Windows 2003 server norton av and clean up temp

Posted on 2009-02-23
Last Modified: 2012-05-06
Dear Experts:

need some advice:
1. I inherited a win2003 server with norton corp av 10. it has been more than 1 year old but it is still updating the av definitions; will not expire??

2. which temp file directory could I removed?  I need to clean up some temp or unneeeded files; which directories could I start with.  

Thanks for all your helps.
Question by:goodfinder
    LVL 38

    Expert Comment

    by:Hypercat (Deb)
    Generally SAVCE cleans up after itself.  Old virus definition files are normally deleted automatically as new virus definitions are downloaded.  You can clean up the Quarantine by deleting any old items in there - whatever is there will usually be unrecoverable anyway. You can clean up the log files, which are normally stored in the All Users\Application Data\Symantec\7.5 folder, if they are not automatically deleting also.
    The virus definition updates will stop working after a period of time.  I believe that Symantec gives you a 30-day grace period, or at least they used to, for renewing your virus definition subscription.

    Author Comment

    thanks hypercat,

    1. my c: drive(partition) is small and how do I free up some space.  I thought there are some temp files or download files that I could removed to get some space back.

    2. norton Antivirus 10.1 corp does not have a tab to find out the expiration day!?  I looked 3x and could not find it.  Any help will be appreciated.
    LVL 38

    Accepted Solution

    Here's an article on how to check the license expiration, clearly explained I think:
    There very likely are some files unrelated to Symantec that you could clean up:
    1.  Look in the C:\Windows\System32\Logfiles folder.  This folder contains log files for the SMTP service and the WWW service.  If the server is running one or both of these services, there will probably be a buildup of log files here. If so, you can delete them (except for the current one) without losing anything except historical data.
    2. Search the drive for any files ending in .tmp or .log.  Check carefully for what they are first to be sure, but these types of files can usually be deleted without any negative results.
    3.  Look in the C:\Windows folder for uninstall folders for service packs, patches and security updates.  These folder name being with a $NtUninstall and then a serial number for the particular patch or update. You can delete any of these unless you think there's a chance that you might have to uninstall the update.  If you want to be extra cautious, then move them to another partition instead of deleting them.
    If none of the above gains you enough drive space to make you comfortable, you can also move your page file to another partition.  It is always a good idea to have a page file of at least 1GB on the C: partition, if at all possible, but you can pare it down to 512MB if necessary. Then, add a page file to another partition to make up the difference to give you adequate virtual memory to run your server and applications.

    Author Comment

    thanks hypercat.
    last question if you don't mind.

    1. would you recommend norton  endpoint 11 or other nod32, avg? for single win server2003 with 20 wks.

    2. Is the upgrade straight forward?

    Author Closing Comment

    wonderful experience!
    LVL 38

    Expert Comment

    by:Hypercat (Deb)
    I have used Norton/Symantec products for many years, and have been through both good and horrendous experiences with them.  The early versions of Endpoint were buggy, but the latest two versions - Endpoint 11.0.3000 and 11.0.4000 - have been pretty good.  The management console is quite different from the older SAVCE versions, so it's a bit of an adjustment for the administrator.  I have not implemented either the firewall, application control or intrusion prevention portions of the new product, just the antivirus/antispyware and proactive threat protection.  I think the other stuff (firewall, app control and intrusion prevention) are overkill for a small network like yours and the ones I typically manage.  We have other firewalls in place and I'm not a fan of software firewalls anyway. I've also seen posts from people having problems with them, and so I'm a bit cautious.
    The upgrade is pretty straightforward.  I just finished doing an upgrade at a client site with about 55 workstations.  I left the old SAVCE 10.x primary server in place and installed the new SEP Management Console on a different server.  I highly recommend doing it this way if at all possible, because it allows you to take your time configuring the policies, install features, etc., and then pushing out the upgrade to all of the workstations, before you remove the old SAVCE primary server and install Endpoint on it. This is important because IMO it takes a while to learn the new console and understand how to configure the policies and settings you need for a successful push installation of the upgrade. If you can't do this, you MUST uninstall the Symantec System Center console, and any other Symantec management features (i.e., Quarantine console, Reporting Server) from the server before you start installing SEP.
    Once you get to the workstation end of things, the push install will automatically uninstall the old version of the software and then install the new SEP 11.x client.  I have run across some workstations where the initial uninstall of SAVCE fails, and then of course the SEP software install can't be completed.  What I had to do for these workstations was to log on to the workstation and manually uninstall SAVCE.  Once that was done, I could push out the SEP client install again from the server and it succeeded in 99% of the cases.
    I also highly recommend you read through Symantec's upgrade documentation carefully and thoroughly before you begin.  Most everything you need to know is contained in the documentation that is included in the software download.
    If you have other questions as you get into this project, post them on EE and I'm sure I or some other qualified individual will be glad to help you out.

    Author Comment

    you rock!! Have a super good day.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Suggested Solutions

    As dyndns has reduced the capabilities of the free service, I looked around for other free providers of Dynamic DNS service. After testing several I decided to move my DNS hosting to Hurricane Electric as then domains that require dynamic hostnam…
    Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now