Sunday, May 16, 2010

Symantec Endpoint Protection Manager 11.x is not updating 32 or 64 bit virus definitions

From Symantec Support Website:


Question/Issue:
Why is Symantec Endpoint Protection Manager 11.x not updating 32 or 64 bit virus-definitions?

Symptoms:

  • Symantec Endpoint Protection Clients do not update virus definitions.
  • Symantec Endpoint Protection Manager shows old virus definitions in "Admin > Server > Local Site >Show LiveUpdate Downloads".

Cause:
Old or corrupted virus definitions prevent Symantec Endpoint Protection Manager to update with new downloaded virus definitions.


Solution:
Steps to clean Virus Definitions folders and republish Live Update Product Inventory on Symantec Endpoint Protection Manager:

  1. Delete the content of folder "c:\documents and settings\All users\Application Data\Symantec\LiveUpdate\Downloads\"
    Note: Application Data is a hidden folder. Delete the content of the Downloads folder, but not the folder itself.
  2. Update the LiveUpdate catalog by opening the following link in Internet Explorer:
    http://localhost:9090/servlet/ConsoleServlet?ActionType=ConfigServer&action=PublishLuInventory
    After few seconds you will get a confirmation message "Responsecode="0".
  3. Stop the services "Symantec Endpoint Protection Manager" and "Symantec Endpoint Protection"
    To stop the services:
    1. Go to Start > Run.
    2. Type the following: Services.msc
    3. Select and stop the above mentioned services.
  4. Delete the numbered or TMP folders inside the paths:
    • %programfiles%\symantec\symantec endpoint protection manager\inetpub\content\{1CD85...
    • %programfiles%\symantec\symantec endpoint protection manager\inetpub\content\{C60DC...
    • %programfiles%\common files\Symantec Shared\SymcData\sesmvirdef32
    • %programfiles%\common files\Symantec Shared\SymcData\sesmvirdef64
    • %programfiles%\common files\Symantec Shared\VirusDefs
  5. Launch the process LUALL.EXE from %programfiles%\Symantec\LiveUpdate (May be requested to click on "START")
    (LiveUpdate should run for some minutes (5-10 min), if some error messages are displayed, exit and launch again LUALL.exe)
  6. Restart both Symantec Endpoint Protection services when LiveUpdate is complete.
  7. Verify the numbered folders of virus definitions are created in the following paths:
    (There might be just 2-3 folders in the beginning, but the default number is 10 folders)
    • %programfiles%\symantec\symantec endpoint protection manager\inetpub\content\{1CD85...
    • %programfiles%\symantec\symantec endpoint protection manager\inetpub\content\{C60DC...
  8. Log on to Symantec Endpoint Protection Manager Console and launch a LiveUpdate from Admin > Server > Local Site > Download LiveUpdate content.

Verify the correct download/usage of new virus definitions from "Admin > Server > Local Site >Show LiveUpdate Downloads".

Note: In Server 2008, the Downloads folder in step 1 is located at C:\Program Data\Symantec\LIveUpdate\Downloads
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)