Hi,
I am having the same problem with my environment.
I have 280 servers and 3 or more servers hangs every day.
When I saw the logs I found the hang after new definitions arrived to server.
Anybody has an idea?
Here is my LU Log:
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
// Start LuComServer
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
7/13/2009, 14:29:03 GMT -> LuComServer version: 3.3.0.61
7/13/2009, 14:29:03 GMT -> LiveUpdate Language: English
7/13/2009, 14:29:03 GMT -> LuComServer Sequence Number: 20070811
7/13/2009, 14:29:03 GMT -> OS: Windows 2003 Standard, Service Pack: 1, Major: 5, Minor: 2, Build: 3790 (32-bit)
7/13/2009, 14:29:03 GMT -> System Language:[0x0409], User Language:[0x0409]
7/13/2009, 14:29:03 GMT -> IE 6 Support
7/13/2009, 14:29:03 GMT -> ComCtl32 version: 6.0
7/13/2009, 14:29:03 GMT -> IP Addresses: 10.8.16.200
7/13/2009, 14:29:03 GMT -> Loading C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Product.Inventory.LiveUpdate
7/13/2009, 14:29:03 GMT -> Opened the product inventory at "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Product.Inventory.LiveUpdate".
7/13/2009, 14:29:03 GMT -> Account launching LiveUpdate is not a logged in user's account
7/13/2009, 14:29:03 GMT -> Combined Product Inventory Flags 0, Permanent Flags 0, Permanent Flags Filter 0
7/13/2009, 14:29:03 GMT -> LiveUpdate flag value for this run is 0
7/13/2009, 14:29:03 GMT -> C:\WINDOWS\system32\Drivers\etc\hosts is either unreachable or not modifiable for cleaning work, no further processing
7/13/2009, 14:29:04 GMT -> **** Starting a Silent LiveUpdate Session ****
7/13/2009, 14:29:04 GMT -> *********************** Start of New LU Session ***********************
7/13/2009, 14:29:05 GMT -> The command line is -S
7/13/2009, 14:29:05 GMT -> EVENT - SESSION START EVENT - The LiveUpdate session is running in Silent Mode.
7/13/2009, 14:29:06 GMT -> Check for updates to: Product: LiveUpdate, Version: 3.3.0.61, Language: English. Mini-TRI file name: liveupdate_3.3.0.61_english_livetri.zip
7/13/2009, 14:29:06 GMT -> LiveUpdate is about to launch a new callback proxy process for product SESC Virus Definitions Win32 v11 with moniker {C60DC234-65F9-4674-94AE-62158EFCA433}.
7/13/2009, 14:29:06 GMT -> Starting Callback Proxy Worker thread.
7/13/2009, 14:29:06 GMT -> The callback proxy for moniker {C60DC234-65F9-4674-94AE-62158EFCA433} was successfully registered with LiveUpdate.
7/13/2009, 14:29:06 GMT -> LiveUpdate successfully launched a new callback proxy process for product SESC Virus Definitions Win32 v11.
7/13/2009, 14:29:06 GMT -> LiveUpdate is about to execute a PreSession callback for product SESC Virus Definitions Win32 v11.
7/13/2009, 14:29:23 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Successfully created an instance of an luProductReg object!
7/13/2009, 14:29:24 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Path for calling process executable is C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe.
7/13/2009, 14:29:25 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Setting property for Moniker = {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B}, PropertyName = SEQ.HUBDEFS, Value = 80318034
7/13/2009, 14:29:25 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Setting property for Moniker = {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B}, PropertyName = SEQ.CURDEFS, Value = 90713002
7/13/2009, 14:29:25 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Setting property for Moniker = {C60DC234-65F9-4674-94AE-62158EFCA433}, PropertyName = SEQ.CURDEFS, Value = 90713002
7/13/2009, 14:29:25 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Destroyed luProductReg object.
7/13/2009, 14:29:26 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Successfully created an instance of an luProductReg object!
7/13/2009, 14:29:26 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Path for calling process executable is C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe.
