Endpoint Protection

Hello,

I am using the LiveUpdate Administration Utility v 1.5.4 to download the latest Symantec Virus definition , the files are correctly downloaded to the download directory
I am checking the following products line:

-Symante Antivirus Virus definition.
-Symantec Antivirus Corporate Editions.

i am checking the following for the languages:
-SymAllLanguages
-English
-French

On the client side i have Symantec v10 installed and after running LUALL i have a message that all Symantec products are up to date however when checking the logs and the registry i don't see that the client machine had the latest virus definition installed...

Is there a way i can check that the latest virus definition was correctly installed to clients? An action to be taken in case  client are not having the updates?

i am checking value "NAVCORP_70" of key ' HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs'of registry

AND here is an extract from the logs:

 

9/7/2010, 10:13:54 GMT -> ***********************        Start of New LU Session        ***********************
9/7/2010, 10:13:55 GMT -> EVENT - SESSION START EVENT - The LiveUpdate session is running in Interactive Mode.
9/7/2010, 10:13:55 GMT -> Check for updates to:  Product: LiveUpdate, Version: 3.5.0.64, Language: French.  Mini-TRI file name: liveupdate_3.5.0.64_french_livetri.zip
9/7/2010, 10:13:55 GMT -> Progress Update: TRYING_HOST: HostName: "fep-reps-cai01" URL: "ftp://172.30.70.6/Symantec" HostNumber: 0
9/7/2010, 10:13:55 GMT -> Progress Update: TRIFILE_DOWNLOAD_START: Number of TRI files: 0 Downloading LiveUpdate catalog file
9/7/2010, 10:13:55 GMT -> LiveUpdate will download the first Mini-TRI file, liveupdate_3.5.0.64_french_livetri.zip
9/7/2010, 10:13:55 GMT -> Progress Update: DOWNLOAD_BATCH_START: Files to download: 1, Estimated total size: 0
9/7/2010, 10:13:55 GMT -> Progress Update: PRE_CONNECT: Proxy: "(not-available)" Agent: "Symantec LiveUpdate" AccessType: 0x0      
9/7/2010, 10:13:57 GMT -> Progress Update: CONNECTED: Proxy: "(not-available)" Agent: "7i9eVhqBoKjOOFllQLsr5OlRwS4PRCGTAAAAAA" AccessType: 0x0      
9/7/2010, 10:13:57 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "ftp://172.30.70.6/Symantec/liveupdate_3.5.0.64_french_livetri.zip", Estimated Size: 0, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads"
9/7/2010, 10:13:57 GMT -> CstInetGetFile::DoTransfer() successfully impersonated the COM client.
9/7/2010, 10:13:57 GMT -> CstInetGetFile::DoTransfer() finished impersonating the COM client.
9/7/2010, 10:13:58 GMT -> CstInetGetFile::DoTransfer() - InternetOpenUrl returned extended error: 550 /Symantec/liveupdate_3.5.0.64_french_livetri.zip: The system cannot find the file specified.

 

Check the following article

Title: 'Error: "All Symantec Products . . . are currently up to date" and cannot download a Symantec product from an internal LiveUpdate server'
Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2002091007405248?Open&seg=ent

hi,
looks like the internal Liveupdate server has not downloaded the definition, you may need to check this link
http://service1.symantec.com/support/ent-security.nsf/docid/2002091007405248?Open&seg=ent

Hello,
i already checked this link...

 Is there any other way that can help me troubleshooting this issue on the client side?

Attached is a screen shot of the product names that appear when running LUALL on the client machine, i have Symantec Antivirus version 10.1

Is Symantec Antivirus Virus definition the correct choice on the Utility? i really don't see other product name that i can check...
 How can i make sure that the correct file is downloaded and made available in the download directory?

Thanks for your help on this! 

