Endpoint Protection

I'm getting this error on some servers. running versions 11.0.4000, one with mp1 and one with mp2.
everything is up to date, but still i was curious about this error.

so i have cleared the live update cache, deleted log.liveupdate and product.invertory.
runned the lucatalog.exe -update , and run luall.

here is what i found. it failes on a patch called Updt167. I hope the Symantec people can do something with this info.


6/4/2009, 9:16:00 GMT -> Progress Update: TRIFILE_DOWNLOAD_END: Number of TRI files: "1"
6/4/2009, 9:16:00 GMT -> ********* Finished Finding Available tri files for Updates *********

6/4/2009, 9:16:00 GMT -> Entering the GetUpdates/actual package phase
6/4/2009, 9:16:00 GMT -> Progress Update: PATCH_DOWNLOADING_START: Number of patches: 1
6/4/2009, 9:16:00 GMT -> Progress Update: TEMPHOSTEX_DOWNLOAD_START: download multiple package files in temphostex mode
6/4/2009, 9:16:00 GMT -> GetUpdates: SESC Submission Control Data, 11.0, SymAllLanguages ==> DAT file: scd.zip.dat
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_BATCH_START: Files to download: 6, Estimated total size: 12404
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "scd.zip.dat", Estimated Size: 138, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167"
6/4/2009, 9:16:00 GMT -> CstInetGetFile::DoUNCTransfer() successfully impersonated the COM client.
6/4/2009, 9:16:00 GMT -> CstInetGetFile::DoUNCTransfer() finished impersonating COM client.
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "scd.zip.dat", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\SavScd.dis" HR: 0x0
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "scd.zip.dat", Estimated Size: 129, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167"
6/4/2009, 9:16:00 GMT -> CstInetGetFile::DoUNCTransfer() successfully impersonated the COM client.
6/4/2009, 9:16:00 GMT -> CstInetGetFile::DoUNCTransfer() finished impersonating COM client.
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "scd.zip.dat", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\scd.dis" HR: 0x0
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "scd.zip.dat", Estimated Size: 9549, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167"
6/4/2009, 9:16:00 GMT -> CstInetGetFile::DoUNCTransfer() successfully impersonated the COM client.
6/4/2009, 9:16:00 GMT -> CstInetGetFile::DoUNCTransfer() finished impersonating COM client.
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "scd.zip.dat", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\scd.xml" HR: 0x0
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "scd.zip.dat", Estimated Size: 229, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167"
6/4/2009, 9:16:00 GMT -> CstInetGetFile::DoUNCTransfer() successfully impersonated the COM client.
6/4/2009, 9:16:00 GMT -> CstInetGetFile::DoUNCTransfer() finished impersonating COM client.
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "scd.zip.dat", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\scd_data.grd" HR: 0x0
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "scd.zip.dat", Estimated Size: 2267, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167"
6/4/2009, 9:16:00 GMT -> CstInetGetFile::DoUNCTransfer() successfully impersonated the COM client.
6/4/2009, 9:16:00 GMT -> CstInetGetFile::DoUNCTransfer() finished impersonating COM client.
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "scd.zip.dat", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\scd_data.sig" HR: 0x0
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "scd.zip.dat", Estimated Size: 92, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167"
6/4/2009, 9:16:00 GMT -> CstInetGetFile::DoUNCTransfer() successfully impersonated the COM client.
6/4/2009, 9:16:00 GMT -> CstInetGetFile::DoUNCTransfer() finished impersonating COM client.
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "scd.zip.dat", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\sesmScd.dis" HR: 0x0
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_BATCH_FINISH: HR: 0x0 , Num Successful: 6
6/4/2009, 9:16:00 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri941\scd.zip.dat", Full Download Path: "(null)" HR: 0x0
6/4/2009, 9:16:00 GMT -> ********* Finished Downloading Product Updates *********

