部署Symantec Antivirus 10.0网络防毒服务器之七
|
如何将
Symantec AntiVirus
企业版客户端从不接受管理更改为接受管理
情形 将 Symantec AntiVirus Corporate Edition (Symantec AV) 10.0 作为不接受管理的客户端进行了安装。您想要将它更改为接受管理的客户端。 解释 从父服务器将 Grc.dat 文件复制到想要管理的客户端。
注意:
若将客户端移入一个客户端组,请在下面的步骤中用
Grcgrp.dat
代替
Grc.dat
。
在父服务器上定位
Grc.dat
文件:
注意:
如果
Symantec AV
是从
Norton AntiVirus Corporate Edition 7.x
升级的,那么默认文件夹是
<OS drive>:\Program Files\NAV\
。
将 Grc.dat 文件复制到客户端:
注意:
几分钟后,
Symantec AV
客户端就会在此文件夹下找到
Grc.dat
文件。
Symantec AV
会在对注册表进行适当的更改后删除该文件。下次客户端向父服务器登记时,就会显示在
SSC
中。通过停止、然后启动客户端上的
Symantec AV
客户端服务或重新启动计算机,强制执行登记。
-------------------------------------------------------
全文完!
本文出自 51CTO.COM技术博客
|
附件下载:
如何恢复Symantec防病毒服务器10.1
如何恢复Symantec防病毒服务器10.1
上一篇 部署Symantec Antivirus 10.0网络防毒服务器之六 下一篇 New Concept English Book One--lesson one to..
类别:Security ┆ 技术圈( 1) ┆ 阅读( 4041) ┆ 评论( 19) ┆ 推送到技术圈 ┆ 返回首页
相关文章
文章评论
[1楼]
[匿名]小单
[匿名]小单
2007-03-28 15:32:40
我这里是校园网内部,所以所有客户端不能直接访问外网站点,就是只能通过内部进行升级~~内部我通过设置FTP的方式已经下载到本地了,所有客户端的配置也都配置过了~~~~客户端能更新了~~但旧的病毒定义没有更新~~却显示说是已经是最新的了~~怎么解决??
是不是我选择更新的产品不对啊??10.0的版本基本需要的更新是哪些啊???
是不是我选择更新的产品不对啊??10.0的版本基本需要的更新是哪些啊???
短消息通知评论者
[2楼]
dengmis
dengmis
2007-04-18 19:30:02
Dear:Reking
非常之感谢你写这篇文章,请问可不可以加一点实例(如当客户机出现中毒时有情况)
非常之感谢你写这篇文章,请问可不可以加一点实例(如当客户机出现中毒时有情况)
短消息通知评论者
[3楼]
dengmis
dengmis
2007-04-18 19:50:47
Dear redking
请问在NT如何有清除W32.Netsky.P@mm!enc
这个病毒
请问在NT如何有清除W32.Netsky.P@mm!enc
这个病毒
短消息通知评论者
[4楼]
redking
redking
2007-04-20 08:09:36
建议部署个Symantec Mail Security for Microsoft Exchange
短消息通知评论者
[5楼]
dengmis
dengmis
2007-04-20 17:33:24
但是我的microsoft exchnage 是域来的
短消息通知评论者
[6楼]
redking
redking
2007-04-21 15:31:34
是的,现在公司的局域网都已经部署了AD
短消息通知评论者
[7楼]
[匿名]dengmis
[匿名]dengmis
2007-04-21 20:09:25
我现在还用的NT4.0 SERVER 所以还没有部署AD
EXchange还是5.5今天才计划升级,但现在遇到这个病毒不知道怎样清除,请教了
EXchange还是5.5今天才计划升级,但现在遇到这个病毒不知道怎样清除,请教了
短消息通知评论者
[8楼]
[匿名]dengmis
[匿名]dengmis
2007-04-21 20:09:26
我现在还用的NT4.0 SERVER 所以还没有部署AD
EXchange还是5.5今天才计划升级,但现在遇到这个病毒不知道怎样清除,请教了
EXchange还是5.5今天才计划升级,但现在遇到这个病毒不知道怎样清除,请教了
短消息通知评论者
[9楼]
redking
redking
2007-04-24 10:03:56
Discovered: May 5, 2004
Updated: February 13, 2007 12:22:41 PM
Also Known As: W32.Netsky.P@mm
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
Disable System Restore (Windows Me/XP).
Update the virus definitions.
Run a full system scan and delete all the files detected as W32.Netsky.P@mm!enc.
For specific details on each of these steps, read the following instructions.
1. Disabling System Restore (Windows Me/XP)
If you are running Windows Me or Windows XP, we recommend that you temporarily turn off System Restore. Windows Me/XP uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.
Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations.
Also, a virus scan may detect a threat in the System Restore folder even though you have removed the threat.
For instructions on how to turn off System Restore, read your Windows documentation, or one of the following articles:
"How to disable or enable Windows Me System Restore"
"How to turn off or turn on Windows XP System Restore"
For additional information, and an alternative to disabling Windows Me System Restore, see the Microsoft Knowledge Base article, "Antivirus Tools Cannot Clean Infected Files in the _Restore Folder," Article ID: Q263455.
2. Updating the virus definitions
Symantec Security Response fully tests all the virus definitions for quality assurance before they are posted to our servers. There are two ways to obtain the most recent virus definitions:
Running LiveUpdate, which is the easiest way to obtain virus definitions: These virus definitions are posted to the LiveUpdate servers once each week (usually on Wednesdays), unless there is a major virus outbreak. To determine whether definitions for this threat are available by LiveUpdate, refer to the Virus Definitions (LiveUpdate).
Downloading the definitions using the Intelligent Updater: The Intelligent Updater virus definitions are posted on U.S. business days (Monday through Friday). You should download the definitions from the Symantec Security Response Web site and manually install them. To determine whether definitions for this threat are available by the Intelligent Updater, refer to the Virus Definitions (Intelligent Updater).
The Intelligent Updater virus definitions are available: Read "How to update virus definition files using the Intelligent Updater" for detailed instructions.
3. Scanning for and deleting the infected files
Start your Symantec antivirus program and make sure that it is configured to scan all the files.
For Norton AntiVirus consumer products: Read the document, "How to configure Norton AntiVirus to scan all files."
For Symantec AntiVirus Enterprise products: Read the document, "How to verify that a Symantec Corporate antivirus product is set to scan all files."
Run a full system scan.
If any files are detected as infected with W32.Netsky.P@mm!enc, click Delete.
Writeup By: Kaoru Hayashi
Updated: February 13, 2007 12:22:41 PM
Also Known As: W32.Netsky.P@mm
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
Disable System Restore (Windows Me/XP).
Update the virus definitions.
Run a full system scan and delete all the files detected as W32.Netsky.P@mm!enc.
For specific details on each of these steps, read the following instructions.
1. Disabling System Restore (Windows Me/XP)
If you are running Windows Me or Windows XP, we recommend that you temporarily turn off System Restore. Windows Me/XP uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.
Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations.
Also, a virus scan may detect a threat in the System Restore folder even though you have removed the threat.
For instructions on how to turn off System Restore, read your Windows documentation, or one of the following articles:
"How to disable or enable Windows Me System Restore"
"How to turn off or turn on Windows XP System Restore"
For additional information, and an alternative to disabling Windows Me System Restore, see the Microsoft Knowledge Base article, "Antivirus Tools Cannot Clean Infected Files in the _Restore Folder," Article ID: Q263455.
2. Updating the virus definitions
Symantec Security Response fully tests all the virus definitions for quality assurance before they are posted to our servers. There are two ways to obtain the most recent virus definitions:
Running LiveUpdate, which is the easiest way to obtain virus definitions: These virus definitions are posted to the LiveUpdate servers once each week (usually on Wednesdays), unless there is a major virus outbreak. To determine whether definitions for this threat are available by LiveUpdate, refer to the Virus Definitions (LiveUpdate).
Downloading the definitions using the Intelligent Updater: The Intelligent Updater virus definitions are posted on U.S. business days (Monday through Friday). You should download the definitions from the Symantec Security Response Web site and manually install them. To determine whether definitions for this threat are available by the Intelligent Updater, refer to the Virus Definitions (Intelligent Updater).
The Intelligent Updater virus definitions are available: Read "How to update virus definition files using the Intelligent Updater" for detailed instructions.
3. Scanning for and deleting the infected files
Start your Symantec antivirus program and make sure that it is configured to scan all the files.
For Norton AntiVirus consumer products: Read the document, "How to configure Norton AntiVirus to scan all files."
For Symantec AntiVirus Enterprise products: Read the document, "How to verify that a Symantec Corporate antivirus product is set to scan all files."
Run a full system scan.
If any files are detected as infected with W32.Netsky.P@mm!enc, click Delete.
Writeup By: Kaoru Hayashi
短消息通知评论者
[10楼]
[匿名]dengmis
[匿名]dengmis
2007-05-14 12:04:38
THANKS
短消息通知评论者
[11楼]
[匿名]dengmis
[匿名]dengmis
2007-05-25 09:56:43
DEAR redking
如何在重装Symantec Antivirus 10.0服务器后继续管理原来的客户端
如何在重装Symantec Antivirus 10.0服务器后继续管理原来的客户端
短消息通知评论者
[12楼]
redking
redking
2007-05-30 22:18:26
dear dengmis:
从父服务器将Grc.dat 文件复制到想要管理的客户端。
从父服务器将Grc.dat 文件复制到想要管理的客户端。
短消息通知评论者
[13楼]
[匿名]hong661
[匿名]hong661
2007-08-10 15:31:08
为什么我的服务器不升级了,只到8月2号,客户机都显示8月2号升级的。但我用不接受管理的去升级可以到最新。
短消息通知评论者
[14楼]
redking
redking
2007-08-17 13:36:47
服务端没配置自动升级!
短消息通知评论者
[15楼]
gaoge
gaoge
2008-01-08 18:08:19
从父服务器将Grc.dat 文件复制到想要管理的客户端。
这是什么意思啊!可以说明白点吗?
期待回复
这是什么意思啊!可以说明白点吗?
期待回复
短消息通知评论者
[16楼]
redking
redking
2008-01-09 19:05:03
回复gaoge:就是把服务器上的Grc.dat文件复制到客户端的<OS Drive>:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5
目录。
目录。
短消息通知评论者
[17楼]
[匿名]Thanks for your share!
[匿名]Thanks for your share!
2008-03-24 20:23:49
Thanks for your share!
短消息通知评论者
[18楼]
[匿名]Thanks for your share!
[匿名]Thanks for your share!
2008-03-24 20:23:49
Thanks for your share!
短消息通知评论者
[19楼]
redking
redking
2008-04-02 16:41:06
you are welcome!
短消息通知评论者