Unlimited Giveaway Symantec Endpoint Unmanaged without time limit

Disclaimer: We cannot guarantee that all promo codes will remain active. Some offers have a short validation period and expire.

Promo page
https://www.comss.ru/page.php?id=569
How to get a license
Download unmanaged from the link below [URL='https://www.comss.ru/page.php?id=569']Symantec Endpoint Protection[/URL]
[URL unfurl="true"]https://www.comss.ru/page.php?id=569[/URL]
[SPOILER="Unmanaged installation config "][URL unfurl="true"]https://ibb.co/K70fFMW[/URL][/SPOILER]
[SPOILER="Firewall and exploit only (for compatibility with other av software )"][URL unfurl="true"]https://ibb.co/VLsVFdW[/URL][/SPOILER]

Chri.Mi

Level 7
Well-known
Apr 30, 2020
337
Why windows defender on max won't allow any unrecognized file by Microsoft to run it is based upon the telemetry windows collect.
By doing this 99.999% of malware will be blocked.
Only downside is false positives around unpopular software.

About other security software you mentioned voodoo shield would be a good alternative.
Are u sure about max block any unrecognized file by microsoft? Is first time i hear that. Maybe @Andy Ful can confirm this.
 

Vitali Ortzi

Level 22
Thread author
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
Are u sure about max block any unrecognized file by microsoft? Is first time i hear that. Maybe @Andy Ful can confirm this.

Using the Maximum Protection Level
The Max Protection Level blocks anything suspicious via Attack Surface Reduction, Controlled Folder Access, SmartScreen (set to block) and cloud level (set to block) - Defender Security Center is hidden.
 

Chri.Mi

Level 7
Well-known
Apr 30, 2020
337
Using the Maximum Protection Level
The Max Protection Level blocks anything suspicious via Attack Surface Reduction, Controlled Folder Access, SmartScreen (set to block) and cloud level (set to block) - Defender Security Center is hidden.
K but for what understand are 2 different things, block 100% any file unrecognized means be 100% protected (only way is if windows whitelist malware, like comodo did xD), other thing is block different things with ASR, etc, etc (not sure if give 100% protection).

If is how u tell there is no match vs others av vendors LOL
 

Vitali Ortzi

Level 22
Thread author
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
Are u sure about max block any unrecognized file by microsoft? Is first time i hear that. Maybe @Andy Ful can confirm this.
K but for what understand are 2 different things, block 100% any file unrecognized means be 100% protected (only way is if windows whitelist malware, like comodo did xD), other thing is block different things with ASR, etc, etc (not sure if give 100% protection).
Never said it gives 100% protection .
But so far no malware in the wild to my knowledge was able to bypass the max settings.
About unrecognized files I was a little misleading it's actually every unknown executable by max cloud level blocking.
 

Chri.Mi

Level 7
Well-known
Apr 30, 2020
337
Never said it gives 100% protection .
But so far no malware in the wild to my knowledge was able to bypass the max settings.
About unrecognized files I was a little misleading it's actually every unknown executable.
Yes that was my deduction.
I didnt thought the score was so high, maybe some1 more can confirm if only few/no malware was able to bypass windows defender max settings.
Work only with unknown executables? Or more type of file too?
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Chri.Mi and Vitali Ortzi,

There were malware samples that could bypass ConfigureDefender MAX Protection Level via scripts, especially .jar (Java) and Python (.py). They were usually mitigated after executing the EXE payloads. Anyway, scripts can rarely bypass the MAX settings.
 

Vitali Ortzi

Level 22
Thread author
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
Chri.Mi and Vitali Ortzi,

There were malware samples that could bypass ConfigureDefender MAX Protection Level via scripts, especially .jar (Java) and Python (.py). They were usually mitigated after executing the EXE payloads. Anyway, scripts can rarely bypass the MAX settings.
What about a malicious dll /dll hijack?
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
What about a malicious dll /dll hijack?
WD like most AVs, checks DLLs (for example when you open the folder) similarly to EXE files.
Anyway, there are differences between running EXEs and DLLs that can be probably used in another way to bypass advanced AV features.

Edit.
It is probable that DLL Search Order Hijacking can be used to bypass the WD Sandbox in the cloud (part of BAFS in Windows E5) and similar sandboxes of other AVs.
 
