Video Screencast Help
Security Community Blog

Scan Engine on Server 2008 64-bit an Intelligent Updater shadowing

Created: 01 Dec 2009 • Updated: 20 Mar 2012 • 1 comment
TSE-JDavis's picture
+3 3 Votes
Login to vote

I am currently investigating, with Ben C Smith, an issue where IU shadowing does not work on Server 2008 64-bit version. The location where AV defs are stored on 64-bit 2008 is C:\ProgramData\Symantec\Definitions but the setup-iu.bat builds the definitions in the C:\Program Files(x86)\Common Files\Symantec Shared folder. When I run IntelligentUpdater, either i32 or i64, it doesn't see a product tpo update. Trying to figure out where Scan Engine's shadowing process looks for defs to convert and if this will work if we just change the batch file to look in the right place.

UPDATE: Shadowing seems to be working once I installed SEP onto the server. Will uninstall all products and runt eh modified version of the setup-iu.bat file and see if it can build a VirusDefs folder that the Intelligent Updater will see and update.

Comments 1 CommentJump to latest comment

TSE-JDavis's picture

UPDATE: Here is a workaround. Apparently Scan Engine's CSAPI shadowing engine does check C:\Program Files\Common Files\Symantec Share\VirusDefs, no matter the OS. So, if you manually extract the rapid release defs to this folder, SSE will pick them up. Here are the steps:

1.  Run 'C:\Program Files (x86)\Symantec\Scan Engine\Definitions\setup-iu.bat enable'
2.  Download Rapid Release defs, symrapidreleasedefsi32.exe.
3.  Run, 'symrapidreleasedefsi32.exe /EXTRACT /Q C:\Program Files\Common Files\Symantec Shared\VirusDefs\CSAPIDefs'
4.  Give Scan Engine a minute or two then open the browser and confirm that the defs have been updated.

+2
Login to vote