I think you can go for LUA 2.2.2.9.It is the latest available version.It is having a lot of new features.
Current version of LiveUpdate Administrator
Installing and configuring LiveUpdate Administrator 2.x
It will be able to download the updates for 10.x also....

refer this
http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/2003090514252213

 Hello,

i need to run the Utility within a script , that 's why i am going for this version where i can do a silent update...

Any issues with version 1.5.4 and Symantec 10.X ? any available documentation that can help?

thanks!

Hello,

If i am downloading the updates using ftp from an internal server, am i supposed to open ftp , http and https ports as well ?

Please note that i can manually download livetri file without any problem, and i have the 3 files installed on the client machine..

Thanks!

Hi there,

It seems that the link was established and the file was accessed but the update didn't process.

There might be two reasons for it.

1. Either the definition might have been corrupt on that client machine
2. The Proper definition might haven't been downloaded by the LUA

Try doing like this....

1. Access this link ftp://172.30.70.6/Symantec and tell me what do you see??

If you see a list of files, try downloading the file and see whether it successfully updates.

Also Please take a screenshot of your SAV and post it here, Let me have a look at it.

Thanks,
Narendran.K

Hi Narendran,

Thanks for your response!

I can access the link ftp://172.30.70.6/Symantec and can see the signature files from the client machine, when trying to download the full definition file "1282336326jtun_sav10ennful25.m25" it took me about 12 minutes... maybe the slowliness is the cause?

I tried to manually run the .m25 file after  but couldn't, is there a specific command to do this? sorry i am new with symantec !

For the screen shot , you need a screen shot for the product itself?or version in registry key ...etc Thanks to specify what exactly you need ...

Thanks again for your help!

Refer and  try with this and check..

 

https://www-secure.symantec.com/connect/forums/sepm-virus-definition-out-date-compare-liveupdate-administrator#comment-4459821

Hello Again,

Kindly advise if the attached is what you need for the Syamnatec AV screen shot.

Thanks!

when you type 

Luall.exe

what do you see in the progress bar?

does it show its connecting to the LUadmin or its goings to parent server.

you can try downloading the lu after a restarting the symantec antivirus services.

 

Download the virus definition file and run , then see next scheduled or live update launched one is showing the correct def version..
http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=savce

 

ow you try with live update and check the status

Hi,

it connect to the LUadmin (my ftp server), it shows also some progress in Ko for getting the updates files and then it exists showing a messagethat all products are up to date, attached is a screen shot on a newly installed Symantec AV test machine where i didn't run Liveupdate while installing the symantec AV.

Attached also the log file when running the LUALL on this machine, it seems that the only downloaded file is the livetri.

shared definition "HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs\DefWatch" registry key shows no values

Any advise?

Thanks for the info, i just downloaded  the the latest virus definition on one machine and keep you updated if this works!

Hi Mhh,

when I checked the logs it seems it is connecting to ftp://172.30.70.6/Symantec/liveupdate_3.2.0.68_french_livetri.zip and gets the products list which has to be updated.

 

I need you to do two things

1. First empty the content of the LUA download folder

2. Choose only the English Language and SymAllLanguages inside the language list of the LUA

 

retrieve the updates in the LUA.

 

Once these are done, run the liveupdate and let me know the result.

Thanks,
Narendran K

MHH can you update the status?

Hi Maheshroja,

 Yesterday ,i downloaded and run manually the latest virus definition file 20100912-005-i32, and had my machines updated, however when analysing the daily definition files downloaded by the LUA Utility today ,i see that the latest file is 1283933737jtun_sav10en100911002.m25, which for me is oldest virus defs 11.09.2010 no?

Give me another day to confirm if this solved the issue or not...

Thanks!

Hi Thanks for analysing the logs, i did what you asked me to do and keep you updated...

Can i ask how significant is "when I checked the logs it seems it is connecting to ftp://172.30.70.6/Symantec/liveupdate_3.2.0.68_french_livetri.zip and gets the products list which has to be updated." ?

