Showing results for 
Search instead for 
Did you mean: 

Live update is failing

Not applicable
I have few computers are failing to take Symantec Antivirus virus defination from our SAV Server.
We tried  via Client remote install from Symantec system center but its failing too.
I check  other computers built with same image and they are working OK.
All computers are pointed to right parent server for Virus defination update too.

Please can you advise how to resolve this issue.

Pratik Shah

Level 3
Hi! check your installation of your SAV client, or check the availability of space on disk of the clients. it will affect the updating of virus definitions and other high priority updates.

try also to check the policy that you made on the server to clients.


Level 6
Partner Accredited
What is the exact Error Code???

Level 3
Employee Certified

Hi Pratik

1 check your SAV product version, so far versions below 10.0 will be problem to get definition due to 9.0 is End of it's life.

2 if your sav product is higher than 9.0 then check if you are using Small business edition which require SLF file as license, check your license expire date.

3 if your SAV product is not SMB version, check SAV server can update virus definition sucessfully.

4 as you say, some of the clients can update from SAV server, that's not liveupdate problem, due to sav client Using VDTM to get definition from server visa TCP 2967 port, then make sure you can telnet server IP 2967 from client, and telnet client 2967 port successfully, commanly if you got a black screen with cursor flashing in left uper corner, that means telnet is successful.

5 if you make sure double ways telnet is ok both from client to server and server to client, then you half done, if got problem, please check windows firewall is on or off, if on, please turn to off or set TCP 2967 as exception.

6 after you make sure telnet is successful, let's see if there still have clients can Synchronize definition with SAV server, if there have, means your SAV server works well, then let's focus on these problem clients

7 you have another problem when you remote install clients, got faild, most possiblly reason is you have not check 3 points in client side to make sure remote install is ready. please check sav installation guide, remote install part. suggestion: try to use VPhome or webinstall deploy clients

8 at this step you did make sure your SAV server is working, and some of the clients can synchoronize deinition with server, double way of telnet 2967 success, then let's process on these problem clients, for client can not update definition from server, commanly there are 2 problems
 8.1 clients have corrupted definition, blocked new definition to be load. then use below tools to clear out corrupted definition in client side.
 login using ID tools password: Symantec@123
 go into SAVCE SCS only folder download Rx4Defs2.240.exe then run this tool in problem client computer.
 8.2 clients didnot have the right certifitcation with SAV server they cannot communicate with each other.
then we need to copy two files from server to clients, see below
copy GRC.dat from server C:\Program Files\SAV to clients folder C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5
copy certifition from server C:\Program Files\SAV\pki\roots\ to clients folder C:\Program Files\Symantec AntiVirus\pki\roots

9 if you done all below steps you find out clients can syn definition with sav server, then my solution works, if you find there is no client can syn Definition with server, that will be problem happen in server's definition.

10 if problem happen in server side, try to manully clear out server's corrupted definition by below steps
1 Stop Symantec antivirus service
2 stop SAV Definition watcher service.
3. Remove all .vdb and .xdb files from C:\Program Files\SAV (or SYS\SAV on Netware).
4. Remove the contents of C:\Program Files\SAV\I2_LDVP.VDB (or SYS\SAV\I2_LDVP.VDB on Netware). If there is an I2_LDVP.TMP folder here, delete the entire .TMP folder as well as the contents of I2_LDVP.VDB.
5. Remove any .WDB files in C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5.
6. Remove the contents of C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB.
7. Remove any numbered folders in C:\Program Files\Common Files\Symantec Shared\VirusDefs.
8. Remove any .tmp folders in C:\Program Files\Common Files\Symantec Shared\VirusDefs.
9. Delete the contents of C:\Program Files\Common Files\Symantec Shared\VirusDefs\Incoming.
10. Copy the downloaded .xdb file to C:\Program Files\SAV.
11. Restart the SAV and SAV Definition watcher services.

by far, if you still got problem of Clients and server syn definition problem, try to contact Symantec Tech support for help!

If my solution solve your problem, please let Admin know and set this as a solution :)

wish this make sense to you!



Level 6
Partner Accredited
That username password can be shared to others????
I have refused to many, i thought this should be kept private.