6/4/2009, 9:16:00 GMT -> Exiting the GetUpdates call.
6/4/2009, 9:16:00 GMT -> Progress Update: PATCH_PROCESSING_START: Number of patches: 1
6/4/2009, 9:16:00 GMT -> Querying Symantec Location1 key value.
6/4/2009, 9:16:00 GMT -> Query liveupdatedir location.
6/4/2009, 9:16:00 GMT -> Storing liveupdatedir into standard variable map with value: C:\Program Files\Symantec\LiveUpdate.
6/4/2009, 9:16:00 GMT -> Progress Update: PATCH_START: Patch File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167", Script File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\SavScd.dis"
6/4/2009, 9:16:00 GMT -> Progress Update: SECURITY_PACKAGE_TRUSTED: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\SavScd.dis"
6/4/2009, 9:16:00 GMT -> Progress Update: SECURITY_PACKAGE_TRUSTED: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\scd.dis"
6/4/2009, 9:16:00 GMT -> Progress Update: SECURITY_PACKAGE_TRUSTED: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\scd.xml"
6/4/2009, 9:16:00 GMT -> Progress Update: SECURITY_PACKAGE_TRUSTED: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\scd_data.grd"
6/4/2009, 9:16:00 GMT -> Progress Update: SECURITY_PACKAGE_TRUSTED: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\scd_data.sig"
6/4/2009, 9:16:00 GMT -> Progress Update: SECURITY_PACKAGE_TRUSTED: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\sesmScd.dis"
6/4/2009, 9:16:00 GMT -> Signer: cn=Symantec Corporation,ou=Usage - Prod02SigningToken,ou=Locality - Arizona,ou=Product Group - LiveUpdate,ou=SymSignature,o=Symantec Corporation
6/4/2009, 9:16:00 GMT -> Done with file '—•M', which is not being cached. Deleting.
6/4/2009, 9:16:00 GMT -> ##### Unexpected exception caught while unzipping patch. #####
6/4/2009, 9:16:00 GMT -> WARNING: Unexpected exception caught while trying to delete untrusted file: —•M
6/4/2009, 9:16:00 GMT -> Progress Update: PATCH_ERROR: Patch File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167", Script File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\SavScd.dis", HR: 0x802A0048
6/4/2009, 9:16:00 GMT -> HR 0x802A0048 DECODE: E_FILE_NOT_TRUSTED
6/4/2009, 9:16:00 GMT -> EVENT - PRODUCT UPDATE FAILED EVENT - Update available for Submission Control signatures - 11.0 - SymAllLanguages. Update for Submission Control Data takes product from update 0 to 90603054. Server name - , Update file - scd.zip.dat, Signer - cn=Symantec Corporation,ou=Usage - Prod02SigningToken,ou=Locality - Arizona,ou=Product Group - LiveUpdate,ou=SymSignature,o=Symantec Corporation, package install code 0. The Update executed with a result code of 6013, => LiveUpdate is unable to continue, because a file needed on the server may be corrupt. Please run LiveUpdate again later.
6/4/2009, 9:16:00 GMT -> Progress Update: PATCH_FINISH: Patch File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167", Script File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt167\SavScd.dis", HR: 0x802A0048
6/4/2009, 9:16:00 GMT -> HR 0x802A0048 DECODE: E_FILE_NOT_TRUSTED
6/4/2009, 9:16:00 GMT -> LiveUpdate is about to execute a PostSession callback for product SESC Virus Definitions Win32 v11.
6/4/2009, 9:16:00 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/4/2009, 9:16:00 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/4/2009, 9:16:00 GMT -> The PostSession callback for product SESC Virus Definitions Win32 v11 completed with a result of 0x0
6/4/2009, 9:16:00 GMT -> LuCallbackProxy: Destroying callback {855BA5F4-6588-4F09-AE61-847E59D08CB0}...
6/4/2009, 9:16:00 GMT -> LiveUpdate has called the last callback for product SESC Virus Definitions Win32 v11, so LiveUpdate is informing the callback proxy that it can exit.
