lists the operating system version.


Release 1.0.3020 (5/24/2010)
This release of the Support Tool includes the following new features and fixes:
  • Feedback submission now uses radio buttons rather than a slider.
  • Support Tool data collection is no longer affected by directory paths over 260 characters.
  • New internal crash detection feature allows for detecting when the Support Tool fails to gather data.
  • The Support Tool now correctly reports the status of ports with the Windows Firewall when "Do not allow exceptions" is selected.
  • Process names are now listed for each of the Symantec Endpoint Protection Manager and Symantec Protection Center services.
  • Under Information, the tool now reports on whether the platform was 32-bit or 64-bit.

Release 1.0.3000 (4/28/2010)
This release of the Support Tool includes the following new features and fixes:
  • Added support for Symantec Endpoint Protection 11.0.6005 (RU6a).
  • Stability improvements for data gathering.

Release 1.0.2060 (4/05/2010)
This release of the Support Tool includes the following new features and fixes:
  • The Support Tool will now report if SSL is being used with either a Management Console or the Endpoint Client.
  • Load Point Analysis now includes files located on the Desktop.
  • The following registry locations are now parsed by Load Point Analysis:
    • HKEY_LOCAL_MACHINE\Software\CLASSES\batfile\shell\open\command
    • HKEY_LOCAL_MACHINE\Software\CLASSES\comfile\shell\open\command
    • HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open\command
    • HKEY_LOCAL_MACHINE\Software\CLASSES\piffile\shell\open\command
    • HKEY_LOCAL_MACHINE\Software\CLASSES\regfile\shell\open\command
    • HKEY_LOCAL_MACHINE\Software\CLASSES\scrfile\shell\open\command
    • HKEY_CURRENT_USER\ Software\Microsoft\Windows\CurrentVersion\Policies\System
    • HKEY_CLASSES_ROOT\.exe


Release 1.0.2050 (3/08/2010)
This release of the Support Tool includes the following new features and fixes:
  • Feedback functionality has been added to the Support Tool, allowing customers to submit feedback to our team, as well as rate the Support Tool's efficacy. It is displayed in the top pane of the GUI, after data collection has finished.
  • Corrected an issue with resubmitting file hashes to the reputation database after running Load Point analysis without network connectivity.
  • The Support Tool's Pre-installation check for Endpoint Protection 11's AV Console now finds bcp.exe on 64-bit operating systems.
  • The Support Tool now recognizes Windows Server 2008 R2 as a valid operating system for the Endpoint Protection Manager.
  • The Support Tool now recognizes SQL Server 2008 as a supported version when running the install check for the Endpoint Protection Manager.
  • Updated the Support Tool to account for non-service pack level patches in all versions of Microsoft SQL Server.
  • Corrected verbiage on the appropriate course of action when Load Point Analysis detects files that require further analysis.
  • Updated the logic used to verify virtual directories used by the Endpoint Protection Manager. This issue is most commonly encountered with Windows Server Update Services (WSUS), with the use of a "Content" virtual directory. This build of the Support Tool resolved the issue as it pertains to WSUS.

Known issues:
  • When multiple sites have virtual directories with the same name (aside from "Content", case sensitive), the Support Tool can incorrectly imply directory use by Endpoint Protection Manager. This issue appears as an 'informational' entry in the IIS configuration report.


Release 1.0.2040 (2/19/2010)

New features and fixes
This release of the Support Tool includes the following enhancements:
  • Load Point Analysis can now be run after doing a partial data collection.
  • BCP.exe (part of SQL deployments) is now correctly identified on x64 systems.
  • Under Issue Selection; when selecting Load Point Analysis, the definition check is now automatically selected.
  • Load Point Analysis now identifies and collects data regarding Browser Helper Objects (BHOs).
  • The Support Tool now includes detection for systems potentially affected by vulnerability SYM10-002.
  • In the event that the Support Tool encounters an internal script error, it directs users to instructions on creating a debug log.


Release 1.0.2030 (2/9/2010)

New features and fixes
This release of the Support Tool incorporates a number of enhancements. They are listed here by area.

