Symantec Endpoint Protection 12.1: How to roll back the BASH definitions to a known good version
Last Updated June 29, 2011
How to roll back the BASH (Behavioral Analysis and System Heuristics) definitions to a known good version:
From the command line, navigate to the following directory: C:\Program Files\Symantec\Symantec Endpoint Protection\ ... and run smc -stop
Go to the following directory: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Definitions\BASHDefs
The current version of the BASH definitions will be in the yyyymmdd.rev folder, e.g. 20110514.001
Create a “incoming” directory within the BASHDefs directory.
Copy the known good BASH definition files into the "incoming" directory. A known good version of the BASH definitions can be obtained from the BASHDefs.zip in the SEP directory of the software installation CD or DVD, or you can use the contents from the current yyyymmdd.rev folder of a known good SEP client installation.
Run smc -start
Launch LiveUpdate and then cancel it.
Imported Document ID: HOWTO53366
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe