Endpoint Protection

on our network we have v10.1.6 and at 10:30am and at 3pm every day rtvscan.exe runs at 100%cpu and between 100,00k and 250,00k memory usage. this slows down all clients it is installed on. our IT is looked after by an external client and they say they are unable to change this. They cannot remember the password to unlock the required areas of symantec on the server so i can disable live up dates and set up a scheduled task to update all clients at 5pm every day after we have closed for the day.

is there anyway around this?

cheers

You might consider upgrading, as there have been a few "High CPU" fixes since 10.1.6 was released.

Here is one that may apply to you.

Solution: Rtvscan.exe was modified to prevent a case where the IDB processing logic could get into a loop, consuming all

http://www.symantec.com/business/support/index?page=content&id=TECH101820&actp=search&viewlocale=en_US&searchid=1299165071839

Password recovery for Symantec Endpoint Protection and Symantec AntiVirus

http://www.symantec.com/business/support/index?page=content&id=TECH97006&actp=search&viewlocale=en_US&searchid=1299165359803

I am moving this post to the Endpoint Protection forum.

Best,

Thomas

You can always reset the password in SAV if you don't remember it. Just run IFORGOT.EXE tool from the machine were Symantec System Center is installed (default path for the tool is C:\Program Files\Symantec\Symantec System Center\Tools).

You only need remember the username in order to reset the password. Username is case sensitive

For SAV 10.1, see "Symantec System Center password management in Symantec Client Security 3.x and Symantec AntiVirus Corporate Edition 10.x" (http://www.symantec.com/docs/TECH101211)

In this case I definitely recommend upgrading to SAV 10.1 MR10.  If that cannot be done individually, then those who are designated to do so need to make the necessary change. In general it is the IT Department's responsibility to look after the network infrastructure: whatever the inconvenience or impediment in the way, they need to see that the equipment in their care is managed correctly.

Hope this helps!

Mick

This is not correct. Even in the document you mentioned you can read this:

To reset the Symantec System Center admin user password

1. On the computer running Symantec System Center, start Windows Explorer.
2. Go to \Program Files\Symantec\Symantec System Center\Tools.
3. In the right pane, double-click the IFORGOT.exe file.
4. In the Primary server field, type the name of the server group's primary server.
5. In the user field, type admin
6. In the New Password and Confirm New Password fields, type the new password.
7. Click Reset Password.
   You may be prompted for a Windows user name and password if you specify a remote server.

SAV 10.x uses IFORGOT.EXE as well, but the version is different. For SAV 9.x and earlier you cannot just reset the password (it encrypts the existing password, it has to be sent to TechSupport and then decrypted password is sent back to customer).

Starting from SAV 10.0 you can simply reset password using IFORGOT.EXE

Whatever you do, do NOT run IFORGOT.exe over a remote session, specifically a non-console session. Things will break. It is recommended to physically be at the server on which you're running IFORGOT.exe.

sandra