Potential Symantec Endpoint Protection content definition corruption

Article:TECH92043  |  Created: 2009-01-27  |  Updated: 2012-10-04  |  Article URL http://www.symantec.com/docs/TECH92043
Article Type
Technical Solution


Issue



One of the following is true:

  • Definitions fail to update 
  • Definition information in the Windows registry is different from the information in the usage.dat file
  • There are duplicate product definition entries in the usage.dat file
  • The usage.dat product entries are using different definitions 

Solution



Note: To quickly check if this issue exists or has been resolved on the system in question, download and run SymHelp. 

Corruption of virus definitions may have many causes. Two contexts should be considered when responding to potentially corrupted content definitions on a given machine:

  • Is the content definition corruption believed to be a one-time issue with a particular suspected one-time cause?
  • Is the content definition corruption a recurring issue on this or across multiple machines?
Known, One-Time Cause
If the cause or suspected cause is known and the issue is not anticipated to re-occur, then it may be most useful to simply clear out corrupted definitions through un-installation and re-installation of Symantec Endpoint Protection (SEP). Alternately, it is possible to clear out definitions manually without requiring the re-installation of SEP:
Unknown Cause, Recurring Issue
If the cause is not known clearing the definitions can be a useful troubleshooting step even if it does not lead to a root cause.
If the problem is a recurring issue on one or across multiple machines, then identifying root cause becomes more important, especially if it proves necessary to repeat the procedure for clearing corrupted definitions. Consider the following when attempting to identify the cause for recurring definition corruption:
·         Low available hard drive space (<900 MB)
If a cause cannot be found or addressed and the issue repeats itself, contact Technical Support.
 



Legacy ID



2009012713212048


Article URL http://www.symantec.com/docs/TECH92043


Terms of use for this information are found in Legal Notices