Endpoint Protection Manager Content Issue
There was an issue with the Endpoint Protection Manager distributing definitions dated after the start of 2010. The Support Tool is now able to determine whether computers are affected by this issue.
  • The Support Tool now detects whether the patch that resolved the issue has been installed on the Manager.
  • The Support Tool checks the definitions of managed clients for the existence of this issue.

General Enhancements
  • There was an issue with attempting to save full data grabs within the Support Tool. The root cause of this has been corrected.
  • In rare instances, a script error would appear when navigating through the Support Tool's GUI. This has been corrected.
  • It is now possible to open decompressed Support Tool report files. These have the extension ".sdb" and are placed in the %temp% folder when the Support Tool runs.
  • The Support Tool's automatic upgrade feature now verifies the integrity of the download before executing the downloaded file.

Load Point Analysis
This release of the Support Tool has made a number of changes to the operation of Load Point analysis. Most significant is that of the Reputation Database, as well as the requirement for network connectivity. Due to this new requirement, it is possible to run Load Point Analysis on one computer, and verify the results using the reputation database from another computer. This is primarily intended for use in environments where a computer with a suspected infection has been isolated from the network. For detailed information, read the document About the Load Point Analysis feature in the Symantec Endpoint Protection Support Tool.
  • It is now possible to save the results of Load Point analysis without having to run the full data collection.
  • In the event that Load Point analysis was run without network access, the results can be saved and then run on another computer in order to complete the analysis.
  • Load Point analysis now requires network access before results will be displayed.
  • If the Reputation Database was not able to analyze a file, it will now be flagged as a warning rather than an error.
  • If a file or registry key is unknown, it will now be flagged as a warning.
  • After re-running Load Point analysis from a secondary computer, the .sdbz file will be updated with Reputation Database-validated Load Point Analysis results.
  • If an autorun.inf file is detected on any installed drive (including network drives), it is flagged as an Error, which displays the location and contents of the autorun file.
  • Load Point analysis will only report an Error when one or more files score sufficiently low to require further investigation. All other situations regarding Load Point Analysis will be flagged as a Warning.
Interface Enhancements
  • Removal of horizontal scroll on file save dialogs (Load Point and Full Data).
  • The Support Tool no longer displays the location of the .sdb file in the temp directory while collecting data.
  • Load Point scoring data and legend are now more prominently displayed.
  • Updated the arrangement of UI elements, such as the data collection screen and icons.
  • Font sizes in Load Point reports have been slightly reduced to increase readability.
  • Load Point Analysis results are now shown under status (Ok, Warning, Error) as well under the Load Point section.



Release 1.0.2020 (11/14/2009)

New features and fixes
  • Symantec Reputation Database Integration for Load Point Analysis
    The Reputation Database is a repository of file hashes compiled and maintained by Symantec Security Response. This database contains information about a large number of commonly seen files and applications, both legitimate and malicious. As of Build 1.0.2020, the Support Tool is able to verify the authenticity of files using the Reputation Database as a resource. This vastly increases the accuracy of the Support Tool's Load Point Analysis feature, and reduces the number of files that need to be manually investigated.

    The Reputation Database check occurs any time a Load Point Analysis is run on a computer with an Internet connection. If there is no Internet connection, the Support Tool uses the standard Load Point Analysis.
  • Added support for Symantec Endpoint Protection Small Business Edition Release Update 1 (12.0.1001.95).
  • New command line option: -noup
    The -noup switch prevents the Support Tool from checking for an updated version upon running.


Release 1.0.2010 (10/27/2009)

New features and fixes
The Support Tool now additionally collects the following data:
  • Tomcat logs (Endpoint Protection Manager)
  • Apache Configuration files (Symantec Protection Center
  • Sylinkex.bak (Endpoint Protection Client)
  • SQL Server Logs (SQL 2000, 2005)
  • ODBC Registry hives (32 and 64 bit versions of Windows)
  • Symantec Antivirus Daily Logs
  • Registry Entries for Endpoint Protection Drivers

Fixes with release 1.0.2010:
  • Fixed a problem that caused Endpoint Protection client definitions to be analyzed incorrectly.
  • Corrected phrasing of System requirement reports (specifically, the "less than" condition when referring to memory).
  • Resolved a problem that caused cached definitions on the client to be labeled as outdated.
  • When saving a report file in previous builds, the target file name was referred to as: *.sdb. This has been changed to the correct *.sdbz value

The Support Tool can now be run with a number of command line options. For the syntax, see the document Command line options for the Symantec Endpoint Protection Support Tool.