7/13/2009, 14:29:26 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Setting property for Moniker = {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B}, PropertyName = VERSION, Value = MicroDefsB.Old
7/13/2009, 14:29:27 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Setting property for Moniker = {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B}, PropertyName = SEQ.HUBDEFS, Value = 80318034
7/13/2009, 14:29:28 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Setting property for Moniker = {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B}, PropertyName = SEQ.CURDEFS, Value = 90713002
7/13/2009, 14:29:28 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Destroyed luProductReg object.
7/13/2009, 14:29:28 GMT -> The callback proxy finished executing the callback with a result code of 0x0
7/13/2009, 14:29:28 GMT -> The PreSession callback for product SESC Virus Definitions Win32 v11 completed with a result of 0x0
7/13/2009, 14:29:28 GMT -> Progress Update: TRYING_HOST: HostName: "liveupdate.symantecliveupdate.com" URL: "http://liveupdate.symantecliveupdate.com" HostNumber: 0
7/13/2009, 14:29:28 GMT -> Progress Update: TRIFILE_DOWNLOAD_START: Number of TRI files: 0 Downloading LiveUpdate catalog file
7/13/2009, 14:29:28 GMT -> LiveUpdate will download the first Mini-TRI file, liveupdate_3.3.0.61_english_livetri.zip
7/13/2009, 14:29:28 GMT -> Progress Update: DOWNLOAD_BATCH_START: Files to download: 1, Estimated total size: 0
7/13/2009, 14:29:28 GMT -> Progress Update: PRE_CONNECT: Proxy: "(not-available)" Agent: "Symantec LiveUpdate" AccessType: 0x0
7/13/2009, 14:29:29 GMT -> Progress Update: CONNECTED: Proxy: "(not-available)" Agent: "e6Z4FpE2xYIu0Sht5shn8KONDiwr0RbSgAAAAA" AccessType: 0x0
7/13/2009, 14:29:29 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "http://liveupdate.symantecliveupdate.com/liveupdate_3.3.0.61_english_livetri.zip", Estimated Size: 0, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads"
7/13/2009, 14:29:51 GMT -> CSendHTTPRequest::SendRequest - Timed out while communicating with server.
7/13/2009, 14:29:51 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: - NOTE - URL: "http://liveupdate.symantecliveupdate.com/liveupdate_3.3.0.61_english_livetri.zip", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\liveupdate_3.3.0.61_english_livetri.zip" HR: 0x802A0045
7/13/2009, 14:29:51 GMT -> HR 0x802A0045 DECODE: E_UNABLE_TO_REACH_SERVER
7/13/2009, 14:29:51 GMT -> Progress Update: DOWNLOAD_BATCH_FINISH: HR: 0x802A0045, Num Successful: 0
7/13/2009, 14:29:51 GMT -> HR 0x802A0045 DECODE: E_UNABLE_TO_REACH_SERVER
7/13/2009, 14:29:51 GMT -> EVENT - SERVER SELECTION FAILED EVENT - LiveUpdate failed to connect to server liveupdate.symantecliveupdate.com at path via a HTTP connection. The server connection attempt failed with a return code of 1814, LiveUpdate could not retrieve the catalog file of available Symantec product and component updates.
7/13/2009, 14:29:51 GMT -> Progress Update: TRYING_HOST: HostName: "liveupdate.symantec.com" URL: "http://liveupdate.symantec.com" HostNumber: 1
7/13/2009, 14:29:52 GMT -> Progress Update: DISCONNECT
7/13/2009, 14:29:52 GMT -> Progress Update: TRIFILE_DOWNLOAD_START: Number of TRI files: 0 Downloading LiveUpdate catalog file
7/13/2009, 14:29:52 GMT -> LiveUpdate will download the first Mini-TRI file, liveupdate_3.3.0.61_english_livetri.zip
7/13/2009, 14:29:53 GMT -> Progress Update: DOWNLOAD_BATCH_START: Files to download: 1, Estimated total size: 0
7/13/2009, 14:29:53 GMT -> Progress Update: PRE_CONNECT: Proxy: "(not-available)" Agent: "e6Z4FpE2xYIu0Sht5shn8KONDiwr0RbSgAAAAA" AccessType: 0x0
7/13/2009, 14:29:53 GMT -> Progress Update: CONNECTED: Proxy: "(not-available)" Agent: "e6Z4FpE2xYIu0Sht5shn8KONDiwr0RbSgAAAAA" AccessType: 0x0
7/13/2009, 14:29:53 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "http://liveupdate.symantec.com/liveupdate_3.3.0.61_english_livetri.zip", Estimated Size: 0, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads"
7/13/2009, 14:30:14 GMT -> CSendHTTPRequest::SendRequest - Timed out while communicating with server.
7/13/2009, 14:30:14 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: - NOTE - URL: "http://liveupdate.symantec.com/liveupdate_3.3.0.61_english_livetri.zip", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\liveupdate_3.3.0.61_english_livetri.zip" HR: 0x802A0045
7/13/2009, 14:30:14 GMT -> HR 0x802A0045 DECODE: E_UNABLE_TO_REACH_SERVER
7/13/2009, 14:30:14 GMT -> Progress Update: DOWNLOAD_BATCH_FINISH: HR: 0x802A0045, Num Successful: 0
7/13/2009, 14:30:14 GMT -> HR 0x802A0045 DECODE: E_UNABLE_TO_REACH_SERVER
7/13/2009, 14:30:14 GMT -> EVENT - SERVER SELECTION FAILED EVENT - LiveUpdate failed to connect to server liveupdate.symantec.com at path via a HTTP connection. The server connection attempt failed with a return code of 1814, LiveUpdate could not retrieve the catalog file of available Symantec product and component updates.
7/13/2009, 14:30:14 GMT -> Progress Update: TRYING_HOST: HostName: "update.symantec.com" URL: "ftp://update.symantec.com/opt/content/onramp" HostNumber: 2
7/13/2009, 14:30:14 GMT -> Progress Update: DISCONNECT
7/13/2009, 14:30:14 GMT -> Progress Update: TRIFILE_DOWNLOAD_START: Number of TRI files: 0 Downloading LiveUpdate catalog file
7/13/2009, 14:30:14 GMT -> LiveUpdate will download the first Mini-TRI file, liveupdate_3.3.0.61_english_livetri.zip
7/13/2009, 14:30:14 GMT -> Progress Update: DOWNLOAD_BATCH_START: Files to download: 1, Estimated total size: 0
7/13/2009, 14:30:15 GMT -> Progress Update: PRE_CONNECT: Proxy: "(not-available)" Agent: "e6Z4FpE2xYIu0Sht5shn8KONDiwr0RbSgAAAAA" AccessType: 0x0
7/13/2009, 14:30:15 GMT -> Progress Update: CONNECTED: Proxy: "(not-available)" Agent: "e6Z4FpE2xYIu0Sht5shn8KONDiwr0RbSgAAAAA" AccessType: 0x0
7/13/2009, 14:30:15 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "ftp://update.symantec.com/opt/content/onramp/liveupdate_3.3.0.61_english_livetri.zip", Estimated Size: 0, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads"
7/13/2009, 14:30:36 GMT -> CstInetGetFile::DoTransfer - Timed out while communicating with server.
7/13/2009, 14:30:36 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: - NOTE - URL: "ftp://update.symantec.com/opt/content/onramp/liveupdate_3.3.0.61_english_livetri.zip", Full Download Path: "(null)" HR: 0x802A0045
7/13/2009, 14:30:36 GMT -> HR 0x802A0045 DECODE: E_UNABLE_TO_REACH_SERVER
7/13/2009, 14:30:36 GMT -> Progress Update: DOWNLOAD_BATCH_FINISH: HR: 0x802A0045, Num Successful: 0
7/13/2009, 14:30:36 GMT -> HR 0x802A0045 DECODE: E_UNABLE_TO_REACH_SERVER
7/13/2009, 14:30:36 GMT -> EVENT - SERVER SELECTION FAILED EVENT - LiveUpdate failed to connect to server update.symantec.com at path /opt/content/onramp via a FTP connection. The server connection attempt failed with a return code of 1814, LiveUpdate could not retrieve the catalog file of available Symantec product and component updates.
