Solved

Symantec AV Crop. Ed. server not updating def files

Posted on 2009-05-13
6
837 Views
Last Modified: 2013-12-09
Hi Experts.  I ran into this problem once before but like a moron I didn't document the fix.  Rather then go through all of it again, I need help getting the Windows 2003 server that is running as the AV server for our AD domain.  We have Windows XP Pro clients (200+) that get their def files from the in-house AV server and since the server isn't getting the def files, the whole thing is dorked.

It just started happening a few weeks ago.  Did a scan once I manually updated the files and no infections found.  Thanks for the help.

Symantec AV Corp. Edition 10.1.6.6000
0
Comment
Question by:samiam41
  • 4
6 Comments
 
LVL 2

Accepted Solution

by:
Ar3s earned 250 total points
ID: 24378601
Hello,

I had a similar problem where virus definitions were not updating with Symantec Endpoint Protection 11. So around the end of every month I would manually update the definitions on the server and it would automatically push them out to the clients. The definitions you want can be found here under "Manager Installations on Windows Platforms"

http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=savce

After getting tired of that, I fiddled with my LiveUpdate settings in the management console, set LiveUpdate to run during off hours in the night, and then manually ran LiveUpdate. Apparently there had been some problems with LiveUpdate where it just wouldn't run at all, but after making sure it was scheduled to run and doing a manual update, it ran fine and now definitions are updated every night.
0
 
LVL 9

Author Comment

by:samiam41
ID: 24378811
Thanks for the suggestion.

I noticed in the SAVCE LiveUpdate config that there is an "interactive mode and express mode".  The express mode downloads and installs all acailable Symantec updates automatically while the other mode requires manually tweaking.  Wanna guess which I had selected???  D@mn..

Still looking for why it won't update on its own.  
0
 
LVL 9

Author Comment

by:samiam41
ID: 24378822
I notice there are two cmd windows open waiting for me to overwrite the .xdb file.  I will bet this is part of the "manual/interactive mode" that was selected.  
0
ScreenConnect 6.0 Free Trial

Discover new time-saving features in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI, app configurations and chat acknowledgement to improve customer engagement!

 
LVL 15

Assisted Solution

by:xmachine
xmachine earned 250 total points
ID: 24379476
Hi,

1) Attach this file please (C:\Documents And Settings\All Users\Application Data\Symantec\LiveUpdate\Log.Liveupdate) to check for any problems.


2) Re-install Liveupdate following this KB article:

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/65b4e8bcf36dd8f8882571f100741e9e?OpenDocument


A Symantec Certified Specialist @ your service
0
 
LVL 9

Author Comment

by:samiam41
ID: 24387039
xmachine, thanks for the post.  

It appears that the settings I found >> interactive mode and express mode << was set to interactive.  I made the change yesterday and without any manual interaction, the server received the updates and pushed them out.   I feel confident that was the issue at play; incorrect setting.  How, when or why I set it that way is beyond me but it's working now.

I'm going to split the points 50/50 on this for contributing to the answer and for your time.  Thanks again experts.
0
 
LVL 9

Author Closing Comment

by:samiam41
ID: 31581172
Thanks again experts.  Glad I got to work with you.  Take care.

-Aaron
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
What is the best Ransom ware protection for Servers and clients? 13 99
Russian pop up ad virus 8 131
Website BlackListed 22 86
Computer has been hijacked? 13 93
Some site administrators might be considering how to filter incoming traffic to a site by identifying the domains or networks of the traffic source, in the same way that a spam filter does on an email server, such as blocking all emails sent from th…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question