Solved

Symantec AV Crop. Ed. server not updating def files

Posted on 2009-05-13
6
832 Views
Last Modified: 2013-12-09
Hi Experts.  I ran into this problem once before but like a moron I didn't document the fix.  Rather then go through all of it again, I need help getting the Windows 2003 server that is running as the AV server for our AD domain.  We have Windows XP Pro clients (200+) that get their def files from the in-house AV server and since the server isn't getting the def files, the whole thing is dorked.

It just started happening a few weeks ago.  Did a scan once I manually updated the files and no infections found.  Thanks for the help.

Symantec AV Corp. Edition 10.1.6.6000
0
Comment
Question by:samiam41
  • 4
6 Comments
 
LVL 2

Accepted Solution

by:
Ar3s earned 250 total points
ID: 24378601
Hello,

I had a similar problem where virus definitions were not updating with Symantec Endpoint Protection 11. So around the end of every month I would manually update the definitions on the server and it would automatically push them out to the clients. The definitions you want can be found here under "Manager Installations on Windows Platforms"

http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=savce

After getting tired of that, I fiddled with my LiveUpdate settings in the management console, set LiveUpdate to run during off hours in the night, and then manually ran LiveUpdate. Apparently there had been some problems with LiveUpdate where it just wouldn't run at all, but after making sure it was scheduled to run and doing a manual update, it ran fine and now definitions are updated every night.
0
 
LVL 9

Author Comment

by:samiam41
ID: 24378811
Thanks for the suggestion.

I noticed in the SAVCE LiveUpdate config that there is an "interactive mode and express mode".  The express mode downloads and installs all acailable Symantec updates automatically while the other mode requires manually tweaking.  Wanna guess which I had selected???  D@mn..

Still looking for why it won't update on its own.  
0
 
LVL 9

Author Comment

by:samiam41
ID: 24378822
I notice there are two cmd windows open waiting for me to overwrite the .xdb file.  I will bet this is part of the "manual/interactive mode" that was selected.  
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 15

Assisted Solution

by:xmachine
xmachine earned 250 total points
ID: 24379476
Hi,

1) Attach this file please (C:\Documents And Settings\All Users\Application Data\Symantec\LiveUpdate\Log.Liveupdate) to check for any problems.


2) Re-install Liveupdate following this KB article:

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/65b4e8bcf36dd8f8882571f100741e9e?OpenDocument


A Symantec Certified Specialist @ your service
0
 
LVL 9

Author Comment

by:samiam41
ID: 24387039
xmachine, thanks for the post.  

It appears that the settings I found >> interactive mode and express mode << was set to interactive.  I made the change yesterday and without any manual interaction, the server received the updates and pushed them out.   I feel confident that was the issue at play; incorrect setting.  How, when or why I set it that way is beyond me but it's working now.

I'm going to split the points 50/50 on this for contributing to the answer and for your time.  Thanks again experts.
0
 
LVL 9

Author Closing Comment

by:samiam41
ID: 31581172
Thanks again experts.  Glad I got to work with you.  Take care.

-Aaron
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There are many HijackThis tutorials on the web already, so this article is about tips that help utilize HijackThis' full potential as a diagnostic tool. Download HijackThis from a TrendMicro link or from known reliable sources only. http://free.…
HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now