Endpoint Protection

I downloaded the tool from my SEP Client Manager (from the Help and Support button), and ran it.  The SEP tool found 2 errors.  One from the loadpoint analysis (that I understand), and 2, it says that I have some definitions that are corrupted.  I have followed the advice from the report three times and each time after I re-run the tool, only to see that it's reporting the *SAME* error about corrupt definitions every single time.  I have even run the unsupported tool once as well.  Here is exact wording of the error and then what I have done each time to try and resolve it. 

Error reported from the SEP tool:

Are the AntiVirus and AntiSpyware Definitions corrupted?
 

I followed the link in the SEP tool and followed the directions for my computer system (Client only), for Windows 7/64bit.

http://www.symantec.com/business/support/index?page=content&id=TECH103176

Here are the directions I followed:

Windows 7 64bit / Directions:

1. Stop the Symantec Endpoint Protection Services:
2. Click Start, Run, type in smc -stop, and push Enter.
3.  
   1. Click the Start button.
   2. In the search bar type servicesand then press Enter.
      Note: If the User Account Control prompt pops up click Continue.
   3. Right-click Symantec Endpoint Protection and click Stop.
      Note: If you are unable to stop the Symantec Management Client you will need to temporarily disable Tamper Protection. Please see the Technical Information at the bottom of this document for instructions.
4. Delete the data from the Definition folders:
   • Virus Definitions
     C:\ProgramData\Symantec\Definitions\VirusDefs\
     - Delete all files and subfolders 

If you do not have any issues on the client and everything is working fine then you should ignore these error messages.

Normally I wouldn't care either, but these aren't "skins" or something that makes an interface look pretty, LOL.  It's because I don't know how significant or unsig. these files are.  The last thing I want is to have necessary files missing that the SEP Client needs or uses when scanning my computer.  And the fact that it keeps reporting the same files each time I do the fix is odd.  This fix has been up for a long time so I would conclude that something is wrong on my side. 

And now that I sit here and think another minute, I now recall the reason why I don't just let this go (remembering when I said that the program seems to work find and report the virus def. to be at today's date).....

The reason I'm not letting this go, is because I went to do a scan in "safe mode" and it said "Warning", and that there was an error with the Virus Scan Def. files being missing/corrupt (Again this only comes up in safe mode), but from everything I've read you're suppose to be able to do a scan in safe mode just fine (and without any errors coming up either).  So not knowing if this is linked with what's coming up on the SEP report tool, is why I"m asking this forum/community for some help/assistance. 

Sorry that I forgot to metion that everything is fine in normal mode (but it's the error that comes up in Safe Mode), and the continual error in the SEP Support Tool that keeps me wondering here. 

Any more help/suggestions, please?

These are definitions files and they get updated in every new definition update..I'll suggest you to un-install the SEP client

Delete C:\ProgramData\Symantec

C:\Program Files(x86)\Symantec

Restart your client then install the client again

I'm sorry if I sound like a beginner (and I know how to uninstall programs), but do you mean go to the control panel and uninstall the whole SEP?  I'm running Windows 7 Home Prem.64 Bit, and just running the SEP Client (no SEP manager), and when my SEP Client is open, I have three sections, Antivirus, Proactive Threat, and network threat protection. 

If you mean to have me just uninstall the client part and reinstall that, sure, I can delete the folder you're talking about (although I think mine is in a slightly different place using win7 64bit), but then what files (where), do I find just the client off of the installation cd to re-install just that part????

Thanks!

And, btw...I don't know how something went wrong during installation; I even turned off my firewall in windows (all profiles), and bit-defender before I installed SEP. 

I know your machine is 64 bit as those files are for 64 bit machines..Yes go to Control Panel add/Remove Features and then remove Symantec Endpoint Protection.

Once done reboot then make sure you do not have the folders I have listed above if there delete it  ( they are for 64 bit machine )

Then install the SEP client once install is complete reboot your computer once.

You said you turned off Bit Defender, I hope you mean uninstalled Bit Defender. It is not a recommended practice to run two AV products at once. Doing so will only create issues on your system.

