anikettamuche
asked on
Symantec AV Def issue
Hi All,
I have issue with SAV, one of our xp machine is not getting virus definations. The symptoms-
1) SAV 10.1.8.8000 shows no virus definations.
2) Eventvwr shows: a)Symantec AntiVirus has determined that the virus definitions are missing on this computer. This computer will remain unprotected from viruses until virus definitions are downloaded to this computer.
b)Symantec AntiVirus Auto-Protect failed to load.
3) From path- "C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5" "VD2D4603.XDB" file gets deleted frequently.
Steps taken to resolve this issue-
1) Reinstalled SAV.
2) Copied "VD2D4603.XDB" file.
3) Used Rapid release to update Virus definations.
4) Copied "Grc.dat" file to "C:\Program Files\Symantec AntiVirus".
But again the issue is not resolved. The other problem is i cant format the system and install it back. Please help me!
I have issue with SAV, one of our xp machine is not getting virus definations. The symptoms-
1) SAV 10.1.8.8000 shows no virus definations.
2) Eventvwr shows: a)Symantec AntiVirus has determined that the virus definitions are missing on this computer. This computer will remain unprotected from viruses until virus definitions are downloaded to this computer.
b)Symantec AntiVirus Auto-Protect failed to load.
3) From path- "C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5" "VD2D4603.XDB" file gets deleted frequently.
Steps taken to resolve this issue-
1) Reinstalled SAV.
2) Copied "VD2D4603.XDB" file.
3) Used Rapid release to update Virus definations.
4) Copied "Grc.dat" file to "C:\Program Files\Symantec AntiVirus".
But again the issue is not resolved. The other problem is i cant format the system and install it back. Please help me!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi xmachine I have not yet tried your tool, is it fine if i use it for symantec AV 10.1.8.8000?
Thx.
Thx.
Yes, it cover all 10.x versions
ASKER
Hi xmachine i have used the tool and installed SAV again. I need to wait and watch if the issue reoccurs.
this should work for you, just inform if you have any issue again
ASKER
Hi now a new problem : (
The tool worked fine (The SAV was showing virus defination) but when i checked today the AV was not getting virus definations from AV server, it was showing the previous day definations. I pushed the definations from AV server but no sign of relief. Then i had to manually update the AV client using LUALL.EXE from "C:\Program Files\Symantec\LiveUpdate"
The tool worked fine (The SAV was showing virus defination) but when i checked today the AV was not getting virus definations from AV server, it was showing the previous day definations. I pushed the definations from AV server but no sign of relief. Then i had to manually update the AV client using LUALL.EXE from "C:\Program Files\Symantec\LiveUpdate"
ASKER
Xmachine please help!
again the same situation. In av console i get ! mark with no defination.
again the same situation. In av console i get ! mark with no defination.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi TG Tech I have used this batch file but is this permanent solution?
After I have run this the troubled machine - it has been reporting to the Symantec Parent Server and has been receiving definition updates every morning.
If this does not fix your problem, I would run an uninstall utility for Symantec (CleanWipe.exe - Provided to me by Symantec)
This will remove all Application entries, including the registry entries. Then I would install again and verify the grc.dat file and the root cert were properly promoted to the new client.
If this does not fix your problem, I would run an uninstall utility for Symantec (CleanWipe.exe - Provided to me by Symantec)
This will remove all Application entries, including the registry entries. Then I would install again and verify the grc.dat file and the root cert were properly promoted to the new client.
at TG_Tech
Are you talking about the same cleanwipe (The latest and greatest) i provided a link way up there /\ :)
The link above for nonav contains an older tool that was not tested with the latest version of sav corp thats why i offered clean wipe it leaves traces of liveupdate.
I understand its a little tricky to download the tool i provided because you have to rename it in dos (note i can't upload .exe files on EE because it wont allow me) thats why i had to resort to tricks in order to uploaded cleanwipe
Are you talking about the same cleanwipe (The latest and greatest) i provided a link way up there /\ :)
The link above for nonav contains an older tool that was not tested with the latest version of sav corp thats why i offered clean wipe it leaves traces of liveupdate.
I understand its a little tricky to download the tool i provided because you have to rename it in dos (note i can't upload .exe files on EE because it wont allow me) thats why i had to resort to tricks in order to uploaded cleanwipe
When I run the cleanwip.exe it asks if I would like to include LU in the uninstall - asking me to make sure that no other programs are using it.
The trick is a clean install and then making sure that the grc.dat file is correct to report to the correct Parent server, and that the root cert matches the parent server to authenticate itself to receive the updates.
ASKER
I had to go through different solutions but none of them worked, my final decision was to use the batch file provided because i cant uninstall AV every time. I am sharing this points because of their contributions for mean time solutions they provided. But none of them were permanent solution. Thanks.
http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/5d575c2ce92de1a88825728a0078a2c2?OpenDocument
I am not aware of further developments. I suggest contacting Symantec if you have not already done so.
I assume this PC is regularly accessing the internet. (If not, it cannot get updates.)