After upgrading Symantec Endpoint Protection Manager (SEPM), LiveUpdate fails to update virus definitions. All clients set to update from the SEPM are left with out-of-date content. The intelligent Updater tool also fails to update content on the SEPM.
In the LiveUpdate log, virus definitions fail with a Result Code of 0x80004005.
Example:
16:35:03.115524 [Component Result - START]
16:35:03.115524 Component ID: {F3E7C203-78AA-448B-A844-3587B103EE5C}
16:35:03.115524 Display Name: SEPM Virus R Definitions SDS Win64 (x64) 14.3 RU3
16:35:03.115524 PVL: SEPM Virus R Definitions SDS Win64 (x64) 14.3 RU3_MicroDefsB.CurDefs_SymAllLanguages
16:35:03.115524 Result Code: 0x00010000
16:35:03.116523 Result Message: OK
16:35:03.116523 [Package Result - START]
16:35:03.116523 File: 1642022205jtun_stagedemt64sep143encfulc3sds.7z
16:35:03.116523 Result Code: 0x80004005
16:35:03.116523 Result Message: UNKNOWN
16:35:03.116523 [Package Result - END]
Release : 14.3.x
Component :
Likely due to a partially failed database migration during the upgrade. Tamper Protection could be blocking sesmcontinst.exe
The easiest workaround is to set a Tamper Protection exception for sesmcontinst.exe in the Exceptions policy.
Creating Tamper Protection exceptions
Exclude the following file from Tamper Protection:
Pr
If the issue is due to an incomplete upgrade, run upgrade.bat (\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\bin) to complete the installation.
Verify the integrity of the SEP Database by running the DBValidator tool on the Symantec Endpoint Protection Manager (SEPM), refer to the below article: