New Windows 10 Pro install (version 1511, build 10586.71), running SEPM 12.1.6 MP1 (12.1.6306.6100). Everything works fine for a few days, then the virus definitions stop updating.
Management console shows correct "Latest from Symantec", but "Latest on Server" remains stuck on older version. Once the problem occurs, running LiveUpdate from the management console gives only:
February 24, 2016 7:37:13 AM CST: LiveUpdate succeeded. [Site: My Site] [Server: <server name>]
February 24, 2016 7:37:13 AM CST: LUALL.EXE finished running. [Site: My Site] [Server: <server name>]
February 24, 2016 7:37:13 AM CST: LUALL.EXE successfully updated the content. Return code = 0. [Site: My Site] [Server: <server name>]
February 24, 2016 7:37:12 AM CST: LUALL.EXE has been launched. [Site: My Site] [Server: <server name>]
February 24, 2016 7:37:12 AM CST: Download started. [Site: My Site] [Server: <server name>]
When I then look in Log.Liveupdate, the last entry is for the last time it actually downloaded files, in today’s case almost six hours before. There are errors at the end of that run "PRODUCT UPDATE FAILED EVENT", "aborted because LiveUpdate was unable to launch its callback helper process." and "A callback proxy process was still running at the end of the LiveUpdate session." (end snippet of Log.Liveupdate attached). The SesmLu.log also has no entries after the last time LiveUpdate actually downloaded files (end snippet of SesmLu.log attached).
The only error messages in the Windows log are reminders that we have however many days left on our trial license (currently 17).
I have tried stopping the Symantec processes:
Symantec Embedded Database
Symantec Endpoint Protection
Symantec Endpoint Protection Launcher
Symantec Endpoint Protection Manager
Symantec Endpoint Protection Manager Webserver
and then restarting them, but the problem continues.
The only solution I have found is to reboot the machine, after which SQL Anywhere Network Server (32 bit), Symantec Install Component (32 bit), and Symantec Service Framework (32 bit) do a lot of work for over 30 minutes, spiking at to 30% CPU, 50% disk I/O (10-20 MB/s) for long periods. Then everything goes back to normal for a few days, until the problem occurs again.
And, yes, I did try reinstalling LiveUpdate when this first happened. That seemed to "fix" it, but it was really the reboot at the end of the install. Problem occurred again after a few days.
Also, I set up a notification to trigger when the virus definitions were more than two days out of date, but this doesn’t trigger until after the reboot, even when the virus definitions are much older.
Does anybody have any ideas where I should go from here?
Thanks.