7/13/2009, 14:30:36 GMT -> Progress Update: HOST_SELECTION_ERROR: Error: 0x802A0027
7/13/2009, 14:30:36 GMT -> LiveUpdate did not find any new updates for the given products.
7/13/2009, 14:30:36 GMT -> EVENT - SESSION END FAILED EVENT - The LiveUpdate session ran in Silent Mode. LiveUpdate found 0 updates available, of which 0 were installed and 0 failed to install. The LiveUpdate session exited with a return code of 1814, LiveUpdate could not retrieve the catalog file of available Symantec product and component updates.
7/13/2009, 14:30:37 GMT -> LiveUpdate is about to execute a PostSession callback for product SESC Virus Definitions Win32 v11.
7/13/2009, 14:30:39 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Successfully created an instance of an luProductReg object!
7/13/2009, 14:30:39 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Path for calling process executable is C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe.
7/13/2009, 14:30:40 GMT -> ProductRegCom/luProductReg(PID=5700/TID=4104): Destroyed luProductReg object.
7/13/2009, 14:30:40 GMT -> The callback proxy finished executing the callback with a result code of 0x0
7/13/2009, 14:30:40 GMT -> The PostSession callback for product SESC Virus Definitions Win32 v11 completed with a result of 0x0
7/13/2009, 14:30:40 GMT -> Successfully released callback {855BA5F4-6588-4F09-AE61-847E59D08CB0}
7/13/2009, 14:30:40 GMT -> LiveUpdate has called the last callback for product SESC Virus Definitions Win32 v11, so LiveUpdate is informing the callback proxy that it can exit.
7/13/2009, 14:30:40 GMT -> The callback proxy executable for product {C60DC234-65F9-4674-94AE-62158EFCA433} is exiting with no errors
7/13/2009, 14:30:41 GMT -> *********************** End of LU Session ***********************
7/13/2009, 14:30:43 GMT -> LuComServer version: 3.3.0.61
7/13/2009, 14:30:43 GMT -> LiveUpdate Language: English
7/13/2009, 14:30:43 GMT -> LuComServer Sequence Number: 20070811
7/13/2009, 14:30:43 GMT -> OS: Windows 2003 Standard, Service Pack: 1, Major: 5, Minor: 2, Build: 3790 (32-bit)
7/13/2009, 14:30:44 GMT -> System Language:[0x0409], User Language:[0x0409]
7/13/2009, 14:30:44 GMT -> IE 6 Support
7/13/2009, 14:30:44 GMT -> ComCtl32 version: 6.0
7/13/2009, 14:30:44 GMT -> IP Addresses: 10.8.16.200
7/13/2009, 14:30:44 GMT -> Loading C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Product.Inventory.LiveUpdate
7/13/2009, 14:30:44 GMT -> Opened the product inventory at "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Product.Inventory.LiveUpdate".
7/13/2009, 14:30:44 GMT -> Account launching LiveUpdate is not a logged in user's account
7/13/2009, 14:30:44 GMT -> Combined Product Inventory Flags 0, Permanent Flags 0, Permanent Flags Filter 0
7/13/2009, 14:30:44 GMT -> LiveUpdate flag value for this run is 0
7/13/2009, 14:30:44 GMT -> ProductRegCom/luProductReg(PID=4268/TID=4916): Successfully created an instance of an luProductReg object!
7/13/2009, 14:30:44 GMT -> ProductRegCom/luProductReg(PID=4268/TID=4916): Path for calling process executable is C:\Program Files\Symantec AntiVirus\SescLU.exe.
7/13/2009, 14:30:44 GMT -> ProductRegCom/luProductReg(PID=4268/TID=4916): Destroyed luProductReg object.
