Symantec does not update definitions on one computer

Posted on 2007-08-12
Medium Priority
Last Modified: 2013-12-09
OK, if you get this you can go to work for Symantec. OK, so I will probably not get any comments based on that. But, Symantec support has worked on this for two hours over the phone with no help.

Basically, I am running SBS 2003 Standard R2 with seven XP Pro clients. Symantec Corporate 10.1 is on the server and downloads and updates all of the PCs. ALL of the PCs run as set up every night at 2 AM, And, six of the PCs update their definitions. However, one of the workstations (mine -- which does have way  more programs on it and hence always has more possibilities of issues) doesn't work.

Symantec support has blamed this on corrupt definitions and has gone through a number of steps to get rid of them. They have been able to update the definitions by downloading the daily updates, but even that is difficult. If you asks me to go through the steps, I will try, but they are fairly hard to remember.

C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5  and make sure there are no definition files there and just a log file.

C:\Program Files\Common Files\Symantec Shared\VirusDefs

Any help would be appreciated. I am thinking of uninstalled and running AVG. By the way, I have uninstalled and reinstalled and uninstalled the computer from the server and re-added it.

Question by:Bert2005
  • 3
  • 2

Accepted Solution

jonathanmelnick earned 1200 total points
ID: 19680662
check open ports.  I had similar problem ( with Avg though ;) and solution was that remote updates require ports 135-137 and 4** to be open.  Usually, activating file and printer sharing in windows in enough...

you should also open "services.msc" from the command line and diff with machines that are updating properly.

Btw, was does the server log say ? you might find some useful info there.

Author Comment

ID: 19680727

Thanks jonathan. We did check the ports. Actually, it was strange because the port wasn't open. Opening it didn't seem to help. I will check the services.msc and the log files.

Assisted Solution

TrojanBarber earned 800 total points
ID: 19681926
Symantec can give you hard time if it is conflicting with any other program and this can be even some new malware not recognized by symantec client and it is blocking connection to server. Without client log its hard to say.
If you imaged your system with ghost/acronis, restore image on another partition and check server/client interaction and post your findings.
We used symantec av corporate for 2 years and finaly switched to NOD32 Enterprise. Excellent management console, reports and above all connection to clients, being LAN or remote ones. See some reviews on net.
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!


Author Comment

ID: 19688091
I received an email from Symantec today. We shall see. They suggested going to the console and running a search using the IP address. If this worked, I was supposed to uninstall and reinstall the client. It actually worked for now. We will see on the next update.

Jeff (TechSoEasy) recommended Trend Micro. Another friend recommended Sophos. What is NOD32?

2) We can perform a find computer on the server to see if we can force that client to show up and retrieve definitions.  In the System Center:
   a) Unlock the Server Group
   b) Tools tab - Find Computer
   c) Search for Exact (Machine name, User name, or IP) IP search recommended
If the system center is able to find the computer it will force it into the system center.
3) Uninstall and reinstall that client.

Expert Comment

ID: 19724804
I am little late, sorry :)

> What is NOD32?
Best antivirus and anti malware solution on market based on many independent reviews. Go to eset.com or nod32.com and find links to all reviews.
After we sow that symantec is really slow in developing and relasing fixes we tested few other enterprise solutions.
Trend Micro, Webroot (they aquired sophos and is now part of webroot package), CA and ESET where best ones and after carefull research we picked ESET (NOD32 Enterprise).
Try NOD32 LAN Update package and see really great approach about distributions of virus/malware updates! After installation and configuration we had 0 problems with all clients in network/remote enviroment!

Author Comment

ID: 19724812

Thanks for the added information. I will check out the websites.

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
If you are like me and like multiple layers of protection, read on!
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question