6/4/2009, 9:16:00 GMT -> LiveUpdate is about to execute a PostSession callback for product SESM Content Catalog.
6/4/2009, 9:16:00 GMT -> LuCallbackProxy: The callback proxy executable for product {C60DC234-65F9-4674-94AE-62158EFCA433} is exiting with no errors
6/4/2009, 9:16:00 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/4/2009, 9:16:17 GMT -> ProductRegCom/luProductReg(PID=11236/TID=3068): Destroyed luProductReg object.
6/4/2009, 9:16:17 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/4/2009, 9:16:17 GMT -> The PostSession callback for product SESM Content Catalog completed with a result of 0x0
6/4/2009, 9:16:17 GMT -> LuCallbackProxy: Destroying callback {530DF3AD-6936-3214-A83B-27B63C7997C4}...
6/4/2009, 9:16:17 GMT -> ProductRegCom/luProductReg(PID=11236/TID=3068): Destroyed luProductReg object.
6/4/2009, 9:16:17 GMT -> LiveUpdate has called the last callback for product SESM Content Catalog, so LiveUpdate is informing the callback proxy that it can exit.
6/4/2009, 9:16:17 GMT -> LiveUpdate is about to execute a PostSession callback for product SESM AntiVirus Client Win32.
6/4/2009, 9:16:17 GMT -> LuCallbackProxy: The callback proxy executable for product {7073FE74-CAB0-42cc-B839-9808FCB47909} is exiting with no errors
6/4/2009, 9:16:17 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/4/2009, 9:16:22 GMT -> ProductRegCom/luProductReg(PID=6900/TID=6024): Destroyed luProductReg object.
6/4/2009, 9:16:22 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/4/2009, 9:16:22 GMT -> The PostSession callback for product SESM AntiVirus Client Win32 completed with a result of 0x0
6/4/2009, 9:16:22 GMT -> LuCallbackProxy: Destroying callback {530DF3AD-6936-3214-A83B-27B63C7997C4}...
6/4/2009, 9:16:22 GMT -> ProductRegCom/luProductReg(PID=6900/TID=6024): Destroyed luProductReg object.
6/4/2009, 9:16:22 GMT -> LiveUpdate has called the last callback for product SESM AntiVirus Client Win32, so LiveUpdate is informing the callback proxy that it can exit.
6/4/2009, 9:16:22 GMT -> LiveUpdate is about to execute a PostSession callback for product SESM AntiVirus Client Win64.
6/4/2009, 9:16:22 GMT -> LuCallbackProxy: The callback proxy executable for product {C1CE7FFE-E00E-4314-8C6A-A0F10055C264} is exiting with no errors
6/4/2009, 9:16:22 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/4/2009, 9:16:28 GMT -> ProductRegCom/luProductReg(PID=12192/TID=8936): Destroyed luProductReg object.
6/4/2009, 9:16:28 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/4/2009, 9:16:28 GMT -> The PostSession callback for product SESM AntiVirus Client Win64 completed with a result of 0x0
6/4/2009, 9:16:28 GMT -> LuCallbackProxy: Destroying callback {530DF3AD-6936-3214-A83B-27B63C7997C4}...
6/4/2009, 9:16:28 GMT -> ProductRegCom/luProductReg(PID=12192/TID=8936): Destroyed luProductReg object.
6/4/2009, 9:16:28 GMT -> LiveUpdate has called the last callback for product SESM AntiVirus Client Win64, so LiveUpdate is informing the callback proxy that it can exit.
6/4/2009, 9:16:28 GMT -> LiveUpdate is about to execute a PostSession callback for product SESM Network Access Control Client Win32.
6/4/2009, 9:16:28 GMT -> LuCallbackProxy: The callback proxy executable for product {E4052532-F65C-4007-B620-DBEE893C2B2A} is exiting with no errors
6/4/2009, 9:16:28 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/4/2009, 9:16:32 GMT -> ProductRegCom/luProductReg(PID=8252/TID=11260): Destroyed luProductReg object.
6/4/2009, 9:16:32 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/4/2009, 9:16:32 GMT -> The PostSession callback for product SESM Network Access Control Client Win32 completed with a result of 0x0