Also is it useful to clear the download directory each time?

Thanks again!

Hi Mhh,

 

First let's see whether it is successfully running the liveupdate now, And if it fails let take next action.

But if it succeeds, We would come to know where the exact problem was.

So, what was the result after emptying the content and executing the liveupdate??

 

Thanks,
Narendran K

Keep observing and update ..

Hello,

The virus definition is still not updated! i attached the log file...

value "NAVCORP_70"of key "HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs"of registry = "C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100912.005"

file "1284462490jtun_sav10en100913004.m25" is correctly downloaded by the utility!

Any suggestion?

Thanks.

go through this below KB Check the permission

http://service1.symantec.com/support/ent-security.nsf/docid/2006042008465548?Open&seg=ent

As per your logs

 

9/15/2010, 8:38:26 GMT -> LiveUpdate did not find any new updates for the given products.
9/15/2010, 8:38:26 GMT -> EVENT - SESSION END SUCCESSFUL EVENT - The LiveUpdate session ran in Interactive Mode. LiveUpdate found 0 updates available, of which 0 were installed and 0 failed to install.  The LiveUpdate session exited with a return code of 100,

Finally check all the configuration once again as per the below KB

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2006042616115348?Open&docid=2005050508401448&nsf=ent-security.nsf&view=docid

Hello,

i checked the KB, and i can't find both files "Settings.LiveUpdate" or "Product.Catalog.LiveUpdate", see attached screenshot

LiveUpdate runs under system account, by default it has the same rights as the admin one no?

apart from that all configs is ok...

Thanks!

Hi I checked this KB once again, and all is ok execpt that i don't use SSC to schedule my clients and server , i am still in a test environment...

i run LUALL from the client manually!

Any thing wrong with this?

Check manual live update launch from the client and check.

Current def version in both live update Administrator and the client side in the console, then compare after update any version change.

And also see the logs for more info.

Can Anyone provide help to get this issue solved ?

Could you please confirm that LiveUpdate administartion Utility v1.5.4 is used to download virus definition updates for "Symantec AntiVirus Corporate Client" version 10.1?

Thanks in advance!

Where can i check this option please? can you provide a screen shot?

Thanks for your help on this..

Hi again , i found in the documentation where i can check the client to manually launch LiveUpdate, but as i already mentioned that i didn't use SSC for configuration of my clients to retrieve updates , so why should i do this step?

Thanks to confirm again that no configuration is to be done from  the "Symantec System Center" for the clients or the internal server to be able to download updates to the clients by manually running the LUALL executable...

yes

Hi , thanks for confirming; but i don't see why i don't have the clients updated with the latest virus definition?

Any suggestion?

okay lets try this

Hope your LUadmin is updated fine

now on one client ; delete the corrupt virus definitions files as per this document

http://service1.symantec.com/support/ent-security.nsf/docid/2007123111551948 ( its applicatble however service name and path will be diff thats it ) 

then run the luall.exe and update us

Hi Mhh,

Please let me know the languages you've selected in the LUA??

Hi

I tried but i still have the same issue!

What's next?

Hi Narendran K,

Actually SymAllLanguages and English!

have you set a distribution in your LUadmin; A dump question though :)

Hi Rafeeq,

What do you mean by setting a distribution in LUadmin?

Please be more specific, thanks :)

as per this document check your distribution in LUadmin

 

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007101913262648

Hi i am using the LiveUpdate administration Utility v1.5.4 and i don't know if this is applicable; never heard about it ;)

configured in this way?

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2006042616115348?Open

i think its because of version conflict; please check this if not done earlier

 

 

 

You must use LiveUpdate Administration Utility 1.5.4 or later with Symantec AntiVirus 10.x or Symantec Client Security 3.x. LiveUpdate Administration Utility 1.5.4 adds support for Symantec AntiVirus 10.x client microdefinitions. If you use an earlier version of the LiveUpdate Administration Utility, you may see the error message that is discussed in the document, "All Symantec Products . . . are currently up to date" and cannot download a Symantec product from an internal LiveUpdate server. 

