Virus definitions in Symantec Endpoint Protection Manager (SEPM) are not updating

book

Article ID: 177453

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Virus Definition Distribution window in SEPM/Home page indicates Latest Manager Version is older than Latest Symantec Version.


Symptoms
Running LiveUpdate from Admin/Servers/Local Site/Download LiveUpdate Content either fails entirely, hangs, or even reports as up to date. But Latest Manager Version remains outdated.


Copying the most recent .jdb file, renamed to remove .zip extension, to C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\content\incoming fails.

In some cases the .jdb repeatedly extracts and deletes, over and over. Files remain in incoming folder.

 

Cause

·Possible corruption in Symcdata, VirusDefs, or LiveUpdate Settings

Resolution

  1. In services.msc, stop Symantec Endpoint Protection Manager service
  2. In services.msc, stop Symantec Endpoint Protection service.
  3. Navigate to C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox\content\incoming
  4. Delete the .jdb and any 'extracted' files that may be present
  5. Navigate to C:\Program Files\Common Files\Symantec Shared\Symcdata
    - Open sesmvirdefs32 and delete contents
    - Open sesmvirdefs64 and delete contents
    - Open VirusDefs and delete contents
  6. Navigate to C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate
    - Delete contents of Downloads folder
    - Delete all Settings.LiveUpdate files ie;1.Settings.LiveUpdate, 2.Settings.LiveUpdate
    - Also delete the un-numbered Settings.LiveUpdate file
  7. In services.msc, start Symantec Endpoint Protection Manager service
  8. In services.msc, start Symantec Endpoint Protection service.
  9. Open SEPM/Admin/Servers/LocalSite
  10. Monitor status as SEPM downloads and installs definitions.