Jump to content

SAV 9 - Symantec AntiVirus 9.0


prathapml

Recommended Posts

could we have a detailed article on how to install/pre-configure SAV 9.0? :)

And also, about how to have the updated patches and anti-virus definitions merged into install source?

I'm sure many of you have done this before successfully. Please consider taking up the above request. :rolleyes:

Update: here's a good, and confirmed to work properly, guide - made by mazin.

Guide for SAV's AIP

Before you use this guide, make sure SAV isn't installed on your system. Otherwise, you'll get errors when creating the Administrative Installation Point.

Create a folder anywhere on your hard disk and name it whatever you like. I'll assume you name it "SAVSource".

Copy the following files into "SAVSource":

1- 0x0409.ini (for French version, you need 0x040c.ini, instead)

2- Setup.ini

3- setup.exe

4- Data1.cab

5- Symantec AntiVirus.msi

Those 5 files are copied from your CD (of version 9.0.0.338), of course.

6- SAVCE_9.0.0.1400_AllWin_EN .msp

This file is extracted from SAVCE_9.0.0_mp2.zip (3 MB) downloadable from here.

(for French version, you download this, instead.)

7- yyyymmdd-###-i32.exe

It's usually 5+ MB in size and can be downloaded from here. The file I'm using in this guide is named 20040828-003-i32.exe!

(for French version, you start here, instead.)

8- lusetup.exe

It's 2.5+ MB in size and can be downloaded from here.

9- remote.cmd

The following quote shows the contents of remote.cmd!

cls

@echo off

ECHO Creating AIP

start /wait setup.exe /A /V"/QB TARGETDIR=%systemdrive%\SAV91400" :D

sleep 30

copy lusetup.exe %systemdrive%\SAV91400\CommonAppData\Symantec\LiveUpdate\LuMMInst\Lsetup.exe

ECHO Patching AIP

copy "SAVCE_9.0.0.1400_AllWin_EN .msp" %systemdrive%\SAV91400\savce1400.msp

start /wait msiexec /p %systemdrive%\SAV91400\savce1400.msp /a "%systemdrive%\SAV91400\Symantec AntiVirus.msi" /QB

del %systemdrive%\SAV91400\savce1400.msp

ren "%systemdrive%\SAV91400\Symantec AntiVirus.msi" SAV.msi

ECHO Updating AIP Virus Definitions

attrib -r "%systemdrive%\SAV91400\program files\Symantec AntiVirus\Virus Defs\*.*"

start /wait 20040828-003-i32.exe /Extract /Q "%systemdrive%\SAV91400\program files\Symantec AntiVirus\Virus Defs"

exit

Before you run remote.cmd, make sure you put sleep.exe in your system32 or Windows folder.

After remote.cmd exits, you should have your AIP created (ready steady) as a folder in your system drive and named SAV91400.

Now, delete "SAVSource" folder, as it's no longer needed.

To install SAV using your AIP, add these lines to your batch file:

ECHO SAV 9.0.0.1400 V.Defs updated 28.8.2004

start /wait %systemdrive%\Install\SAV91400\SAV.msi /QB RUNLIVEUPDATE=0 REBOOT=ReallySuppress

Edited by prathapml
Link to comment
Share on other sites


How to install it can you find in this topic:

Direct from the CD:

MSI_FAQ.txt

******************************************************************************
Symantec AntiVirus Corporate Edition 9.0             MSI_FAQ.TXT
Copyright 2004 Symantec Corporation.         All rights reserved. March 2004
******************************************************************************

This file is a list of the most commonly used MSI commands for Symantec
AntiVirus and Symantec Client Security. For a complete list of commands,
properties, and features, see the Symantec Knowledge Base.


BASIC MSI commands
------------------
/QN - Quiet No UI
/QB - Quiet Basic UI
/L*V log.txt - full verbose logging to file log.txt


BASIC MSI properties
--------------------
REBOOT=REALLYSUPPRESS


SAV properties
--------------
INSTALLSERVER= (1 = Server, 0 = Client, Default is client)
SERVERGROUPNAME= (New or prexisting servergroup)
SERVERGROUPPASS= (New or prexisting servergroup password. The default
                         is symantec)

NETWORKTYPE= (1 = Managed, 2 = Unmanaged, default is Unmanaged)
SERVERNAME= (preexisting SAV Servergroup)

RUNLIVEUPDATE= (run LiveUpdate during install = 1, do not run LiveUpdate=0,
               default is On)

ENABLEAUTOPROTECT= (1 = ON, 0 = OFF, default is On)

INSTALLDIR= (Install target directory, default is C:\Program Files\
            Symantec AntiVirus)

SERVERPARENT= (e.g. SERVERPARENT=MySavServer)
Note: For a secondary server silent install from the command line, you must
set the SERVERPARENT property to the Parent server computer name. When doing
a UI or Symantec System Center rollout install, setting this property is not
required.  


SAV features
------------
EMailTools
NotesSnapin
OutlookSnapin
Pop3Smtp
QClient
SAVHelp
SAVUI


Adding and removing features
----------------------------
To remove existing features:

REMOVE=<feature1>,<feature2>,<feature3>

To add new features:

ADDLOCAL=<feature1>,<feature2>,<feature3>, <existing feature 1>,
        <existing feature 2>, etc.

Note: When adding new features using ADDLOCAL, any existing features on the
target computer that you want to retain must be included in the features that
you are specifying. The installation will remove any features on the target
computer that are not listed.


