Email notification: 'Symantec Mail Security for Microsoft Exchange LiveUpdate alert' even though virus definitions are staying up to date
|Article:TECH132045|||||Created: 2010-01-28|||||Updated: 2012-07-30|||||Article URL http://www.symantec.com/docs/TECH132045|
You receive an email from Symantec Mail Security for Microsoft Exchange (SMSMSE) with a title of "Symantec Mail Security for Microsoft Exchange LiveUpdate alert" with the following content:
LiveUpdate was unable to complete successfully. More information may be available in
- Virus definitions are up to date.
1. Open the SMSMSE Administration Console.
2. Click Monitors->Server Status.
3. Virus definitions are up to date.
- There are no error messages in the LiveUpdate.Log.
1. Find the path to the LiveUpdate.log in the email message.
32-bit operating system: C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Log.Liveupdate
64-bit operating system: C:\ProgramData\Symantec\LiveUpdate
2. Open the file in an editor.
3. If there are no apparent error messages then this condition is met.
- LiveUpdate Scheduled Task reports 0x4 for last run.
1. Open the Windows Task Scheduler (Start -> Control Panel -> Scheduled Tasks).
2. Locate the Symantec Mail Security for Microsoft Exchange LiveUpdate scheduled task. This task will have a name similar to "At1". To ensure it is the proper task, right click it and select Properties... In the run box, verify the file path ends in "SAVFMSELive.exe". If it does, this is the appropriate scheduled task.
3. Check the Last Result column.
4. This condition is met if the result is 0x4.
Symantec Mail Security for Microsoft Exchange uses scheduled tasks in the Windows task scheduler to call LiveUpdate to update virus definitions. Under current configuration, if the scheduled task reports a result of '0x4' Symantec Mail Security will generate an email notification. Symantec has found that this status code is an unreliable indicator of a truly failed LiveUpdate session.
This issue is fixed in SMSMSE 6.5.5. Upgrade to 6.5.5 to resolve this issue. SMSMSE now checks for out of date definitions, rather than failed LiveUpdate events. The new behavior is documented here: 'Administrator Alert: Symantec Mail Security Virus definitions are out of date'
Disable automatic LiveUpdate within the SMSMSE console under Admin -> Liveupdate/RapidRelease schedule and enable an alternate definition update method. Definition update methods available for SMSMSE are described in this document: 'Definition update methods available for Symantec Mail Security for Microsoft Exchange.'
Article URL http://www.symantec.com/docs/TECH132045