Well, I didn't uninstall Bitdefender, the "service" is stopped indefinately.  Since it came with Win7, I don't normally delete programs that are there my default.  I did read that SEP takes care of the firewall and so it was recommended that I stop the BitDefender service and turn off the Win firewall on all profiles, to let SEP manage it all. 

Also as I've been reading and checking more things out (and no I haven't done anything yet), but I'll probably do the uninstall as was recommended above.  I did want to add in that I found two more error (and these were not reported by the SEP Tool), but I was wondering if they have anything to do with the SEP errors about corrupted definitions that I've been getting, or are the following error seperate all together and by uninstalling and reinstalling the SEP Client it'll fix this too?  Since re-installing will probably fix everything anyway, I was still curious to know if someone could tell me what the following errors have to do with and what they service to function (when these error don't come up). 

Here are the errors I've been getting in the Proctive Threat Protection section.  This is from the log and there are ONLY TWO errors and they occur only once (one for each).  Could anyone explain these errors please?

Errors Found in Proactive Threat Protection, System Log (just from the last two days).

1.  TruScan engine load error   / TruScan has generated an error: code 9: description: Heuristic Scan or Load Failure 

2.  TruScan known applications load error / TruScan has generated an error: code 11: description: Whitelist Failure

Can anyone tell me what these error means?  And do they have anything to do with the errors that I got from running the SEP tool??????

Also, one last question/adivce on uninstalling /reinstalling the SEP client.  I thought that I read before that there was a piece of software that helps to completely uninstall SEP.  Do I need this or does windows take it compeltely out (well enough), using the uninstall in the control panel so that when I reinstall, everything will be fine?

Thank you all for all of your help/suggestions/advice. 

Add/Remove features completely removes the program the tool is used if program is corrupted and is stuck.

Proactive Threat Protection is only partially compatible with 64 Bit OS..so you can ignore these messages.

Well, Thank you so much.  I'm going to do it now and follow your directions.  As long as you think those Proactive Threat errors about "TruScan" were nothing to worry about.  I was thinking that Tru scan wasn't working at all.  After I unstall SEP I was thinking about running MalWarBytes first.  I've read here on another forum that even some of the techs here recommend using this when SEP has seemed to not pick up on some Malware items and I'm thinking I might have some that SEP didn't detect.  I did run the power eraser program and allowed SEP to do the reboot that it wanted to do as part of a malware scan, but I guess you can't be too carefull.  And since that's a free program and recommended here, it can't be bad to run it first before I re-install.  I'll let you know how things work out after I reinstall. 

Thank again and I hope that these errors go away on the fresh re-install of the SEP client.

I have verified that the tool seems to be reporting erronious information when it comes to the definitions check. On my 2008 R2 server, it is reporting my definitions are corrupt/missing when I know for a fact they are not.

I also spoke with a customer yesterday with the same issue, only on a 2003 32-bit server. He had cleaned out the definitions several times and then ran Intelligent Updater to replace the defintions. Each time he did this and ran the defintions check on the support tool it would say they were corrupt. I find it hard to believe the Intelligent Updater install corrupt definitions at that point.

I have spoken with someon on the team for the support tool and hopefully this will get looked at soon.

I am having what seems to be an identical issue with 64bit WIN7 Ultimate computers only. Defs in any 32bit system are not reported as corrupt.

I have run the suggested 'fix' on a test system and a live system at the "corruption' was not eliminated.

Symantec support gave me a tool which should route out old defs (which needs to be Run AS ADMINISTRATOR) and allow none corrupted one to be loaded - That did not work either.

The most recent 'fix' was to configure a Group Update Provider - this also did not 'fix' the 'corruption.

I have attached a screen shot of the tool report.

This issue is still open as of Feb 1, 2011.

Hi.

Please note that Bitdefender is not part of a base Windows 7 installation. It was most likely loaded by your OEM. You can safely uninstall it if you choose to use SEP. The product web site is www.bitdefender.com.