SEP client not updating virus defintions.
search cancel

SEP client not updating virus defintions.


Article ID: 245594


Updated On:


Endpoint Security Complete


SEP content is properly being downloaded to the client, however the client fails to load the new content, causing SEP to not update to the latest content.


Release :14.3 RU 3

Component :AntiVirus


Missing DecTemp Folder in C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Data
This folder is used by SEP to decompress files, including when updating virus definitions.


  1. Disable Tamper Protection for the SEP client
  2. Close the SEP ui if it is opened.
  3. Stop SMC via run command SMC -stop
  4. Launch an Explorer window and navigate to C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Data
  5. Create a new folder inside of  C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Data and name it DecTemp.
  6. Start SMC via run command SMC -start

The SEP client will now be able to successfully update content.

Additional Information

In order to prevent this from occurring in the future, customers should set SEP's Tamper protection to Block and Log, to ensure that other applications or scripts do not delete SEP files or directories.