Command line example
--------------------
This example demonstrates a silent Symantec AntiVirus Server installation.
The server is named MYSAVSERVER and uses the password MYSAVPASSWORD.
LiveUpdate is not run, and the server is not restarted even if its required.

Sample command line:
setup /s /v"/l*v log.txt INSTALLSERVER=1 SERVERGROUPNAME=MYSAVSERVER
SERVERGROUPPASS=MYSAVPASSWORD RUNLIVEUPDATE=0 REBOOT=REALLYSUPPRESS"

The best way to install newest updates is this one in my opinion.

And you can download the newest updates here

But like this it won't be 'merged' into source, but at least it's easy maintainable. (Which is more important IMHO)

Link to comment
Share on other sites

Actually, I've used the informations contained in the MSI_FAQ.txt in order to have a silent Installation, but it crashes with error... I have to recheck my commandline.

A patch exists for SAV9, but it is in .MSP format, so I don't now how to install it. Maybe we can slipstream it... I need help for this :)

Here is the link : http://www.symantec.com/techsupp/enterpris..._9.0/files.html

For the virus definition, simple download the lastest Symantec Security Responce Intelligent Updater and run it with the /Q- switch. (downland the x86 and not the i32 version)

Here is the link : http://securityresponse.symantec.com/avcen...s.download.html

Link to comment
Share on other sites

That's great news!

You find the warez which already have the build1400 update integrated. How they do it is described below.

Slipstream SAV9 Update

1. Run a setup.exe /A (admin install point)

2. Get AV-defs (get the i32 version) from here

3. Save it in a folder, and then change into that directory using the command-prompt. Create a new folder called "updts".

3. Extract the above-mentioned exe using "/EXTRACT .\updts" switch, and in the admin-install folder, over-write files in "\program files\Symantec AntiVirus\Virus Defs" with all files from the extracted i32 update.

2. extract "SAVCE_9.0.0.1400_AllWin_EN .msp" from the update (see previous post) .zip and place it into the SAV9 admin/server-image install dir.

3. Open a command-prompt into that directory, and use the following command:

msiexec /p "SAVCE_9.0.0.1400_AllWin_EN .msp" /a "Symantec AntiVirus.msi" /QB

So there it is, AV-updates and latest SecurityCenter patch merged into the distribution source. Now, can we have more details from ppl who have successfully pre-configured their SAV?

I mean, how to:

1. Disable the LiveUpdate that comes up at the end of install?

2. Disable Automatic updating

3. And whatever else, interesting things you ppl have found out.

Edited by prathapml
Link to comment
Share on other sites

Thanks for the info prathapml but unfortunately I have some minor issues still.

I followed yor instructions but after a succesfull install (in vmware) I still needed two liveupdates to get it updated.

Any ideas how to solve this? :/

Link to comment
Share on other sites

OK, understood what the problem is. :) (you can now edit out those screenies)

The SAV isn't ever satisfied with what is already there (even if it is the latest already) - it necessary always wants to go out and download the latest updates - I saw this being discussed somewhere - there's probably a registry entry, or a file signature somewhere which we aren't able to update when we merge the newest virus definitions.

Well, no probs as long as you can manually deny it permission to update itself, when you already *KNOW* that it has the latest it could get. :rolleyes:

Link to comment
Share on other sites

Ok, my workaround so far is to simply call the manual virusupdate with the /Q switch.

I get an error doing this if I don't move/copy the file to the target system first (to be deleted afterwards).

This wil result in an updated definition but as you mentioned SAV still likes to update anyway :)

Also, executing a .msi file with the /qn switch gives me a nasty pop up if the publisher is unknown (fe the newly build SAV package)

Will this show during unattended install?

Link to comment
Share on other sites

executing a .msi file with the /qn switch gives me a nasty pop up if the publisher is unknown

Will this show during unattended install?

Hmm.... I suppose if it shows up during your testing in normal windows mode, it would do the same during uA setup as well.

I would gladly use the update with /Q switch, but my only gripe with it is that it would end up swelling the size of my CD - so I prefer to replace the existing defs with new - which Symantec still isn't satisfied with - I suppose it thinks we are a bunch of lying kids, so it asks its mother and confirms the news. :)

Link to comment
Share on other sites

Yes.

Make that entire install folder compressed into an SFX archive which silently extracts to "%SystemDrive%\install\Applications\" folder from CD. The next command after that can be to run "%SystemDrive%\install\Applications\SAV\whatever.msi /whatever".

Easy, and at the end of the process, the space SAV occupies on your CD is reduced from its original size.

Link to comment
Share on other sites

bleh my install of SAV wont work :S

using

ECHO.

ECHO Installing SAV 9.0

start /wait %systemdrive%\install\Applications\SAV\sav.msi /QN INSTALLSERVER=1 SERVERGROUPNAME=Boxen SERVERGROUPPASS=****** NETWORKTYPE=Managed RUNLIVEUPDATE=1 REBOOT=REALLYSUPPRESS

and having :
Directory of c:\XPCD\$OEM$\$1\Install\Applications\SAV

12/08/2004  03:14    <DIR>          .

12/08/2004  03:14    <DIR>          ..

14/04/2004  21:21      4,817,612 SAV.msi

            1 File(s)      4,817,612 bytes

            2 Dir(s)  133,503,991,808 bytes free

I get the "Installing SAV 9.0" echo.. and then there is a gap while it does something.. then it goes onto the next program. However when the process finishes SAV has not been installed into the \program files\ and there is no Sheild icon in the system tray. The program has not been installed.. and I dont know why, can any one help me please?

many thanks

Buzzons

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...