Virus Definitions revert to an older date when Norton AntiVirus Corporate Edition is disabled when running Norton AntiVirus for Microsoft Exchange
|Article:TECH78899|||||Created: 2000-01-06|||||Updated: 2007-01-19|||||Article URL http://www.symantec.com/docs/TECH78899|
You installed Norton AntiVirus for Microsoft Exchange (NAVMSE) and Norton AntiVirus Corporate Edition (NAVCE) on your Microsoft Exchange server. You disabled NAVCE. The virus definitions for NAVMSE are no longer updating correctly when running LiveUpdate or when using the Intelligent Updater. The correct date may display on the NAVMSE interface for a short time, but then reverts to an old date.
NAVCE was halted by changing the properties for the Norton AntiVirus Server service "Startup type" to Disabled or Manual.
DefWatch is a service used by Norton AntiVirus Corporate Edition to update the virus definitions in the C:\Program Files\Symantec Shared\VirusDefs folder from the most current .vdb file in the C:\Program Files\NAV folder. When DefWatch service is still running, but the Norton AntiVirus Server Service is no longer running, the Norton AntiVirus Corporate Edition is no longer getting updates from the Norton AntiVirus Corporate Edition primary parent, but DefWatch is still updating the update from the most current (although outdated) .vdb file in the C:\Program Files\NAV folder.
You have verified the virus definitions are not updating by checking the folders and files at the following location:
There is no folder with the new virus definitions date and Definfo.dat shows the CurDefs and LastDefs to be the old date and you have ensured the user has Full Rights to the NAV folder to allow the download and extraction of the virus definitions.
You have checked Services and the DefWatch service is still running. DefWatch is a service used by NAVCE to update the virus definitions from the most current .vdb file. If you do not want to remove NAVCE from this server, then set the DefWatch service to Manual or Disabled. When the DefWatch service is not running, NAVMSE will update correctly.
If you decide not to use NAVCE on the Microsoft Exchange server, then uninstall NAVCE and verify that the DefWatch service is removed by checking Services.
Article URL http://www.symantec.com/docs/TECH78899