Additional changes with release 1.0.2010:
  • On Server 2008 R1, Internet Explorer Advanced Security Configuration triggers a prompt when running the Support Tool. You will need to add it to your Trusted Zone.
  • The Support Tool now requires elevated permissions when UAC is enabled. This also applies when running the Support Tool from a command line.
  • The Support Tool now checks to see if a client uninstall password is set, which can lead to a problem migrating from MR4 MP2 to RU5.
  • The Support Tool now checks to see whether the RU5 client has been installed without completely removing MR4 MP2.
  • Virus definition information from Usage.dat on the client has been combined into a single report.
  • The Support Tool now correctly identifies Local Security Policy settings that impact client deployment on all Windows versions (known as Simple File Sharing on Windows XP).


Release 1.2.2000 (9/22/2009)
New features and fixes:
  • Load Point Analysis diagnostics for troubleshooting potential unknown malware. For more information, see the document About the Load Point Analysis feature in the Symantec Endpoint Protection Support Tool.
    • When Load Point Analysis is run, the Support Tool is able to copy files which warrant further investigation to a central location (either locally or a shared folder).
  • Report files (.sdbz) are now compressed using 7zip, allowing for a reduction in overall size.
  • Version checking for Endpoint Protection Release Update 5 (11.0.5002.333).
  • Support for Windows 7 and Windows Server 2008 R2.

Ongoing issues
  • Report files from Support Tool build 1.0.1090 (or earlier) are not compatible with this release of the Support Tool.
  • Windows 7: The Support Tool is unable to save report files to C:\. When running a full data grab, select an alternative location.
  • The Load Point Analysis report must be run before performing a full data grab for Support, or else the Load Point Analysis data will not be added to the report. This happens even if you start and then cancel the full data grab before running the Load Point Analysis report. If you have already started a full data grab, close the Support Tool and launch it again to include Load Point Analysis.
  • When viewing the Load Point data, there is a known issue with the scrolling (page select) displaying the appropriate number of files per page. However, all files are present.


Build 1.0.1090 (6/11/2009)
Release 1.0.1090 resolves the following issues from previous builds:
  • Full data grabs are now possible when "Protect client registry keys" is enabled in Application and Device Control.
  • Fixed an issue which would cause the Support Tool to halt when enumerating drives.
  • Fixed an incorrect link to knowledge regarding port 445 (Remote client deployment).

Build 1.0.1070 (5/29/2009)
Release 1.0.1070 adds the following new feature:
  • Collection of Symantec Endpoint Protection client logs across all versions of Symantec Endpoint Protection.


Build 1.0.1060 (5/19/2009)
Release 1.0.1060 adds the following new feature:
  • Support for Symantec Endpoint Protection MR4 MP2, 11.0.4202.75


Build 1.0.1050.91 (4/29/2009)
Release 1.0.1010.91 adds the following new features:

The Support Tool now supports Symantec Endpoint Protection Small Business Edition 12 as well as Symantec Endpoint Protection 11.

Additional new features:
  • 1445242 Added support for all versions of IIS.
  • 1638596 Added checks for Symantec Endpoint Protection security advisories.
  • 1476381 Added detection of bcp.exe for remote SQL installations.
  • 1515602 Remove the "full data grab" option, and have "Save" do a full data grab if it has not been done.
  • 1529956 Make the "Install" selection smart. Only check "Install" by default if Symantec Endpoint Protection and Symantec Protection Center are not installed. The report only runs if the option is checked.
  • 1542991 Added check for the status of the Remote registry service.
  • 1557567 Collect and view MiniDumps.

