How to roll back the BASH (Behavioral Analysis and System Heuristics) definitions to a known good version:

• From the command line, navigate to the following directory:
  C:\Program Files\Symantec\Symantec Endpoint Protection\
  ... and run smc -stop
   
• Go to the following directory:
  C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Definitions\BASHDefs
  
  The current version of the BASH definitions will be in the yyyymmdd.rev folder, e.g. 20110514.001
   
• Create a “incoming” directory within the BASHDefs directory.
   
• Copy the known good BASH definition files into the "incoming" directory. A known good version of the BASH definitions can be obtained from the BASHDefs.zip in the SEP directory of the software installation CD or DVD, or you can use the contents from the current yyyymmdd.rev folder of a known good SEP client installation.
   
• Run smc -start
   
• Launch LiveUpdate and then cancel it.