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2005050508401448?Open&docid=2006042616115348&nsf=ent-security.nsf&view=docid

Hi , checked those links before :(

thanks for your help!

Can i raise it to developpers that can help me understanding, how LiveUpdate program is proceeding for getting the virus definition updates from a download directory on an internal server and then install them on the client?

i don't have a problem for accessing and downloading from the internal server, as from the logs i can download the livetri file, but what make the utility gives me this message however the client needs updates?

 EVENT - SESSION END SUCCESSFUL EVENT - The LiveUpdate session ran in Interactive Mode. LiveUpdate found 0 updates available, of which 0 were installed and 0 failed to install.  The LiveUpdate session exited with a return code of 100, La session LiveUpdate s'est exécutée avec succès. Aucune nouvelle mise à jour n'est disponible pour vos produits.
 

If anyone can help with this it will be great..

Thanks in advance!

Hi Mhh,

I have two suggestion what you can do now

1. Let's Enhance the log and analyze the log.

Open the control panel, Goto Symantec Liveupdate >> Chose Error Support as Enhanced and click ok there

Now run the live update.

Once done, Get the log.liveupdate once again and let me check through it once again.

I suspect some communication issue

2. Let's un-install and reinstall the latest version of LUA 1.5

Goto this link

ftp://ftp.symantec.com/public/english_us_canada/liveupdate/luau_1.5.7/luau.exe

And download the latest version of Liveupdate Administrator Utility.

Now un-install the Old LUA what you have( I presume its 1.5.4) and install the LUA 1.5.7

Try to configure the same settings what you had and now retrive the update and let us know the result.

And also most imp thing, Choose Symantec Antivirus Virus Definitions in the product list.

Hi Narendran K,

Unfortunatly same issue even with the 1.5.7 version , and attached are the logs with the enhanced feature checked, please inform me if i can dig more...

Can anyone post a log file for a client that is suceessfully downloading virus definition updates on a client using a version 1.5.X Utility?

Thanks!

Hi Mhh,

I'll search for the log but meanwhile,

I want you to do like this.

Goto Tools in LUA and choose options, In the options, Choose Remove Unseleted products from the tri files and also choose download today and previous day definitions.

Let me know the result.

Hello Narendran K,

Thanks for your reply, i still have the same issue :( , i found this on knowledge base so i will try it and keep you updated:

http://seer.entsupport.symantec.com/docs/294945.htm

Thanks again for your help and support!

Hi still not working :((( Any idea ?

not sure if the problem is with the version what you are using or if something in your network is blocking it?

do you have ISA server in your network? use proxy?

Is your parent server updated with the latest definitions?

how is your parent server configured for updates? you LUadmin 1.5 ?

if your parent server is updated by running luall.exe then try to make clients get from parent server 

Hi Rafeeq,

To answer your questions , we don't have ISA server and we use proxy.

I am actually doing tests so all i have is two installed symantec client machines , and LiveUpdate Administration Utility 1.5.7 installed on an ftp server and i need my clients machines to get virus definitions updates from the internal ftp server.

However to make sure that there is nothing blocking the traffic, i will put an allow all rule between the clients and the ftp internal server and feed you back!

Thanks a lot for your help!

so how did to distribute that info to your clients; using host file?