6/4/2009, 9:16:32 GMT -> LuCallbackProxy: Destroying callback {530DF3AD-6936-3214-A83B-27B63C7997C4}...
6/4/2009, 9:16:32 GMT -> ProductRegCom/luProductReg(PID=8252/TID=11260): Destroyed luProductReg object.
6/4/2009, 9:16:32 GMT -> LiveUpdate has called the last callback for product SESM Network Access Control Client Win32, so LiveUpdate is informing the callback proxy that it can exit.
6/4/2009, 9:16:32 GMT -> LiveUpdate is about to execute a PostSession callback for product SESM Network Access Control Client Win64.
6/4/2009, 9:16:32 GMT -> LuCallbackProxy: The callback proxy executable for product {A6BA2770-E351-4694-AB02-5358E0F9CDBE} is exiting with no errors
6/4/2009, 9:16:32 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/4/2009, 9:16:36 GMT -> ProductRegCom/luProductReg(PID=9268/TID=4636): Destroyed luProductReg object.
6/4/2009, 9:16:36 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/4/2009, 9:16:36 GMT -> The PostSession callback for product SESM Network Access Control Client Win64 completed with a result of 0x0
6/4/2009, 9:16:36 GMT -> LuCallbackProxy: Destroying callback {530DF3AD-6936-3214-A83B-27B63C7997C4}...
6/4/2009, 9:16:36 GMT -> ProductRegCom/luProductReg(PID=9268/TID=4636): Destroyed luProductReg object.
6/4/2009, 9:16:36 GMT -> LiveUpdate has called the last callback for product SESM Network Access Control Client Win64, so LiveUpdate is informing the callback proxy that it can exit.
6/4/2009, 9:16:36 GMT -> LiveUpdate is about to execute a PostSession callback for product SMSMSE Virus Definitions.
6/4/2009, 9:16:36 GMT -> LuCallbackProxy: The callback proxy executable for product {C6ACF447-A89C-42d7-A954-E31003AE0B26} is exiting with no errors
6/4/2009, 9:16:36 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/4/2009, 9:16:37 GMT -> ProductRegCom/luProductReg(PID=12152/TID=8304): Successfully created an instance of an luProductReg object!
6/4/2009, 9:16:37 GMT -> ProductRegCom/luProductReg(PID=12152/TID=8304): Path for calling process executable is C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe.
6/4/2009, 9:16:38 GMT -> ProductRegCom/luProductReg(PID=12152/TID=8304): Destroyed luProductReg object.
6/4/2009, 9:16:38 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/4/2009, 9:16:38 GMT -> The PostSession callback for product SMSMSE Virus Definitions completed with a result of 0x0
6/4/2009, 9:16:38 GMT -> LuCallbackProxy: Destroying callback {0D7E9ED3-A063-4BB1-B3E6-E826F5D68306}...
6/4/2009, 9:16:38 GMT -> LiveUpdate has called the last callback for product SMSMSE Virus Definitions, so LiveUpdate is informing the callback proxy that it can exit.
6/4/2009, 9:16:38 GMT -> Progress Update: PATCH_PROCESSING_FINISH: Number of patches: 1, Num successful: 0
6/4/2009, 9:16:38 GMT -> EVENT - SESSION END FAILED EVENT - The LiveUpdate session ran in Silent Mode. LiveUpdate found 1 updates available, of which 0 were installed and 1 failed to install. The LiveUpdate session exited with a return code of 6013, LiveUpdate is unable to continue, because a file needed on the server may be corrupt. Please run LiveUpdate again later.
6/4/2009, 9:16:38 GMT -> LuCallbackProxy: The callback proxy executable for product {F92F8A7B-F111-4db7-B145-6C41E7D6AE94} is exiting with no errors
6/4/2009, 9:16:38 GMT -> LiveUpdate released 5 of 5 progress callback(s).
6/4/2009, 9:16:39 GMT -> *********************** End of LU Session ***********************
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
6/4/2009, 9:16:44 GMT -> End LuComServer
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////

Try manual update and see if it works. Tell us the results. Thanks.

my assumption

EVENT - PRODUCT UPDATE FAILED EVENT - Update available for Submission Control signatures - 11.0 - SymAllLanguages. Update for Submission Control Data takes product from update 0 to 90603054. Server name - , Update file - scd.zip.dat, Signer - cn=Symantec Corporation,ou=Usage - Prod02SigningToken,ou=Locality - Arizona,ou=Product Group - LiveUpdate,ou=SymSignature,o=Symantec Corporation, package install code 0. The Update executed with a result code of 6013, => LiveUpdate is unable to continue, because a file needed on the server may be corrupt. Please run LiveUpdate again later.

if we break this

Submission Control signatures - 11.0 - SymAllLanguages trying to download the signature..
update 0 to 90603054:--- trying to download 90603054.

The Update executed with a result code of 6013, => LiveUpdate is unable to continue, because a file needed on the server may be corrupt.: may be the download md5 and the definitin md5 does not matched hence would have thrown the error.

if we see the content there is
Submission Control signatures are downloaded, but do not know what is this used for. You may try running the LU again.

Cheers
Pete

i have tried to manual update.
i have download the *.jdb file for the sepm. and placed it in the \Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox\content\incoming folder.
same errors in the event viewer.

and i have downloaded and installed the full client update package.
http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=savce

i have cleared the update cache every time i installed a update.

the logfiles still shows these errors.

6/15/2009, 8:24:29 GMT -> Entering the GetUpdates/actual package phase
6/15/2009, 8:24:29 GMT -> Progress Update: PATCH_DOWNLOADING_START: Number of patches: 1
6/15/2009, 8:24:29 GMT -> Progress Update: TEMPHOSTEX_DOWNLOAD_START: download multiple package files in temphostex mode
6/15/2009, 8:24:29 GMT -> GetUpdates: Decomposer, 1.0.0, SymAllLanguages ==> DAT file: updecabi.zip.dat
6/15/2009, 8:24:29 GMT -> Progress Update: DOWNLOAD_BATCH_START: Files to download: 4, Estimated total size: 1391406
6/15/2009, 8:24:29 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "updecabi.zip.dat", Estimated Size: 1291616, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719"
6/15/2009, 8:24:29 GMT -> CstInetGetFile::DoUNCTransfer() successfully impersonated the COM client.
6/15/2009, 8:24:29 GMT -> CstInetGetFile::DoUNCTransfer() finished impersonating COM client.
6/15/2009, 8:24:29 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "updecabi.zip.dat", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719\dec_abi.dll" HR: 0x0
6/15/2009, 8:24:29 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "updecabi.zip.dat", Estimated Size: 45, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719"
6/15/2009, 8:24:29 GMT -> CstInetGetFile::DoUNCTransfer() successfully impersonated the COM client.
6/15/2009, 8:24:29 GMT -> CstInetGetFile::DoUNCTransfer() finished impersonating COM client.
6/15/2009, 8:24:29 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "updecabi.zip.dat", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719\sesmDecAbi32.dis" HR: 0x0
6/15/2009, 8:24:29 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "updecabi.zip.dat", Estimated Size: 65, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719"
6/15/2009, 8:24:30 GMT -> CstInetGetFile::DoUNCTransfer() successfully impersonated the COM client.
6/15/2009, 8:24:30 GMT -> CstInetGetFile::DoUNCTransfer() finished impersonating COM client.
6/15/2009, 8:24:30 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "updecabi.zip.dat", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719\updecabi.dis" HR: 0x0
6/15/2009, 8:24:30 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "updecabi.zip.dat", Estimated Size: 99680, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719"
6/15/2009, 8:24:30 GMT -> CstInetGetFile::DoUNCTransfer() successfully impersonated the COM client.
6/15/2009, 8:24:30 GMT -> CstInetGetFile::DoUNCTransfer() finished impersonating COM client.
6/15/2009, 8:24:30 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "updecabi.zip.dat", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719\updecabi.exe" HR: 0x0
6/15/2009, 8:24:30 GMT -> Progress Update: DOWNLOAD_BATCH_FINISH: HR: 0x0 , Num Successful: 4
6/15/2009, 8:24:30 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri494\updecabi.zip.dat", Full Download Path: "(null)" HR: 0x0
6/15/2009, 8:24:30 GMT -> ********* Finished Downloading Product Updates *********

6/15/2009, 8:24:30 GMT -> Exiting the GetUpdates call.
6/15/2009, 8:24:30 GMT -> Progress Update: PATCH_PROCESSING_START: Number of patches: 1
6/15/2009, 8:24:30 GMT -> Querying Symantec Location1 key value.
6/15/2009, 8:24:30 GMT -> Query liveupdatedir location.
6/15/2009, 8:24:30 GMT -> Storing liveupdatedir into standard variable map with value: C:\Program Files\Symantec\LiveUpdate.
6/15/2009, 8:24:30 GMT -> Progress Update: PATCH_START: Patch File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719", Script File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719\updecabi.dis"
6/15/2009, 8:24:30 GMT -> Progress Update: SECURITY_PACKAGE_TRUSTED: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719\dec_abi.dll"
6/15/2009, 8:24:30 GMT -> Progress Update: SECURITY_PACKAGE_TRUSTED: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719\sesmDecAbi32.dis"
6/15/2009, 8:24:30 GMT -> Progress Update: SECURITY_PACKAGE_TRUSTED: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719\updecabi.dis"
6/15/2009, 8:24:30 GMT -> Progress Update: SECURITY_PACKAGE_TRUSTED: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719\updecabi.exe"
6/15/2009, 8:24:30 GMT -> Signer: cn=Symantec Corporation,ou=Usage - SigningProd02Token,ou=Locality - Arizona,ou=Product Group - LiveUpdate,ou=SymSignature,o=Symantec Corporation
6/15/2009, 8:24:30 GMT -> Done with file '—•M', which is not being cached. Deleting.
6/15/2009, 8:24:30 GMT -> ##### Unexpected exception caught while unzipping patch. #####
6/15/2009, 8:24:30 GMT -> WARNING: Unexpected exception caught while trying to delete untrusted file: —•M
6/15/2009, 8:24:30 GMT -> Progress Update: PATCH_ERROR: Patch File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719", Script File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719\updecabi.dis", HR: 0x802A0048
6/15/2009, 8:24:30 GMT -> HR 0x802A0048 DECODE: E_FILE_NOT_TRUSTED
6/15/2009, 8:24:30 GMT -> EVENT - PRODUCT UPDATE FAILED EVENT - Update available for Symantec Security Software - 1.0.0 - SymAllLanguages. Update for update takes product from update 2007122001 to 2008021700. Server name - , Update file - updecabi.zip.dat, Signer - cn=Symantec Corporation,ou=Usage - SigningProd02Token,ou=Locality - Arizona,ou=Product Group - LiveUpdate,ou=SymSignature,o=Symantec Corporation, package install code 0. The Update executed with a result code of 6013, => LiveUpdate is unable to continue, because a file needed on the server may be corrupt. Please run LiveUpdate again later.
6/15/2009, 8:24:30 GMT -> Progress Update: PATCH_FINISH: Patch File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719", Script File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt719\updecabi.dis", HR: 0x802A0048
6/15/2009, 8:24:30 GMT -> HR 0x802A0048 DECODE: E_FILE_NOT_TRUSTED
6/15/2009, 8:24:30 GMT -> LiveUpdate is about to execute a PostSession callback for product SESC Virus Definitions Win32 v11.
6/15/2009, 8:24:30 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/15/2009, 8:24:30 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/15/2009, 8:24:30 GMT -> The PostSession callback for product SESC Virus Definitions Win32 v11 completed with a result of 0x0
6/15/2009, 8:24:30 GMT -> LuCallbackProxy: Destroying callback {855BA5F4-6588-4F09-AE61-847E59D08CB0}...
6/15/2009, 8:24:30 GMT -> LiveUpdate has called the last callback for product SESC Virus Definitions Win32 v11, so LiveUpdate is informing the callback proxy that it can exit.
6/15/2009, 8:24:30 GMT -> LiveUpdate is about to execute a PostSession callback for product SESM Content Catalog.
6/15/2009, 8:24:30 GMT -> LuCallbackProxy: The callback proxy executable for product {C60DC234-65F9-4674-94AE-62158EFCA433} is exiting with no errors
