Symantec Endpoint Protection - Troubleshooting LiveUpdate

This document explains the troubleshooting steps when Symantec Endpoint Protection cannot install updates.

CAUTION: This document includes instructions for modifying the registry on your computer. Modifying the registry improperly can result in Windows becoming corrupted. You should only attempt these directions if you have your data backed up and are willing to risk creating additional problems. You should also back up the Windows registry (see Windows - Backing up the Registry) before attempting any changes. The DoIT Help Desk is not liable if you choose to attempt the fix described below.

NOTE: Before you begin troubleshooting LiveUpdate, verify that you are able to connect to and browse symantec.com. If you are not able to browse this site, it is most likely an internet connectivity issue. If you are on Campus UWNet, see Wireless UWNet - Unable to Connect, or call the DoIT Help Desk. If you are able to connect but cannot install updates, try restarting your computer before continuing.

Windows

This section describes the process of removing corrupt virus definitions definitions from Symantec.

32-bit Operating System

  1. Stop the Symantec Endpoint Protection Services:
    1. Click the Start button.
    2. Click or search Run, then type smc -stop and push Enter.
    3. Click the Start menu again and type services.msc.
    4. Open services.msc, right-click Symantec Endpoint Protection, and click Stop.
    5. Note: If you are unable to stop the Symantec Management Client you will need to temporarily disable Tamper Protection. Please see the Technical Information at the bottom of this document for instructions.

  2. Delete the data from the definitions folder.
    • Navigate to C:\ProgramData\Symantec\Definitions\VirusDefs\.
    • Delete all files and subfolders
  3. Delete the data from the registry
    1. Click the Start button.
    2. Type regedit and press Enter.
    3. Navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs
    4. Delete the following values:
      1. SRTSP
      2. NAVCORP_70
      3. DEFWATCH_10
      4. SepCache3
      5. SepCache2
      6. SepCache1
  4. Restart the Symantec Endpoint Protection services:
    1. Click the Start button.
    2. Click or search Run, then type smc -start and push Enter.
    3. Click the Start menu again and type services.msc.
    4. Open services.msc, right-click Symantec Endpoint Protection, and click Start.

64-bit Operating System

  1. Stop the Symantec Endpoint Protection Services:
    1. Click the Start button.
    2. Click or search Run, then type smc -stop and push Enter.
    3. Click the Start menu again and type services.msc.
    4. Open services.msc, right-click Symantec Endpoint Protection, and click Stop.
    5. Note: If you are unable to stop the Symantec Management Client you will need to temporarily disable Tamper Protection. Please see the Technical Information at the bottom of this document for instructions.

  2. Delete the data from the definitions folder.
    • Navigate to C:\ProgramData\Symantec\Definitions\VirusDefs\.
    • Delete all files and subfolders
  3. Delete the data from the registry
    1. Click the Start button.
    2. Type regedit and press Enter.
    3. Navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Symantec\SharedDefs
    4. Delete the following values:
      1. SRTSP
      2. NAVCORP_70
      3. DEFWATCH_10
      4. SepCache3
      5. SepCache2
      6. SepCache1
  4. Restart the Symantec Endpoint Protection services:
    1. Click the Start button.
    2. Click or search Run, then type smc -start and push Enter.
    3. Click the Start menu again and type services.msc.
    4. Open services.msc, right-click Symantec Endpoint Protection, and click Start.

Information in this section was adapted from the Symantec Knowledge Base articles TECH103176.

This section describes the process of uninstalling and reinstalling Symantec.

Note: If your some reason you are unable to uninstall Symantec by following the instructions in this document, you may have to remove the program manually; see Manually Uninstalling Symantec Products.

  1. Click on the Start button then Control Panel.

    nt6_start_menu.png

  2. Click on Uninstall.

    nt6_control_panel.png

  3. Double click on Symantec Endpoint Protection.

    nt6_programs_and_features.png

  4. Click on Yes.

    nt6_uninstall_sep.png

  5. The following window will appear.

    nt6_preparing_to_remove.png

  6. If you have UAC enabled, click on Yes.

    nt6_uac.png

  7. You will be prompted to restart your computer. Save all your work and click Yes.

    nt6_restart.png

Symantec Endpoint Protection (SEP) is available to currently employed UW-Madison faculty and staff and to currently enrolled students. A version of SEP that is compatible with Windows Vista, 7 and 8 is available for download from https://software.wisc.edu/cgi-bin/security/home.cgi.

