Endpoint Protection

Hi all,

I have problem about virus definition updating of SEPM ( ru5 & ru6) via Liveupdate administrator.  The Liveupdate administrator v.2.2.2.9 could download & distribution processing virus definition up-to-date. Then I update virus from SEPM, the log show completed update with definition up-to-date when I saw at "Show Liveupdate Downloads" , the virus definition still out-of-date.

I do several solution
1. I tried to reinstall Liveupdate  & delete folder LiveUpdate in "Documents and Settings\All Users\Application Data\Symantec\LiveUpdate" , then I use command to LuCatalog -cleanup & -update too.
2. follow step int the Article "How to clear corrupt virus definition from SEPM"

Have any idea, Pls help me :c

Sometimes, it is noted that if there are corrupt virus definitions downloaded by SEPM, it is required to clean them up and download the virus definitions again.

Following are the steps for the same:

File system cleanup for 32-bit SESC Virus Definitions:

1. Stop SEPM server service.

2. Go to C:\program files\symantec\symantec endpoint protection manager\Inetpub\content\{C60DC234-65F9-4674-94AE-62158EFCA433}" folder and move all of the subfolders to another place, such as C:\Temp if you want a backup, otherwise delete the sub-folders.

Database cleanup for 32-bit SESC Virus Definitions:

3) Go to C:\Program Files\Common Files\Symantec Shared\SymcData\ and delete the following folders:
sesmipsdef32
sesmipsdef64
sesmvirdef32
sesmvirdef64

4)In the registry, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\InstalledApps.
Delete these keys
SymcData-sesmipsdef32
SymcData-sesmipsdef64
SymcData-sesmvirdef32
SymcData-sesmvirdef64

5). In the registry, navigate to and delete the following keys:

HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs\SymcData-sesmipsdef32
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs\SymcData-sesmipsdef64
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs\SymcData-sesmvirdef32
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs\SymcData-sesmvirdef64

6). Start the SEPM service back up.

7). Run Live update from within the Symantec Endpoint Protection Management console.

This will re-populate the database which in turn will update the moniker folders.

Not work. It still virus definition out-of-date.

Thank for your help ^^

Download the virus definition file and run , then see next scheduled or live update launched one is showing the correct def version..
http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=savce

Can you give us a screen shot of "Show Liveupdate Downloads" 

Check the following articles

Title: Downloading and hosting the Symantec Endpoint Protection Manager (SEPM) 2010 definitions patch via LiveUpdate Administrator 2.x (LUA 2.x) and LiveUpdate Administration Utility 1.x (LUAU 1.x)
Web URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2010010901022848?OpenDocument&*=&ExpandSection=1#_Section1

Title: Symantec Endpoint Protection Manager 11.x is not updating 32 or 64 bit virus definitions.
Web URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008041516215948 

Title: Manually Applying the 2010 definitions patch to Symantec Endpoint Protection Manager (SEP)
Web URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2010011512020748

Title: How to update definitions for Symantec Endpoint Protection Manager using a JDB file
Web URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007100820002048

Could you  please  see, if  SEPM is able to get the  updates from Internet. Just change the liveupdate  settings for  source  server, under  Admin-Servers-local site  properties-liveupdate, to Default  Symantec Liveupdate  server.

Note" SEPM would need  access to Internet, for this  step

Maheshroja

I tried your suggestion but now today it still out-of-date.

And I have new problem the Liveupdate Administrator could not completed automatic download processing. Task it failed. ( So sometimes it will completed by manual )

Thank guy for helping

vishal_kalani

Your suggestion. I could not update virus from internet directly. But SEPM can access internet & serve URL for virus downloading of Symantec website (http://liveupdate.symantecliveupdate.com, http://liveupdate.symantec.com)

**Remark The Liveupdate Administrator & SEPM it same machine

My customer solution  has 7 branches, each branch install SEPM for themselve & update virus definition via Liveupdate Administrator from HQ site (LiveUpdate Administrator & SEPM same machine)

Thank for helping.

AravindKM

My ScreenShot

LiveUpdate Administrator
http://www.4shared.com/photo/5aKFpBDU/liveupdate-admin.html

Virus Definition for HQ
http://www.4shared.com/photo/ozGcrk2E/virus-update-HQ.html

Virus Definition for Branch
http://www.4shared.com/photo/giZi7UxP/virus-update-branch.html

As per the screen shots your SEPM is up to date.....

Dear All,

But now Liveupdate Administrator could not update !!!!
Download processing is failed
Distribution processing is completed

Post the error screen shot with log

Maheshroja

Let see this.

Home page
http://www.4shared.com/photo/WjZUYFa3/home.html

Status
http://www.4shared.com/photo/G90Sn8_9/status.html

Thanks, for helping

Try by running manual download

It still failed.  TT

http://www.4shared.com/photo/zJC93fuy/home2.html

Remove the contents of the download folder and try to download once again...

AravindKM

It still failed again

Ten I think it is better to reinstall LUA.It will not take much time.....

That's right !!!

Now It's working by manual. I'll check for automatic update again.

Thanks for helping

Completed !!!

About Solution in this thread, it has two problem

1. SEPM cannot update definition from Liveupate administrator --> Refer solution Maheshroja

2. Liveupdate Administrator cannot automatic update definition --> Refer solution AravindKM

 

Thanks guys for helping .....

Thanks for the update.