How to clear out corrupted definitions for a Symantec Endpoint Protection client manually


Problem


How to fix and rebuild corrupted definitions for a Symantec Endpoint Protection (SEP) client.

Error: "Virus definitions are missing on this computer. This computer will remain unprotected until definitions are downloaded from the network. Contact your system administrator for help updating your virus definitions"

Solution: Instructions for 64-bit Operating Systems:

For Windows Vista/Server 2008/Windows 7
    1. Stop the Symantec Endpoint Protection Services:
    2. Click StartRun, type in smc -stop, and push Enter.
      1. Click the Start button.
      2. In the search bar type services and then press Enter.
        Note: If the User Account Control prompt pops up click Continue.
      3. Right-click Symantec Endpoint Protection and click Stop.
        Note: If you are unable to stop the Symantec Management Client you will need to temporarily disable Tamper Protection. Please see the Technical Information at the bottom of this document for instructions.
    4. Delete the data from the Definition folders:
      • Virus Definitions
        C:\ProgramData\Symantec\Definitions\VirusDefs\
        - Delete all files and subfolders

        WARNING: In the next steps you will edit the Windows registry. Back up the registry before you make any changes to it, because incorrect changes to the registry can result in permanent data loss or corrupted files. Modify only the registry values that are specified. For instructions, see How to back up the Windows registry.
    5. Delete the data from the registry:
      1. Click the Start button
      2. Type regedit and press Enter
      3. Navigate to:
        HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Symantec\SharedDefs
      4. Delete the following values:
        1. SRTSP
        2. NAVCORP_70
        3. DEFWATCH_10
        4. SepCache3
        5. SepCache2
        6. SepCache1
    6. Restart the Symantec Endpoint Protection Services stopped in the previous step, 3.c.
    7. Click StartRun, type in smc -start, and push Enter.
      1. Maximize the Services window.
      2. Right-click Symantec Endpoint Protection and click Start.



Comments

Post a Comment

Popular posts from this blog

Java Control Panel Icon "Application Not Found"

Image
Howto: Fix the "Application not found" error in the Java Control Panel icon. These same steps may be useful for other malfunctioning Windows Control Panel icons. In Windows 7, the Java Control Panel icon may be damaged / corrupted. Attempting to launch the icon results in "Explorer.exe : Application not found". Note the generic icon: When working properly, the circled icon should look like this: This problem appears to be an artifact from previous JRE installations and Sun's installation routines were flawed. Re-installing JRE (the Java Runtime Environment) does not resolve the problem. Immediate workaround: If needed, the Java Control Panel can be manually launched using this location: C:\Program Files (x86)\Java\JRE6\bin\Javacpl.exe As a side note, when launching, other-mouse-click the .exe and choose "Run as Administrator".  Running as Administrator resolves a bug where changes in the Control Panel (especially Auto-update changes) do not stic
Read more

Enterprise CA option is greyed out / unavailable

Image
Many times, when installing Active Directory Certificate Services they cannot choose to install Enterprise Certification Authority, because it’s unavailable as in following picture: Well, you need to fulfill basic requirements: Server machine has to be a member server (domain joined). You can run an Enterprise CA on the Standard, Enterprise, or Data Center Windows Edition. The difference is the number of ADCS features and components that can be enabled. To get full functionality, you need to run on Enterprise or Data Center Windows Server 2008 /12/R2/ Editions.  In order to install an Enterprise CA, you must be a member of either Enterprise Admins or Domain Admins in the forest root domain (either directly or through a group nesting). If issue still persists, there is probably a problem with getting correct credentials of your account. There are many thing that can cause it (network blockage, domain settings, server configuration, and other issues). In all ca
Read more

Unable to connect to Wireless profile being pushed using GPO

Image
Today , some laptop users started reporting as they are unable to connect to ‘Wireless profile’ after SCEP installation has taken place. I found, most of the laptop users were having this issue. I immediately uninstalled SCEP but that didn’t help , tried removing Wi-Fi profiles under the path ‘C :\ProgramData\Microsoft\Wlansvc\Profiles\Interfaces\ Interface’ but that didn’t help too. Error - When checking event viewer, the only error that showed up is as follows 5 times in a row.          “Error skipping EAP method DLL path name validation failed. Error: typeId=25, authorId=0,vendorId=0,vendorType=0”, This error indicates a registry or missing corrupt file issue. ‘ EAPHost is a Microsoft Windows Networking component that provides an Extensible Authentication Protocol (EAP) infrastructure for the authentication of following protocols such as   802.1X   and   Point-to-Point (PPP). Cause - Symantec didn’t uninstall properly caused this issue. Resolution – After chec
Read more