 

yes

open the settings.liveupdate ( without any numerics) in a notepad and paste it here.

try this too

 

hi

DOWNLOADS\MINITRI.FLG\CONTENT-LENGTH=1
DOWNLOADS\MINITRI.FLG\LAST-MODIFIED=Fri, 29 Jul 2005 20:24:32 GMT
DOWNLOADS\MINITRI.FLG\LOCALPATH=C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\minitri.flg
DOWNLOADS\MINITRI.FLG\SERVER=liveupdate.symantecliveupdate.com
DOWNLOADS\MINITRI.FLG\SERVERPATH=/minitri.flg
DOWNLOADS\MINITRI.FLG\STATUS=Complete
HOSTS\0\ACCESS=172.30.70.6/Symantec/
HOSTS\0\ACCESS2=ftp://172.30.70.6/Symantec/
HOSTS\0\IS_SYMANTEC:ENC=#WVL`UF7L_E
HOSTS\0\LOGIN:ENC=9T<H\"#*$\$YTEG4G)L%?Q
HOSTS\0\NAME=fep-reps-cai01
HOSTS\0\PASSWORD:ENC=27,_;$QD5:.D*<K1KDH)<!
HOSTS\0\SUBNET=0
HOSTS\0\SUBNETMASK=0
HOSTS\0\TYPE=FTP
HOSTS\HOST_FILE=C:\Program Files\Symantec\LiveUpdate\liveupdt.hst
HOSTS\NUM_HOSTS=1
INSTALL_FOLDER=C:\PROGRA~1\Symantec\LIVEUP~1
LASTRUN\DATE=9/17/2010
LASTRUN\ERROR_CODE=0
LASTRUN\TIME=04:14:16 PM
LEGACY_INSTALL_FOLDER=C:\Program Files\Symantec\LiveUpdate
PER_MACHINE_FOLDER=C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate
PREFERENCES\CACHE_LIMIT=434750054
PREFERENCES\CORPORATE_MODE=YES
PREFERENCES\DAFCALLBACK_REMOVAL=TRUE
PREFERENCES\DISABLE_CONTROL_PANEL=FALSE
PREFERENCES\EXPRESS_MODE\AUTO_EXIT=NO
PREFERENCES\EXPRESS_MODE\AUTO_START=NO
PREFERENCES\EXPRESS_MODE\ENABLED=YES
PREFERENCES\INTERNET_CONNECT_TIMEOUT=45
PREFERENCES\INTERNET_READ_DATA_TIMEOUT=45
PREFERENCES\LIVEUPDATE_CLIENT_ID=nPj297g4pH5uscFoT4KxZJeikzw
PREFERENCES\LOGEVENTS=1
PREFERENCES\LOG_FILE_NAME=C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Log.LiveUpdate
PREFERENCES\LOG_FILE_SIZE=5120
PREFERENCES\MAX_LIVETRI_SIZE=1048576
PREFERENCES\MAX_PACKAGE_SIZE=734003200
PREFERENCES\MAX_TRIFILE_SIZE=10485760
PREFERENCES\NON_SYMANTEC_HOST=YES
PREFERENCES\OSHOST_FILE_CHECK=YES
PREFERENCES\PRIMARY_MAC_ADDRESS=00-0C-29-41-D8-AF
PREFERENCES\PRODUCT_CATALOG_BACKUPCOUNT=10
PREFERENCES\PRODUCT_INVENTORY_INTEGRITY_CHECK=YES
PREFERENCES\PROXY\FTP_PROXY=USE_IE_SETTINGS
PREFERENCES\PROXY\HTTP_PROXY=USE_IE_SETTINGS
PREFERENCES\PROXY\USE_IE_PROXY=TRUE
PREFERENCES\REQUIRED_FREE_DISK_SPACE=10485760
PREFERENCES\SETTINGS_FILE_BACKUPCOUNT=10
PREFERENCES\THROTTLE_VALUE=21.4978712266226
PREFERENCES\USEPASSIVEFTPMODE=1
PREFERENCES\WORKINGDIRECTORY=C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads
PRODUCT_CATALOG_FILE=C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Product.Inventory.LiveUpdate
SETTINGS_FILE=C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Settings.LiveUpdate

Hi ,

This is done by default!

Thanks anyway..

all seem to be fine

check the permission on your symatnec folder in ftp; give full access for everyone for testing purpose.

