Solved

Symantec AV Crop. Ed. server not updating def files

Posted on 2009-05-13
6
860 Views
Last Modified: 2013-12-09
Hi Experts.  I ran into this problem once before but like a moron I didn't document the fix.  Rather then go through all of it again, I need help getting the Windows 2003 server that is running as the AV server for our AD domain.  We have Windows XP Pro clients (200+) that get their def files from the in-house AV server and since the server isn't getting the def files, the whole thing is dorked.

It just started happening a few weeks ago.  Did a scan once I manually updated the files and no infections found.  Thanks for the help.

Symantec AV Corp. Edition 10.1.6.6000
0
Comment
Question by:samiam41
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
6 Comments
 
LVL 2

Accepted Solution

by:
Kyle Lambert earned 250 total points
ID: 24378601
Hello,

I had a similar problem where virus definitions were not updating with Symantec Endpoint Protection 11. So around the end of every month I would manually update the definitions on the server and it would automatically push them out to the clients. The definitions you want can be found here under "Manager Installations on Windows Platforms"

http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=savce

After getting tired of that, I fiddled with my LiveUpdate settings in the management console, set LiveUpdate to run during off hours in the night, and then manually ran LiveUpdate. Apparently there had been some problems with LiveUpdate where it just wouldn't run at all, but after making sure it was scheduled to run and doing a manual update, it ran fine and now definitions are updated every night.
0
 
LVL 9

Author Comment

by:samiam41
ID: 24378811
Thanks for the suggestion.

I noticed in the SAVCE LiveUpdate config that there is an "interactive mode and express mode".  The express mode downloads and installs all acailable Symantec updates automatically while the other mode requires manually tweaking.  Wanna guess which I had selected???  D@mn..

Still looking for why it won't update on its own.  
0
 
LVL 9

Author Comment

by:samiam41
ID: 24378822
I notice there are two cmd windows open waiting for me to overwrite the .xdb file.  I will bet this is part of the "manual/interactive mode" that was selected.  
0
Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

 
LVL 15

Assisted Solution

by:xmachine
xmachine earned 250 total points
ID: 24379476
Hi,

1) Attach this file please (C:\Documents And Settings\All Users\Application Data\Symantec\LiveUpdate\Log.Liveupdate) to check for any problems.


2) Re-install Liveupdate following this KB article:

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/65b4e8bcf36dd8f8882571f100741e9e?OpenDocument


A Symantec Certified Specialist @ your service
0
 
LVL 9

Author Comment

by:samiam41
ID: 24387039
xmachine, thanks for the post.  

It appears that the settings I found >> interactive mode and express mode << was set to interactive.  I made the change yesterday and without any manual interaction, the server received the updates and pushed them out.   I feel confident that was the issue at play; incorrect setting.  How, when or why I set it that way is beyond me but it's working now.

I'm going to split the points 50/50 on this for contributing to the answer and for your time.  Thanks again experts.
0
 
LVL 9

Author Closing Comment

by:samiam41
ID: 31581172
Thanks again experts.  Glad I got to work with you.  Take care.

-Aaron
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question