To start the installation:

  1. Ensure your computer meets the minimum system requirements:
    • Processor: 1 GHz Pentium III
    • Memory: 256 MB RAM
    • Disk Space: 600 MB
    • Display: 1024x768 resolution or higher.

  2. Locate the installer file that you downloaded. Once you find it, double click it to begin the installation. This may open a security warning. Click Run to continue the installation.

  3. If User Account Control (UAC) is activated, you will see one of the following screens:

    If you get the above screen, Click Continue to proceed.

    If you get the above screen, you will need to enter the appropriate password for your administrator account, then click OK to proceed.

  4. Several install screens will then appear:

  5. Once the installation is finished, SEP will run LiveUpdate to update SEP and install new definition files. You will see the following screen, which will disappear once the installation and updates have finished.

  6. Once installation is finished, you may need to reboot to insure all updates are installed.

Mac OS X

This section describes the process of uninstalling and reinstalling Symantec.

  1. Download the Symantec Uninstaller (Mac) here.

  2. After downloading the zip file, navigate to your downloads folder and double click on RemoveSymantecMacFiles.zip.

  3. Open the RemoveSymantecMacFiles folder, and double click on RemoveSymanteMacFiles.command.

  4. If a warning appears about opening applications from the internet, click Open.

  5. Enter in the admin password (if the user is the primary user, enter their password to login to the machine) and press enter. When you type the password into terminal, it will not show any characters, but terminal still is taking the input in.

  6. Enter in a 1 to the prompt to select "Remove all Symantec files/folders."

  7. In a small amount of time, the uninstall script will finish, and prompt you to enter a "y" (yes) or "n" (no) to restart your machine. In order for the uninstall to be complete, you must restart the machine. Once the machine has restarted, you have successfully uninstalled Symantec.

Symantec Endpoint Protection 12 is available to currently employed UW-Madison faculty and staff and to currently enrolled students. It can be downloaded from the Campus Software Library.

Installation

  1. Log into the Campus Software Library and then click on Symantec Endpoint Protection under the section marked "Security".

    Campus Software Library


  2. Download Symantec Endpoint Protection by clicking on Symantec Endpoint Protection for Mac

    Symantec webpage


  3. Locate Symantec_Endpoint_Protection12xxxx.dmg in your Downloads folder and click on it.

    Downloads


  4. Right-click Symantec Endpoint Protection Installer and select Open.

    Symantec Endpoint Protection Installer


  5. If a warning appears about saving work, save your work and then click Continue.

    Are you sure you want to open Symantec?


  6. Click on the Agree & Install button in the Symantec Endpoint Protection Installer window.

    User License Agreement


  7. If prompted, enter your user account name and password, then click Install Helper.

    Username and password


  8. Once the installation has been completed, click Close & Restart to reboot your computer.

    Almost Complete


After restarting

  1. Open Finder and click on Applications. Double-click Symantec Endpoint Protection in the Symantec Solutions folder.


  2. Click LiveUpdate Now to get the most recent virus definitions.

    Symantec Endpoint Protection Main Windows


  3. Symantec Endpoint Protection is now installed and completely updated. You can run a scan by clicking Scan from the main window.

    Installation Complete

Technical Information

How to disable Tamper Protection:

  1. Open and log into the Symantec Endpoint Protection Manager console.
  2. Click the Clients view.
  3. Select the appropriate group.
  4. Under the Policies tab, in the "Settings" section, click General Settings.
  5. Under the Tamper Protection tab, uncheck Protect Symantec security software from being tampered with or shut down.
  6. Click OK.

Information in this section was adapted from the Symantec Knowledge Base articles TECH103176.




Keywords:live update issues troubleshooting download mac pc windows osx   Doc ID:40982
Owner:Karl W.Group:DoIT Help Desk
Created:2014-06-10 11:27 CDTUpdated:2016-09-09 16:49 CDT
Sites:DoIT Help Desk, DoIT Tech Store
Feedback:  2   0