Hi Rafeek,

Thanks for the notice..

i checked the permission and changed,but still have the same issue...

Once again see

http://service1.symantec.com/support/sharedtech.nsf/docid/2000071310294913

Thanks Maheshroja!

Done but didn't solve the issue!b

Is there any additionel program that is required to be run on the machine while LiveUpdate is processing?

Do you have any other software in the client like download manager.If present remove it and try...

Also remove any proxy setting present in your IE...

Can i have support on this issue ? for me LiveUpdate is not working... 

what is the license you have for your clients? 

is the license still valid or expired?

what do you see in the SSC?

Hi, i was checking this link:

http://www.online-tech-tips.com/computer-tips/symantecliveupdate/

and on my clients, i see that the LiveUpdate buttom is greyed, a notice on the lock tells me that "This option has been locked by the administrator"; attached is a screen shot of what i can see ...

Can this be the cause? if yes how can i unlock it?

Thanks!

you can unlock those in your SSC.

its under clients , liveupdate option.allow users to manually launch liveupdate to enable it at registry level you can use this option

 

Hi,

I modified the following on the client machine:

HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\PatternManager

"LockUpdatePattern"=0

"EnableProductUpdates"=1

"EnableAdminForcedLU"=1

I run LUALL from start>>run , and i have the same issue

when i clicked the 'LiveUpdate' bottom from the "Symantec Antivirus Interface", i got a different product list and the ability to download virus definition...

Attached are both screen shots when running LiveUpdate for comparaison ,

But can anyone explain the difference ? i checked the running processes  while running LiveUpdate from the "Symantec Antivirus Interface" and it is the same program "LUALL" however what makes the difference in the product list?

Thanks in advance!

when you run luall.exe it will update all the symantec products installed on your machine

updating from the AV will update only that particular symantec software.

remove liveupdate; delete all liveupdate folders 

intall liveupdate put the host file

update it; 

for testing purpose can you update one client using internet....

Hi,

If i need to only update the virus definition using LiveUpdate, which program should i run ?

why should i uninstall LiveUpdate and reinstall it again?

Thanks!

Hi

I uninstalled LiveUpdate and installed it again! But still same issue...

if i need it to update the virus definition when running LUALL how should i proceed?

Hi all,

This thread is now included in the Security Solutions Contest.  Simply solve this thread, or the others listed within the contest, and you could be "King For A Week" and win a weekly prize.  Check out the blog for more details!

 

Best,

Eric

I found this command line in the logs:

-a -s [-p"Avenge MicroDefs25 SavCorp10" -l"SymAllLanguages" -v"MicroDefsB.Aug"] [-p"Avenge MicroDefs25 SavCorp10" -l"SymAllLanguages" -v"MicroDefsB.CurDefs"] [-p"Symantec AntiVirus Corporate Client" -l"French" -v"10.1"]

is it the command line checking for available virus definition?

Is there a way i can do it manually??

Hi can anyone explain what is the product name "Symantec Security Software" referring to? and why is the LiveUpdate program detecting this product rather then detecting the virus definition product "Avenge MicroDefs25 SavCorp10"?

Is it stored somewhere in the registry for example? How does LiveUpdate detecting products on the machine ?

I would appreciate that someone answer those questions as i see here the main point where the issue can be solved...

If LiveUpdate is not updating the virus definition , it is because this does not appear in the product list, and the message i receive is correct , as 0 update was found for the products in the List...

However when i run it via the UI, it  correctly downloaded updates from the ftp server download directory, as the AV definition product "Avenge MicroDefs25 SavCorp10" basically figured in the products list!

This make sense to me...

I attached again both screen shots an would really appreciate an answer...

Thanks in advance!

In Control Panel -Liveupdate -- Configure your Proxy settings.