6/15/2009, 8:24:30 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/15/2009, 8:24:46 GMT -> ProductRegCom/luProductReg(PID=3056/TID=10384): Destroyed luProductReg object.
6/15/2009, 8:24:46 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/15/2009, 8:24:46 GMT -> The PostSession callback for product SESM Content Catalog completed with a result of 0x0
6/15/2009, 8:24:46 GMT -> LuCallbackProxy: Destroying callback {530DF3AD-6936-3214-A83B-27B63C7997C4}...
6/15/2009, 8:24:46 GMT -> ProductRegCom/luProductReg(PID=3056/TID=10384): Destroyed luProductReg object.
6/15/2009, 8:24:46 GMT -> LiveUpdate has called the last callback for product SESM Content Catalog, so LiveUpdate is informing the callback proxy that it can exit.
6/15/2009, 8:24:46 GMT -> LiveUpdate is about to execute a PostSession callback for product SESM AntiVirus Client Win32.
6/15/2009, 8:24:46 GMT -> LuCallbackProxy: The callback proxy executable for product {7073FE74-CAB0-42cc-B839-9808FCB47909} is exiting with no errors
6/15/2009, 8:24:46 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/15/2009, 8:24:51 GMT -> ProductRegCom/luProductReg(PID=10884/TID=11104): Destroyed luProductReg object.
6/15/2009, 8:24:51 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/15/2009, 8:24:51 GMT -> The PostSession callback for product SESM AntiVirus Client Win32 completed with a result of 0x0
6/15/2009, 8:24:51 GMT -> LuCallbackProxy: Destroying callback {530DF3AD-6936-3214-A83B-27B63C7997C4}...
6/15/2009, 8:24:51 GMT -> ProductRegCom/luProductReg(PID=10884/TID=11104): Destroyed luProductReg object.
6/15/2009, 8:24:51 GMT -> LiveUpdate has called the last callback for product SESM AntiVirus Client Win32, so LiveUpdate is informing the callback proxy that it can exit.
6/15/2009, 8:24:51 GMT -> LiveUpdate is about to execute a PostSession callback for product SESM AntiVirus Client Win64.
6/15/2009, 8:24:51 GMT -> LuCallbackProxy: The callback proxy executable for product {C1CE7FFE-E00E-4314-8C6A-A0F10055C264} is exiting with no errors
6/15/2009, 8:24:51 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/15/2009, 8:24:57 GMT -> ProductRegCom/luProductReg(PID=10472/TID=11024): Destroyed luProductReg object.
6/15/2009, 8:24:57 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/15/2009, 8:24:57 GMT -> The PostSession callback for product SESM AntiVirus Client Win64 completed with a result of 0x0
6/15/2009, 8:24:57 GMT -> LuCallbackProxy: Destroying callback {530DF3AD-6936-3214-A83B-27B63C7997C4}...
6/15/2009, 8:24:57 GMT -> ProductRegCom/luProductReg(PID=10472/TID=11024): Destroyed luProductReg object.
6/15/2009, 8:24:57 GMT -> LiveUpdate has called the last callback for product SESM AntiVirus Client Win64, so LiveUpdate is informing the callback proxy that it can exit.
6/15/2009, 8:24:57 GMT -> LiveUpdate is about to execute a PostSession callback for product SESM Network Access Control Client Win32.
6/15/2009, 8:24:57 GMT -> LuCallbackProxy: The callback proxy executable for product {E4052532-F65C-4007-B620-DBEE893C2B2A} is exiting with no errors
6/15/2009, 8:24:57 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/15/2009, 8:25:00 GMT -> ProductRegCom/luProductReg(PID=10480/TID=11412): Destroyed luProductReg object.
6/15/2009, 8:25:00 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/15/2009, 8:25:00 GMT -> The PostSession callback for product SESM Network Access Control Client Win32 completed with a result of 0x0
6/15/2009, 8:25:00 GMT -> LuCallbackProxy: Destroying callback {530DF3AD-6936-3214-A83B-27B63C7997C4}...
6/15/2009, 8:25:00 GMT -> ProductRegCom/luProductReg(PID=10480/TID=11412): Destroyed luProductReg object.
6/15/2009, 8:25:00 GMT -> LiveUpdate has called the last callback for product SESM Network Access Control Client Win32, so LiveUpdate is informing the callback proxy that it can exit.
