Endpoint Protection

 View Only

  • 1.  Consistant SEP Errors, but no problem found.

    Posted Jan 09, 2014 04:18 PM

    I'm getting regular errors for Windows Events that SEP either keeps failing to update Virus definetions, or that none are present at all. Here are two examples:

     

    PC Name:          xxxxxxxx
    PC Description:   xxxxxxxx
    Alert Description: Event - Application Error
    Alert Condition:
    Alert subject: Event
     Log: application
     Type: error
    Alert Group:      Server Alert Package
    Generated:        1/7/2014 11:03 AM
    ----------------------------------------------------------------------
    Computer:  xxxxxxxx
    Date/Time: 2014-01-07 05:02:43
     
    Event Log: application
    Type:      Error
    Source:    Symantec AntiVirus
    Category:
    Event:     40
     
    Message:
     
     
     
    Symantec Endpoint Protection has determined that the virus definitions are missing on this computer. This computer will remain unprotected from viruses until virus definitions are downloaded to this computer.Application has encountered an error.
     
     
    ----------------------------------------------------------------------
     
     
     
     
     
     
    PC Name:          xxxxxxxx
    PC Description:   xxxxxxxx
    Alert Description: Event - Application Error
    Alert Condition:
    Alert subject: Event
     Log: application
     Type: error
    Alert Group:      Server Alert Package
    Generated:        1/7/2014 11:03 AM
    ----------------------------------------------------------------------
    Computer:  xxxxxxxx
    Date/Time: 2014-01-07 05:02:43
     
    Event Log: application
    Type:      Error
    Source:    Symantec AntiVirus
    Category:
    Event:     80
     
    Message:
     
     
     
    Symantec Endpoint Protection has failed to load the latest virus definitions.
     
    ----------------------------------------------------------------------
     
     
    I'm really scratching my head on this one. According to the KB, Symantec is aware of Event ID 40, but doesn't have a solution (and hasn't updated their research in 4 years). I can't find any help for Event ID 80. We seem to get these about every week or so. I log into our AV Server, and it detects nothing wrong with this particular server and says that everything is running fine.
     
    Any ideas?
     
    Thanks in advance!


  • 2.  RE: Consistant SEP Errors, but no problem found.
    Best Answer

    Posted Jan 10, 2014 02:08 PM

    Run the SymHelp tool on it to see what shows up:

    Troubleshooting computer issues with the Symantec Help support tool



  • 3.  RE: Consistant SEP Errors, but no problem found.

    Posted Jan 10, 2014 02:10 PM

    As you have checked the  client and its working fine, you can ignore this Event id as of now.
    I would suggest to open up a support case they might have internal details about this issue.



  • 4.  RE: Consistant SEP Errors, but no problem found.

    Posted Jan 14, 2014 08:58 AM

    Sounds good. How would I go about opening up a ticket?



  • 5.  RE: Consistant SEP Errors, but no problem found.

    Posted Jan 14, 2014 09:02 AM

    How to create a new case in MySymantec

    http://www.symantec.com/docs/TECH58873

    Phone numbers to contact Tech Support:

    Regional Support Telephone Numbers:

        United States: https://support.broadcom.com (407-357-7600 from outside the United States)
        Australia: 1300 365510 (+61 2 8220 7111 from outside Australia)
        United Kingdom: +44 (0) 870 606 6000

    Additional contact numbers: http://www.symantec.com/support/contact_techsupp_static.jsp



  • 6.  RE: Consistant SEP Errors, but no problem found.

    Posted Jan 14, 2014 09:19 AM

    Hello,

    please, note, if an article has not been updated for 4 years, it usually means nobody else reported to us the same issue and/or provided us with enough material to complete the researh. Please, open a case with Tech Support for further investigation.



  • 7.  RE: Consistant SEP Errors, but no problem found.

    Posted Jan 14, 2014 10:51 AM

    Try to clean the  available definition and check what the status.

    How to clear out definitions for a Symantec Endpoint Protection 12.1 client manually

    Article:HOWTO59193  |  Created: 2011-09-08  |  Updated: 2013-06-24  |  Article URL http://www.symantec.com/docs/HOWTO59193

     



  • 8.  RE: Consistant SEP Errors, but no problem found.

    Posted Jul 03, 2014 09:25 AM

    Turns out that the SEM itself was outdated. After updating it, and figuring out how to create different client groups and attach politices for the various 32 & 64 bit versions, everything resolved itself.