How to clear out corrupted definitions for a Symantec Endpoint Protection client with Mail Security for Domino installed

book

Article ID: 177757

calendar_today

Updated On:

Products

Mail Security for Domino

Issue/Introduction

How to fix and rebuild corrupted definitions for a Symantec Endpoint Protection client when Mail Security for Domino is installed

 

Resolution

  1. Stop the following services within Window Services Snap-in:
    - Symantec Management Client
    - Symantec Endpoint Protection
  2. Stop Symantec Mail Security for Domino within the Domino Console
    > tell sav quit
  3. Navigate to the following directory location:

    For Windows 32 bit Operating Systems
    C:\Program files\common files\Symantec Shared\Virus Defs

    For Windows 64 bit Operating Systems
    C:\Program files(x86)\common files\Symantec Shared\Virus Defs

    Delete all files and subfolders.
  4. Delete the downloaded data in following directories:

    For Windows 32 bit Operating Systems
    C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads

    For Windows 64 bit Operating Systems
    C:\ProgramData\Symantec\Definitions\VirusDefs\

    Delete all files and subfolders.
  5. WARNING: In the next steps you will edit the Windows registry. Back up the registry before you make any changes to it, because incorrect changes to the registry can result in permanent data loss or corrupted files. Modify only the registry keys that are specified. For instructions, see http://support.microsoft.com/kb/322756.

    Delete the data from the registry:
    - Click the Start button and then click Run
    - Type regedit and click OK

    For Windows 32 bit Operating Systems
    - Navigate to:
    HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs
    - Delete the following keys:
    SRTSP
    NAVCORP_70
    DEFWATCH_10
    SepCache3
    SepCache2
    SepCache1

    For Windows 64 bit Operating Systems
    HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs
    - Delete the following keys:
    SRTSP
    NAVCORP_70
    DEFWATCH_10
    SepCache3
    SepCache2
    SepCache1
    - Navigate to:
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\SharedDefs
    - Delete the following keys:
    SMSDOM_8.0
    SMSDOM_8.0_UPDATE
  6. Start the Symantec Management Client and Symantec Endpoint Protection services.
  7. Allow time for the definitions to rebuild. (This can take up to 10 minutes to accomplish.)
    Verify the definitions are correct by inspecting "C:\Program Files\Common Files\Symantec Shared\VirusDefs" or "C:\ProgramData\Symantec\Definitions\VirusDefs\"
  8. Start the Symantec Mail Security for Domino.
    > Load ntask

Make sure that Liveupdate is disabled for Mail Secutiry for Domino according to this Knowledge base document:
http://www.symantec.com/docs/TECH81861

Note: This only applies when using Symantec Endpoint Protection 11.x and older. As of recent developments of Symantec Endpoint Protection 12.1, Symantec Mail Security for Domino no longer shares virus definitions with Symantec Endpoint Protection. Please review the following documentation for details:

How to enable LiveUpdate in Mail Security for Domino
http://www.symantec.com/docs/HOWTO51905