Symantec does not update definitions on one computer

Posted on 2007-08-12
Last Modified: 2013-12-09
OK, if you get this you can go to work for Symantec. OK, so I will probably not get any comments based on that. But, Symantec support has worked on this for two hours over the phone with no help.

Basically, I am running SBS 2003 Standard R2 with seven XP Pro clients. Symantec Corporate 10.1 is on the server and downloads and updates all of the PCs. ALL of the PCs run as set up every night at 2 AM, And, six of the PCs update their definitions. However, one of the workstations (mine -- which does have way  more programs on it and hence always has more possibilities of issues) doesn't work.

Symantec support has blamed this on corrupt definitions and has gone through a number of steps to get rid of them. They have been able to update the definitions by downloading the daily updates, but even that is difficult. If you asks me to go through the steps, I will try, but they are fairly hard to remember.

C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5  and make sure there are no definition files there and just a log file.

C:\Program Files\Common Files\Symantec Shared\VirusDefs

Any help would be appreciated. I am thinking of uninstalled and running AVG. By the way, I have uninstalled and reinstalled and uninstalled the computer from the server and re-added it.

Question by:Bert2005
    LVL 4

    Accepted Solution

    check open ports.  I had similar problem ( with Avg though ;) and solution was that remote updates require ports 135-137 and 4** to be open.  Usually, activating file and printer sharing in windows in enough...

    you should also open "services.msc" from the command line and diff with machines that are updating properly.

    Btw, was does the server log say ? you might find some useful info there.
    LVL 1

    Author Comment


    Thanks jonathan. We did check the ports. Actually, it was strange because the port wasn't open. Opening it didn't seem to help. I will check the services.msc and the log files.

    Assisted Solution

    Symantec can give you hard time if it is conflicting with any other program and this can be even some new malware not recognized by symantec client and it is blocking connection to server. Without client log its hard to say.
    If you imaged your system with ghost/acronis, restore image on another partition and check server/client interaction and post your findings.
    We used symantec av corporate for 2 years and finaly switched to NOD32 Enterprise. Excellent management console, reports and above all connection to clients, being LAN or remote ones. See some reviews on net.
    LVL 1

    Author Comment

    I received an email from Symantec today. We shall see. They suggested going to the console and running a search using the IP address. If this worked, I was supposed to uninstall and reinstall the client. It actually worked for now. We will see on the next update.

    Jeff (TechSoEasy) recommended Trend Micro. Another friend recommended Sophos. What is NOD32?

    2) We can perform a find computer on the server to see if we can force that client to show up and retrieve definitions.  In the System Center:
       a) Unlock the Server Group
       b) Tools tab - Find Computer
       c) Search for Exact (Machine name, User name, or IP) IP search recommended
    If the system center is able to find the computer it will force it into the system center.
    3) Uninstall and reinstall that client.

    Expert Comment

    I am little late, sorry :)

    > What is NOD32?
    Best antivirus and anti malware solution on market based on many independent reviews. Go to or and find links to all reviews.
    After we sow that symantec is really slow in developing and relasing fixes we tested few other enterprise solutions.
    Trend Micro, Webroot (they aquired sophos and is now part of webroot package), CA and ESET where best ones and after carefull research we picked ESET (NOD32 Enterprise).
    Try NOD32 LAN Update package and see really great approach about distributions of virus/malware updates! After installation and configuration we had 0 problems with all clients in network/remote enviroment!
    LVL 1

    Author Comment


    Thanks for the added information. I will check out the websites.

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Join & Write a Comment

    These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
    UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now