Last edited:

Vitali Ortzi

Level 22
Thread author
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
I uninstalled this on my second computer too. Proactive detection settings are resetting back to normal by itself. I had no problems like this even with buggy comodo. I'm now using Win Defender at tweaked settings but thinking to install Avast Free.
Unfortunately, you didn't run the self-diagnosis tool.
But yes windows defender is pretty strong.
About Avast it's not as good as Symantec but since you had issues it's totally understandable to get rid of it I would have done the same .
anyone else who encounters an issue please run the Symantec diagnosis tool before giving up on SEP and of course send results.
 

Nagisa

Level 7
Verified
Jul 19, 2018
341
Unfortunately, you didn't run the self-diagnosis tool.
But yes windows defender is pretty strong.
About Avast it's not as good as Symantec but since you had issues it's totally understandable to get rid of it I would have done the same .
But please anyone else please run the Symantec diagnosis tool before giving up on SEP.
Yeah I was gonna use that diagnosis tool but give up after. I want to try different programs after all.
 

Vitali Ortzi

Level 22
Thread author
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
I don't see any "SEP tools" on Comss. ru to download and use Deception. dat.
4559.jpg

I don't see any "SEP tools" on Comss. ru to download and use Deception. dat.
I will send you a SPEM license soon .
 
Last edited by a moderator:

EndangeredPootis

Level 10
Verified
Well-known
Sep 8, 2019
461
I was interested in the endpoint manager as I am using SEP currently, I went to install it but because im using the home version if windows I cant access gpedit, meaning I cant fix this error saying it cant read required user rights , I can get past it and install it, but after that I get another error saying that it failed to intialize the databases, I was wondering if there was an way to fix this without gpedit?
 

Attachments

  • edf0524a374d226dd6b8e10cf4ceceef.png
    edf0524a374d226dd6b8e10cf4ceceef.png
    9.7 KB · Views: 365
  • 68e89f4ea1b331e728f2d9396b71beb2.png
    68e89f4ea1b331e728f2d9396b71beb2.png
    4.6 KB · Views: 370

Vitali Ortzi

Level 22
Thread author
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
I was interested in the endpoint manager as I am using SEP currently, I went to install it but because im using the home version if windows I cant access gpedit, meaning I cant fix this error saying it cant read required user rights , I can get past it and install it, but after that I get another error saying that it failed to intialize the databases, I was wondering if there was an way to fix this without gpedit?
First, since Symantec endpoint protection manager is a management server of SEP.

You are supposed to use a dedicated PC to run as a server for SPEM to work properly.

About using Windows Home as a management server of SEP(SPEM).

I'm not entirely sure it will even work on your Microsoft Windows Home device , since it was built primary for windows server in mind.

Even though I have encountered no issues running SPEM on a Windows LTSC machine as well .

And please run this tool if you experience any issues.
http://ced.broadcom.com/symhelp/2/dl

Oh, since you don't have the required SLF file I will send you the SLF file in a PM wait a moment.

And in case you want to uninstall please download cleanwipe from cmoss.ru to remove SPEM/SEP from your current machine.
 
Last edited:

sepik

Level 11
Verified
Well-known
Aug 21, 2018
505
I'm using Symantec Endpoint Protection Firewall and IDS modules only and now my Webroot SecureAnywhere flags one of Symantec .dll files (GEDatastore.dll) as a Trojan.Gen.2. Sigh. Submitted it as a FP.

UPDATE: It's now whitelisted :)

Hi,
I've added in/out block rule for mshta.exe. Is there any other "lolbins" network rules that is recommended to block?
Regards,
-sepik
 
Last edited:

Vitali Ortzi

Level 22
Thread author
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
Hi,
I've added in/out block rule for mshta.exe. Is there any other "lolbins" network rules that is recommended to block?
Regards,
-sepik
Where you able to modify the rules via unmanged client?
Anyway use all the firewall related rules that are presented in H_C firewall hardening .

If you are installing sep manager in VM, try VMware with 3 cores and 3 gb ram to virtual pc. ( 2 cores and 2 gb ram seems to be too slow for my liking)..with 3 cores and 3 gb ram it's super smooth.
Thanks I will recommend this Configuration on over 4 threaded computers.
And Wich windows version and license type you have been running on the SPEM VM ?
 
Last edited:
  • Like
Reactions: AtlBo

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top