Search

All of Symantec All of Symantec Support Viruses & Risks Home & Home Office Small Business Enterprise Partners VERITAS

Question/Issue:
You suspect that a computer is infected with a new threat. Scanning with the latest Intelligent Updater virus definitions does not find any threats.


Solution:

---

Before you begin: If you are using Symantec AntiVirus Corporate Edition 10.0 or Symantec Client Security 3.0, read the document Using Rapid Release virus definitions to update Symantec AntiVirus 10.x or Symantec Client Security 3.0 clients and servers.

---

There are four methods for updating virus definitions:

Update the computer using the latest available Rapid Release virus definitions. Follow the directions that apply to the antivirus program version.

To download and apply Rapid Release virus definitions for Symantec AntiVirus Corporate Edition

1. Go to the Rapid Release folder on the Symantec FTP site.
2. Click the .xdb file with the latest date, and select Save to disk.
3. If the .xdb file downloads with a .zip extension, remove the .zip extension by renaming the file.
   The file name should be similar to the following:
   vd12bc02.xdb
4. Copy the .xdb file to one of the following destinations, depending on the version of Symantec AntiVirus and the operating system:
   • For NetWare servers, the default location is SYS:SAV.
   • For antivirus servers on Windows operating systems, the default is C:\Program Files\SAV\ for Symantec AntiVirus 8.x, or C:\Program Files\Symantec AntiVirus for Symantec AntiVirus 9.x.
   • For clients running Windows 2000/XP, the default is either C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\ or C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\.
     The Application Data folder may be hidden. To show hidden and system folders, read the document How to make Windows show all files.
   • For clients running Windows NT 4.0, the default is C:\WinNT\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\.
   • For clients running Windows 98/Me, the default is C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\ or C:\Program Files\Symantec AntiVirus\.

To automatically download Rapid Release virus definitions for Symantec AntiVirus, read the document Using a modified Cegetter utility for downloading Rapid Release virus definitions for Symantec AntiVirus Corporate Edition.

To download and apply Rapid Release virus definitions for Norton AntiVirus Corporate Edition

1. Go to the Rapid Release folder on the Symantec FTP site.
2. Download and run symrapidreleasedefsx86.exe.
3. Virus definitions are now updated on the computer that ran the Intelligent Updater.

About Rapid Release virus definitions
Several times a day, all new detections are compiled into a new Rapid Release virus definition set, which is then posted to the Symantec public FTP site. Rapid Release virus definitions are created whenever Symantec Security Response receives a new virus sample. The purpose of the Rapid Release virus definitions is to aid corporate customers in the event of a new virus infection. In a networked environment, it is possible for an undetected virus to spread quickly. Using Rapid Release virus definitions is a proactive effort to prevent the spreading of a new virus.

Rapid Release virus definitions have undergone basic quality assurance testing by Symantec Security Response. The primary focus of these definitions is the rapid detection of newly emerging threats. The definitions may be augmented later with more robust detection capabilities. While Symantec Security Response makes every effort to make sure that all virus definitions function correctly, you should understand that Rapid Release-quality virus definitions do pose some risks, such as the higher potential for false positives. Rapid Release definitions are most useful for perimeter defenses or for all protection tiers as a means of mitigating fast spreading virus outbreaks.

Once a day (or as needed to respond to high level virus outbreaks), all new detections added as Rapid Release definitions go through the complete QA process, including testing for false positives and testing for all active Symantec products on all platforms. Once the Rapid Release definitions pass the full QA process, they are then posted as Intelligent Updater and LiveUpdate definitions.

References:
For additional information regarding virus definition updates, read the document that applies to the antivirus program version:

• For Symantec AntiVirus 8.x and 9.x, read the document How to update virus definitions for Symantec AntiVirus Corporate Edition
• For Norton AntiVirus 7.x, read the document How to update virus definitions for Norton AntiVirus Corporate Edition

Document ID: 2003100110562848
Last Modified: 04/27/2005
Date Created: 10/01/2003
Operating System(s): NetWare 5, Windows 95, Windows 98, Windows NT 3.51, Windows NT 4.0, Windows 2000, Windows Me, Windows XP
Product(s): Symantec AntiVirus Corporate Edition 8.0, Symantec AntiVirus Corporate Edition 9.0
Release(s): SAV 8.0 [All Releases], SAV 9.0 [All Releases]

Site Index · Legal Notices · Privacy Policy · · Contact Us · Global Sites · License Agreements