6/15/2009, 8:25:00 GMT -> LiveUpdate is about to execute a PostSession callback for product SESM Network Access Control Client Win64.
6/15/2009, 8:25:00 GMT -> LuCallbackProxy: The callback proxy executable for product {A6BA2770-E351-4694-AB02-5358E0F9CDBE} is exiting with no errors
6/15/2009, 8:25:00 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/15/2009, 8:25:04 GMT -> ProductRegCom/luProductReg(PID=6524/TID=8588): Destroyed luProductReg object.
6/15/2009, 8:25:04 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/15/2009, 8:25:04 GMT -> The PostSession callback for product SESM Network Access Control Client Win64 completed with a result of 0x0
6/15/2009, 8:25:04 GMT -> LuCallbackProxy: Destroying callback {530DF3AD-6936-3214-A83B-27B63C7997C4}...
6/15/2009, 8:25:04 GMT -> ProductRegCom/luProductReg(PID=6524/TID=8588): Destroyed luProductReg object.
6/15/2009, 8:25:04 GMT -> LiveUpdate has called the last callback for product SESM Network Access Control Client Win64, so LiveUpdate is informing the callback proxy that it can exit.
6/15/2009, 8:25:04 GMT -> LiveUpdate is about to execute a PostSession callback for product SMSMSE Virus Definitions.
6/15/2009, 8:25:04 GMT -> LuCallbackProxy: The callback proxy executable for product {C6ACF447-A89C-42d7-A954-E31003AE0B26} is exiting with no errors
6/15/2009, 8:25:04 GMT -> LuCallbackProxy: Calling the callback's OnLUNotify() method...
6/15/2009, 8:25:04 GMT -> ProductRegCom/luProductReg(PID=8836/TID=11304): Successfully created an instance of an luProductReg object!
6/15/2009, 8:25:04 GMT -> ProductRegCom/luProductReg(PID=8836/TID=11304): Path for calling process executable is C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe.
6/15/2009, 8:25:05 GMT -> ProductRegCom/luProductReg(PID=8836/TID=11304): Destroyed luProductReg object.
6/15/2009, 8:25:05 GMT -> LuCallbackProxy: The callback proxy finished executing the callback with a result code of 0x0
6/15/2009, 8:25:05 GMT -> The PostSession callback for product SMSMSE Virus Definitions completed with a result of 0x0
6/15/2009, 8:25:05 GMT -> LuCallbackProxy: Destroying callback {0D7E9ED3-A063-4BB1-B3E6-E826F5D68306}...
6/15/2009, 8:25:05 GMT -> LiveUpdate has called the last callback for product SMSMSE Virus Definitions, so LiveUpdate is informing the callback proxy that it can exit.
6/15/2009, 8:25:05 GMT -> Progress Update: PATCH_PROCESSING_FINISH: Number of patches: 1, Num successful: 0
6/15/2009, 8:25:05 GMT -> EVENT - SESSION END FAILED EVENT - The LiveUpdate session ran in Silent Mode. LiveUpdate found 1 updates available, of which 0 were installed and 1 failed to install. The LiveUpdate session exited with a return code of 6013, LiveUpdate is unable to continue, because a file needed on the server may be corrupt. Please run LiveUpdate again later.
6/15/2009, 8:25:05 GMT -> LuCallbackProxy: The callback proxy executable for product {F92F8A7B-F111-4db7-B145-6C41E7D6AE94} is exiting with no errors
6/15/2009, 8:25:06 GMT -> LiveUpdate released 5 of 5 progress callback(s).
6/15/2009, 8:25:06 GMT -> *********************** End of LU Session ***********************

Hi,

Check your Proxy settings.
 

there isn't a proxy. The updates are being downloaded.
although the error persists.

Make ur error support Enhanced and check for the error

Is your manger Uptodate.
Check that under SEPM > Admin > Server > Local sites & click on show liveupdate downloads & check all the downloads it could be possible that your 64bit or 32 bit defs might not beeing updated

i'v checked and some parts are not being updated. Maybe this is because i haven't installed all the endpoint components, like snac and proactive thread protection.
the antivirus is up to date. so don't mind the error that much.
would be nice if the error showed what components he can't update and for what reason.