MHH, I was able to reproduce your issue. I had Symantec 10 client machine (also with locked LiveUpdate user interface) and it didn’t update from my local live update server (via ftp on the same Lan and no firewall, proxy, etc.) The client machine was giving the same message you were receiving that it didn’t find any updates available. I was trying Start  > Run > luall.exe to update the virus definitions.

Hello Peter,

This is working for me as a solution :)

Strange we are on the same phase ;)

Thanks for the notice about  vpdn_lu.exe it was mainly in the luadmin guide, but i was more oriented on the LUALL service !

However i still need an answer about when running it with the LUALL command line , how should we proceed for definition updates ????

Thank you for your Help!

And really thanks to everyone who contributed to give support and ideas to solve this issue!

MHH, glad you found solution.

Your problem when using luall is that you need to tell it what product(s) exactly you want to download updates for. You do it with a command line similar to the following and the parameters can be found in the Windows Registry (or you can use the SymbatchDiag or SymBatch Symantec support tools to extract this product info).

C:\PROGRA~1\Symantec\LIVEUP~1\LUALL.EXE -s "-a [-p"Avenge MicroDefs25 SavCorp10" -l"SymAllLanguages" -v"MicroDefsB.Sep"] [-p"Avenge MicroDefs25 SavCorp10" -l"SymAllLanguages" -v"MicroDefsB.CurDefs"] [-p"Symantec AntiVirus Corporate Client" -l"English" -v"10.1"]

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\LiveUpdate\CmdLines]

[HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\LiveUpdate\CmdLines\CmdLine1]
"ProductLanguage"="SymAllLanguages"
"ProductType"="HubDefs"
"ProductVersion"="MicroDefsB.Error"
"ProductName"="Avenge MicroDefs25 SavCorp10"

[HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\LiveUpdate\CmdLines\CmdLine2]
"InLuCmdLine"=dword:00000000
"ProductLanguage"="SymAllLanguages"
"ProductName"="Avenge MicroDefs25 SavCorp10"
"ProductType"="CurDefs"
"ProductVersion"="MicroDefsB.Error"

[HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\LiveUpdate\CmdLines\CmdLine3]
"ProductName"="Avenge MicroDefs25 SavCorp10"
"ProductLanguage"="SymAllLanguages"
"ProductVersion"="MicroDefsB.CurDefs"
"ProductType"="CurDefs"

[HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\LiveUpdate\CmdLines\CmdLine4]
"ProductLanguage"="French"
"ProductVersion"="10.1"
"ProductType"="Update"
"ProductName"="Symantec AntiVirus Corporate Client"

Hi Peter,

My question was, when running LUALL from Start>>run i don't see both products "Symantec AntiVirus Corporate Client" and "Avenge MicroDefs25 SavCorp10"; i see a different product "Symantec Security Software" which is not normal, because LiveUpdate is supposed to detect all Symantec products on the machine...

The command you mentionned appeared to me in the logs, when running the  vpdn_lu.exe service, maybe it is working with LUALL.exe but it does not answer my question which is if i am running LUALL manually why it is not downloading the latest virus definition???

For me it is because of the product "Avenge MicroDefs25 SavCorp10" that does not appear in the product list , so the normal case is that Symantec won't find update for it!

Rafeeq, you mentioned something about that is the global product, can you give us answer if you have better understanding?

my understanding is ; when you install diff products of symantec on the same machine; the lists get  added to the product.inventory file

this is what luall.exe reads to get what is needed..on successful update it wil create a file called Product.Inventory.LastGood.LiveUpdate

same like LKGC in windows; next time it would read this; 

Hi Rafeeq,

The Symantec products i have on my machines are only LiveUpdate and Symantec Antivirus Corporate Client, i see LiveUpdate appearing in the product list but i don't know what should the "Symantec Security Software" product stands for ??

Thanks!

that would refer to one of the securty product installed might be :)

Your clients have valid license?

 

Please check the DCOM Settings as per this document

http://www.symantec.com/business/support/index?page=content&id=TECH99867&locale=en_US