Release 1.0.1010.91 resolves the following issues from previous builds:
  • 1449621 Symantec Endpoint Protection Support Tool incorrectly determining the installed version of MSSQL+SP level
  • 1476365 Symantec Endpoint Protection Support Tool is unable to properly list port usage with remote SQL installations
  • 1486017 Symantec Endpoint Protection Support Tool is not properly detecting admin account status
  • 1533055 Symantec Endpoint Protection Support Tool selections in CED are no longer displayed
  • 1533065 CED ping report Symantec Endpoint Protection and Symantec Endpoint Protection Manager versions
  • 1539734 Symantec Endpoint Protection Support Tool not detecting installed SQL server 2005
  • 1540470 Inclusion of version information on "issue selection" screen for installed Symantec Endpoint Protection/Symantec Protection Center
  • 1540494 time-out interval for secars test too short
  • 1540605 Send CED Error and warning conditions
  • 1540666 Both Symantec Endpoint Protection and Symantec Protection Center version 12 are getting a warning that it is an unknown version
  • 1554153 Start Type for 2 drivers causes the Symantec Protection Center drivers running to fail
  • 1556695 SRTSP/L driver errors on windows 2003
  • 1557446 Service dependency are only showing 1 multistring entry - Viewer
  • 1557452 MultiString registry entries only showing the first string - Viewer
  • 1557498 Symantec Endpoint Protection Support Tool incorrectly identifying the version of the DC client
  • 1586467 Snac start type is demand start, but actual is auto start
  • 1587363 Merged the communication and top other checks into the required checks
  • 1587937 OS Event log descriptions are blank when there are multiple message Dlls.
  • 1587977 Symantec Endpoint Protection Support Tool labeling Mr4 mp1a as an unknown version
  • 1587992 Symantec Endpoint Protection Support Tool returning firewall warning on windows 2k
  • 1588048 Inconsistency between Symantec Endpoint Protection version reported on chrome report vs Symantec Endpoint Protection version check
  • 1593007 False positive for user rights assignment items: replace process level tokens/adjust memory quotas on windows 2000
  • 1593950 On Server 2008 Endpoint Protection Manager requesting DB credentials
  • 1594868 Mgr and client memory requirements are based on installed, not free memory
  • 1596977 SQL 2005 SP1 flagged as unsupported
  • 1597048 Firewall check was run on non-firewall enabled OS's
  • 1597054 Incorrect warning for report: Does this system meet the minimum requirements for running Symantec Endpoint Protection Manager?
  • 1597646 Incorrect error reporting on SQL Server Client SP and version of bcp.exe
  • 1597792 Symantec Endpoint Protection Support Tool not detecting if IIS 7 has been removed
  • 1597977 Symantec Endpoint Protection Support Tool incorrectly flagging multiple mapped IIS extensions as errors
  • 1598687 Need to pick up the Symantec Endpoint Protection install file from ../windows/temp
  • 1599055 Symantec Endpoint Protection Support Tool reporting that the server service is not installed on windows 2008 and Vista
  • 1599057 Windows 2000 Port Usage
  • 1599639 Pre-installation reports that incorrectly show Endpoint Protection Manager / Symantec Protection Center selection
  • 1601692 Error in report "Is the Symantec Protection Center using its configured ports?"
  • 1601706 Drive info stopped being captured
  • 1601724 Support for Symantec Endpoint Protection 12.x’s new CommunicationStatus reg value
  • 1601891 Windows 2000 Endpoint Protection Manager port usage report
  • 1601912 Connection opened through the CED request was not being closed
  • 1630544 Users are able to drag and drop files into the Symantec Endpoint Protection Support Tool viewer window, which then opens the file.
  • 1630589 Setting ports to non-numeric values in conf.properties/server.xml causes the Symantec Endpoint Protection Support Tool to crash
  • 1631458 Hitting the escape key causes the Symantec Endpoint Protection Support Tool to instantly close.
  • 1631542 Symantec Endpoint Protection Support Tool only captures installation log files if Symantec Endpoint Protection/Endpoint Protection Manager are currently installed
  • 1633371 Symantec Endpoint Protection Support Tool Viewer not displaying SPC_INST.log
  • 1633473 Windows 2000 pre-flight Endpoint Protection Manager install conflicting with the results from the Windows 2000 port check
  • 1634293 Symantec Endpoint Protection Support Tool not properly detecting a blank XP password
  • 1634311 Windows 2000 blank admin password check not functioning