7/13/2009, 14:30:45 GMT -> LuComServer version: 3.3.0.61
7/13/2009, 14:30:45 GMT -> LiveUpdate Language: English
7/13/2009, 14:30:45 GMT -> LuComServer Sequence Number: 20070811
7/13/2009, 14:30:45 GMT -> OS: Windows 2003 Standard, Service Pack: 1, Major: 5, Minor: 2, Build: 3790 (32-bit)
7/13/2009, 14:30:46 GMT -> System Language:[0x0409], User Language:[0x0409]
7/13/2009, 14:30:46 GMT -> IE 6 Support
7/13/2009, 14:30:46 GMT -> ComCtl32 version: 6.0
7/13/2009, 14:30:46 GMT -> IP Addresses: 10.8.16.200
7/13/2009, 14:30:46 GMT -> Loading C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Product.Inventory.LiveUpdate
7/13/2009, 14:30:46 GMT -> Opened the product inventory at "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Product.Inventory.LiveUpdate".
7/13/2009, 14:30:46 GMT -> Account launching LiveUpdate is not a logged in user's account
7/13/2009, 14:30:46 GMT -> Combined Product Inventory Flags 0, Permanent Flags 0, Permanent Flags Filter 0
7/13/2009, 14:30:46 GMT -> LiveUpdate flag value for this run is 0
7/13/2009, 14:30:46 GMT -> ProductRegCom/luProductReg(PID=4268/TID=4848): Successfully created an instance of an luProductReg object!
7/13/2009, 14:30:46 GMT -> ProductRegCom/luProductReg(PID=4268/TID=4848): Path for calling process executable is C:\Program Files\Symantec AntiVirus\SescLU.exe.
7/13/2009, 14:30:46 GMT -> ProductRegCom/luProductReg(PID=4268/TID=4848): Destroyed luProductReg object.
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
// End LuComServer
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
// Start LuComServer
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
7/13/2009, 20:44:59 GMT -> LuComServer version: 3.3.0.61
7/13/2009, 20:44:59 GMT -> LiveUpdate Language: English
7/13/2009, 20:44:59 GMT -> LuComServer Sequence Number: 20070811
7/13/2009, 20:44:59 GMT -> OS: Windows 2003 Standard, Service Pack: 1, Major: 5, Minor: 2, Build: 3790 (32-bit)
7/13/2009, 20:44:59 GMT -> System Language:[0x0409], User Language:[0x0409]
7/13/2009, 20:44:59 GMT -> IE 6 Support
7/13/2009, 20:44:59 GMT -> ComCtl32 version: 6.0
7/13/2009, 20:44:59 GMT -> IP Addresses: 10.8.16.200
7/13/2009, 20:44:59 GMT -> Loading C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Product.Inventory.LiveUpdate
7/13/2009, 20:44:59 GMT -> Opened the product inventory at "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Product.Inventory.LiveUpdate".
7/13/2009, 20:44:59 GMT -> Account launching LiveUpdate is not a logged in user's account
7/13/2009, 20:44:59 GMT -> Combined Product Inventory Flags 0, Permanent Flags 0, Permanent Flags Filter 0
7/13/2009, 20:44:59 GMT -> LiveUpdate flag value for this run is 0
7/13/2009, 20:44:59 GMT -> ProductRegCom/luProductReg(PID=2396/TID=5116): Successfully created an instance of an luProductReg object!
7/13/2009, 20:44:59 GMT -> ProductRegCom/luProductReg(PID=2396/TID=5116): Path for calling process executable is C:\Program Files\Symantec AntiVirus\SescLU.exe.
7/13/2009, 20:45:00 GMT -> ProductRegCom/luProductReg(PID=2396/TID=5116): Setting property for Moniker = {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B}, PropertyName = SEQ.HUBDEFS, Value = 80318034
7/13/2009, 20:45:00 GMT -> ProductRegCom/luProductReg(PID=2396/TID=5116): Setting property for Moniker = {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B}, PropertyName = SEQ.CURDEFS, Value = 90713002
7/13/2009, 20:45:00 GMT -> ProductRegCom/luProductReg(PID=2396/TID=5116): Setting property for Moniker = {C60DC234-65F9-4674-94AE-62158EFCA433}, PropertyName = SEQ.CURDEFS, Value = 90713002
7/13/2009, 20:45:00 GMT -> ProductRegCom/luProductReg(PID=2396/TID=5116): Destroyed luProductReg object.
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
// End LuComServer
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
Thanks,
Fernando Aleixo