Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

How to remove updates on SEPM?

Created: 11 Apr 2013 • Updated: 14 Apr 2013 | 9 comments
D@ry1's picture
This issue has been solved. See solution.

Hey guys,

We recently for some unknown reason got a problem updating the SEPM, one of the thing he said is that the SEPM's update might got corrupted and told us to remove the updates and do reupdate after. How can I remove all the updates that the SEPM got from symantec live update?

Thanks,

Operating Systems:

Comments 9 CommentsJump to latest comment

.Brian's picture

I would strongly suggest working with support to do this. This is not as easy as just removing the defintions like you do on a client. They would also be able to determine if this step is needed or if the problem lies elsewhere.

You can uninstall/reinstall LiveUpdate per this HOWTO

http://www.symantec.com/docs/TECH171060

You can also enable some advanced logging on the SEPM per this HOWTO

http://www.symantec.com/docs/TECH102413

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mithun Sanghavi's picture

Hello,

What you need:

 1) Latest Certified Definitions from Symantec.

Please download the latest certified definitions from Symantec website at:
http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=savce

Download the definitions for Symantec Endpoint Protection Manager 12.1 ( .jdb format). File may be saved as .zip, please rename the file to .jdb when the download is complete.

Check this Article:

How to manually update definitions for a managed Symantec Endpoint Protection Client using the .jdb file

http://www.symantec.com/docs/TECH104363

 2) LiveUpdate Installer shipped with the release of Symantec Endpoint Protection in use.

The file is located in the SEPM folder on the installation media. The filename is lusetup.exe

Reference: 

The Symantec Endpoint Protection Manager does not update virus definitions successfully through LiveUpdate

http://www.symantec.com/docs/TECH183178

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

D@ry1's picture

Hi,

We already reinstalled the live update. Our problem is removing the updates, does manually adding the updates using the jdb file will remove the old updates?

Thanks,

.Brian's picture

The jdb only updates the AV content.

To remove all updates on the SEPM takes manual work to do this as you have to delete all the content. Adding the jdb won't remove all these updates just by itself.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

D@ry1's picture

Hi, Brian,

Thanks for clarifiying, hope someone can help me on how to manually remove the updates on the SEPM.

Thanks,

W007's picture

hello,

you can follow

How to clear corrupt Virus Definitions from SEPM

https://www-secure.symantec.com/connect/articles/how-clear-corrupt-virus-definitions-sepm

some of good artical

https://www-secure.symantec.com/connect/blogs/troubleshooting-articles-repairing-corrupted-definition

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

.Brian's picture

For 12.1, I would work with support. A few that I've seen are older and before 12.1 was around.

I've had this issue around a year ago and worked with support to resolve for 12.1

This one can be of some help

Symantec Endpoint Protection Manager (SEPM) 12.1 is not updating 32 or 64 bit virus definitions.

Article:TECH166923  |  Created: 2011-08-11  |  Updated: 2012-06-16  |  Article URL http://www.symantec.com/docs/TECH166923

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mithun Sanghavi's picture

Hello,

Follow these steps:

  1. Go to Services.msc
  2. Stop the following services: a) Symantec Embedded Database b) Symantec Endpoint Protection Manager c) Symantec Management Client
  3. Go to C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\
  4. Go to Download folder
  5. Remove all the components under the download folder.
  6. Go to C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content
  7. Delete the content of the folder whose size was more than 30 Mb.
  8. Go to C:\Program Files\Common Files\Symantec Shared\Symc Data\
  9. Delete the contents under the spcvirdef 32 and spcvirdef 64 folder.
  10. Go to C:\Program Files\Symantec\LiveUpdate
  11. Try to run luall.exe form there
  12. If Getting  an error while running the luall.exe
  13. Uninstall the LiveUpdate and reinstall it
  14. Re-Registered the SEPM with LiveUpdate
  15. Check for the LiveUpdate
  16. Refresh the home page and check

You could also check this Article:

Symantec Endpoint Protection Manager (SEPM) 12.1 is not updating 32 or 64 bit virus definitions

http://www.symantec.com/docs/TECH166923

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
W007's picture

hello,

look symantec kb

Only 32 Bit Antivirus / Antispyware Definitions are not updating on the 32 Bit / 64 Bit Operating System.

Article:TECH122857 | Created: 2010-01-29 | Updated: 2012-02-27 | Article URL http://www.symantec.com/docs/TECH122857

How to clear out definitions for a Symantec Endpoint Protection 12.1 client manually

Article:HOWTO59193 | Created: 2011-09-08 | Updated: 2012-09-25 | Article URL http://www.symantec.com/docs/HOWTO59193

https://www-secure.symantec.com/connect/forums/how-clean-previous-virus-definition-sep125

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.