Build 1.0.1030.65 (3/5/2009)
Release 1.0.1010.65 resolves the following issues from previous builds:
  • A new version of Symantec Endpoint Protection was released to correct a major connectivity problem with MR4 MP1. The Support Tool now checks for this new release.
  • Provided reference to System Requirements document for installing Symantec Endpoint Protection.
  • On 64-bit operating systems, the Support Tool was not properly reading the IIS metabase.xml file, which had impacted its virtual directory checks.
  • Provided reference to information regarding the status of the Windows Installer service
  • When configured for use, Symantec Network Access Control changes start its start type to Auto Start (from Demand Start) which was causing the Support Tool to display an error.
  • The partial ("Quick") report was taking excessive amounts of time due to the time-out interval for the communication checks.
  • Changed how the report "Can Symantec Endpoint Protection communicate with itself" is displayed for readability.
  • The Support Tool will no longer run checks for Proactive Threat Protection as a feature of Symantec Endpoint Protection that is always "off" when installed on server and 64 bit operating systems.
  • The Support Tool was incorrectly reporting an error when a machine met both the minimum and recommended system requirements for a Symantec Endpoint Protection Manager installation.
  • When saving a report for Technical Support within the Support Tool, the "Contact" and "Issue" boxes were only allowing for 4 lines, and the text would not wrap.
  • The Support Tool is designed to prevent the duplication of data. Previously the Support Tool was improperly identifying the status of the content integrity checks, allowing for this report to be duplicated when selecting additional options under the "Issue Selection" screen.
  • It was previously possible to select either the Symantec Endpoint Protection or Symantec Endpoint Protection Manager installation options without having the upper level "installation" checkbox selected.
  • TCP Port 445, needed for client deployment, previously was not a sufficient condition to cause an error. Previously if this port was blocked, it would be displayed as a warning.
  • Updated verbiage regarding the Support Tool's ability to parse IIS 5x and 7x virtual directories. This is a feature expected in a future, rather than "latter" release.
  • Within the Viewer, information pertaining to drives is now listed again.

Build 1.0.1010.58 (2/11/2009)
Release 1.0.1010.58 resolves the following issues from previous builds:
  • The Support Tool was not properly detecting the versioning of Symantec Endpoint Protection Manager, resulting in incorrect system requirements.
  • Changed wording of "Load Point Analysis with malware" to "Load Point Analysis" on the Issue Selection screen.
  • SQL Server was previously listed as a Symantec Component rather than Microsoft.
  • The Support Tool would crash if the scm.iis.http.port value was missing from the conf.properties file (impacting MR2).

Build 1.0.1000.57 (2/6/2009)
Release 1.0.1010.57 resolves the following issues from previous builds:
  • Customer information fields (on the "Save report" screen) were not carried forward when additional reports were selected.
  • Under Information > Ports, the processes for IIS (which uses the System process) and System Idle appeared blank. The Tool now enumerates these correctly.
  • The Support Tool will now properly detect the status of the Windows Installer Service. Specifically it detects whether the service has encountered an error, or if it is currently disabled.

New functionality:
  • Windows UAC detection no longer lists the UAC as a feature of Vista, due to Windows 7 and Windows 2008 supporting UAC.
  • UAC status detection now works on Windows 2008.

Build 1.0.53 (1/05/2009) new functionality:
  • Added x_Full.sdbz to the save report name if it is a full data grab.
  • Fixed that it was re-running all of the quick tests on a full data grab. This implies however, that if any system changes are made, the utility should be re-run to ensure the accuracy of the displayed information.
  • Updated to SQLite v3.6.7, resulting in a 15% performance improvement for a full data grab.
  • Turned off database synchronous mode resulting in a 30% speed performance increase for a full data grab.
  • Capturing the SEP_INST.log, and SEPM_INST.log files. Note: A full data grab is required for these files.
  • This build includes the ability to capture the following log files for the client and manager:

catalina.out
catalina.in
scm-server-*.log
SesmLu.log
LuCatalog.log
exsecars.log
ersecreg.log
scm-ui.log
scm-ui.err
install_log
SesmLu.log
LuCatalog.log
Log.LiveUpdate
  • Added the ability to capture the Sylink.xml configuration file. Note: A full data grab is required for capturing this file..
  • The utility now prompts the user to run a full data grab if attempting to save a partial report.
  • The Save Report dialogue screen now includes an option to exit the utility after saving. Currently, this option is selected by default.
  • Added detection for Google Chrome installation with pre-MR3 versions of Symantec Endpoint Protection.
  • Fixed a problem causing the tool not to display screen resolutions correctly.


