On a regular basis, virus definition files for Symantec Endpoint Protection are added to the "PendingFileRenameOperations" registry key. Is this expected behavior?
Registry key: HKLM\SYSTEM\ControlSet001\Control\Session Manager\PendingFileRenameOperations
Key's value data: \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20120131.002\IDSxpx86.dll
Definition files are being replaced; old definition files are not removed until after reboot.
The issue has been fixed in SEP 12.1 RU2.
You can obtain a copy of SEP 12.1 RU2 at the following location:
The following are some helpful links to documentation regarding this new release:
Obtaining the latest version of Endpoint Protection or Network Access Control
Upgrading or migrating to Symantec Endpoint Protection 12.1.2011 (RU2)
What's new in Symantec Endpoint Protection 12.1.2
Release Notes and System Requirements for all versions of Symantec Endpoint Protection and Symantec Network Access Control
New fixes and enhancements in Symantec Endpoint Protection 12.1 Release Update 2
Login to Subscribe
Please login to set up your subscription.
Get support for your product, with downloads, knowledge base articles, documentation, and more.
Maximize your product competency and validate technical knowledge to gain the most benefit from your IT investments.
Submit a suspected infected file to Symantec.
Report a suspected erroneous detection (false positive).
Set default language
Do you wish to save this as your future site?