Beta release 1.0.47 (11/26/2008) new functionality:
  • The Support tool now properly identifies Altiris products as "Symantec".
  • The Save report dialogue now includes a "browse" function.

Beta release 1.0.47 (11/26/2008) resolved the following issues from previous builds:
  • The Support tool now properly detects communication settings for unmanaged client machines.

Beta release 1.0.45 (11/19/2008) resolved the following issues from previous builds:
  • The Support Tool currently is now able to view saved/exported reports from all older versions of the support tool.
  • You are now able to view saved reports and return to the "tasks" menu. The "Page cannot be displayed" error has been resolved.

Ongoing issues:
  • The Support tool incorrectly states that the Symantec Endpoint Protection Manager virtual directories within IIS are in use.
  • Due to the method in which ports are allocated in Windows 2000, the Support Tool is unable to provide data as to the CURRENT state of the ports used within Symantec Endpoint Protection/Symantec Endpoint Protection Manager.
  • The Support Tool does not provide detailed information regarding the state of IIS on Windows XP and 2000.
  • Currently the Support Tool does not properly determine the tamper protection and decomposer version information.
  • The Utility currently does not perform any network functions, such as polling remote client computers.
  • The "Top issues" section does not return any additional information (this section will be for incorporating detections for new issues as they arise).
  • The detection for installed SQL server version and service pack is not functioning correctly, displaying warnings when compatible SQL versions are in use.
  • The utility will always look for updated versions, and once found will automatically download them. Short of removing the machine from the network, this update process currently cannot be bypassed or cancelled.
  • The utility erroneously notes that Symantec Endpoint Protection Manager's virtual directories are in use by another application.
  • In the event that the utility exits unexpectedly, the folders created in the %temp% directory must be removed manually. The temporary folders follow this format: IXP000.tmp, incrementing upwards.


Beta release 1.0.44 (11/19/2008) is subject to the following issues:
  • The Support Tool currently is unable to view saved/exported reports from older versions of the support tool (all builds prior to 1.0.44).
  • After viewing a saved report (regardless of saved report version) clicking Tasks results in a "Page cannot be displayed" error. The workaround to this is to close the utility and run it again.
  • Due to the method in which ports are allocated in Windows 2000, the Support Tool is unable to provide data as to the current state of the ports used within Symantec Endpoint Protection or the Manager.
  • The Support Tool does not provide detailed information regarding the state of IIS on Windows XP and 2000.
  • Currently the Support Tool does not properly determine the Tamper Protection and Decomposer version information.
  • The Utility currently does not perform any network functions, such as polling remote client computers.
  • The "top issues" section does not return any additional information. (This section will be for incorporating detections for new issues as they arise.)
  • The detection for installed SQL server version and service pack is not functioning correctly, displaying warnings when compatible SQL versions are in use.
  • The utility will always look for updated versions, and once found will automatically download them. Short of removing the machine from the network, this update process currently cannot be bypassed or cancelled.
  • The utility erroneously notes that Symantec Endpoint Protection Manager's virtual directories are in use by another application.
  • In the event that the utility exits unexpectedly, the folders created in the %temp% directory will need to be removed manually. The temporary folders follow this format: IXP000.tmp, incrementing upwards
  • Fixed downloading update from internal source when using HTTP (http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008111913233248)

print this documentDocument ID:2008120810393048
Last Modified:08/27/2010


rate this document
Does this document answer your question?
Yes
No
Maybe, need to test
None of the above
Is this document well written and easy to use?
Submit specific suggestions to improve the quality of this document.


Product(s): Endpoint Protection 11, Endpoint Protection Small Business Edition 12, Network Access Control 11
Operating Systems(s):
Date Created: 12/08/2008

  © 1995-2014 Symantec Corporation. All rights reserved. feedback | legal notices | privacy policy