AppDeploy > Package Knowledgebase

Search AppDeploy

Home > The Package Knowledge Base > Norton AntiVirus 10.x

Norton AntiVirus 10.x

Company:	Symantec
Setup Type:	Native Windows Installer setup (MSI)
Package Difficulty Rating:	[ Rate It or View Ratings ]
Most Commonly Reported Method:	Windows Installer Command Line (No MST)
Record Created On:	9/16/2005
Number of Views:	41,068

Software Knowledge Base: The software knowledge base contains details on over 60,000. The closest record matching this software package is displayed here. Browse the Software KB directly to find similar records.

Software Knowledge Base

Full Name: Norton AntiVirus

Version: 10.1.2

Uninstall String: /Applications/Norton AntiVirus

Categories: Unknown

Threat: Unknown

View the full Software Knowledge Base profile

Download AppDeploy Scanner

Command Lines: Command line details for installation and removal of this software. Details may include available command line arguments and/or public properties.

Command Lines

Command Lines (3 Entries)

The addition of the following property: LOCALCACHEDRIVE=C added to my transform resolved a Windows GPO deployment issue with Symantec Antivirus 10.0.0.359.

With the later release of Symantec Antivirus 10.0.1.1000, this Property is no longer required.

Above Entry Provided on 7/8/2005 by BobTheBuilder

Rate It

Rating
116

First thanks for the very good job done here !

You can add the RUNSCAN=0 to the command line to disable scan execution after installation.

To package updated definitions to your deployement package, replace files in VDefHub.zip files with last definition (from C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs or similar).
The definition directory should contain files like viruscanxx.dat.

Above Entry Provided on 10/1/2006 by marko

Rate It

Rating
117

For Symantec Antivirus Corporate Edition v10, I am using the following script for silently installing, then silently updating. Currently I am using a batch file shown below via a Novell login script (works fine). Very basic I know, but it's one of my first deployments! :-

@echo off
cls

if exist "c:\program files\symantec antivirus\vpc32.exe" goto end1

echo Symantec Antivirus v.10 Corporate Edition
echo Software Installation Routine
echo.

:install

msiexec /i \\servername\volname\foldername\sav10\clt-inst\win32\symantecantivirus.msi /qb RUNSCAN=0 RUNLIVEUPDATE=1 REBOOT=REALLYSUPPRESS

:end1
copy \\servername\volname\foldername\sav10\clt-inst\win32\station8.grp c:\ins
goto end

:end

- I am using a basic marker file (.grp) to reference installation (or attempted installed) on the PC.

- The only thing this does not do is run a scan, but I use the MMC snapin for Symantec Antivirus Corporate Edition for which I have scheduled scans accordingly.

Above Entry Provided on 1/2/2008 by darkmarauder

Rate It

Rating
116

Add an Entry

Notes: Shared "notes from the field" covering how to handle the automated installation of this software.

Notes

Notes (5 Entries)

Use the following command line to deploy SAV to a client via a login script or whatever. Bear in mind that the installation requires local admin permissions (there are ways to get around this - google CPAU - it's a free RUNAS utility). BTW, this works - I've used it to deploy SAV to over 1200 PCs and 5000+ users. Just copy the entire contents of the SAV client installation folder to a temp folder on the client PC and run the installation from the client PC.

The following command should be on 1 line (no wraps):

msiexec.exe /i SAV10.msi REBOOT=ReallySuppress INSTALLSERVER=0 NETWORKTYPE=1 SERVERNAME=GIS RUNLIVEUPDATE=0 ADDLOCAL=SAVMain,SAVUI,SAVHelp,QClient /qb!

1.The msi has been renamed to SAV10.msi and can be run directly. Come on Symantec, use the 8.3 naming convention!!

2.ReallySuppress means the installation will NEVER prompt to reboot the PC.

3.INSTALLSERVER=0 means this is a client installation (Windows XP, etc.) and not a server installation.

4.NETWORKTYPE=1 means this is a managed installation (as opposed to be an unmanaged install that will not look to a primary server for virus def updates)

5.SERVERNAME=GIS means that the name of the primary server that this client will look to for virus defs and program settings is called GIS. Change the name to match your primary server.

6.RUNLIVEUPDATE=0 means don't run LiveUpdate after the installation is complete

7.ADDLOCAL=SAVMain,SAVUI,SAVHelp,QClient means install all features except for the crappy email plugin that hoses the PC anyway.

8./qb! is an msiexec.exe switch and is used to hide buttons on the installation dialog. Basically it shows the install progress (and errors) but does not allow the user to cancel the installation.

A couple of other notes.

1.It's best to do this install from a script because you're going to need to copy down the .cer certificate file from the primary server to the C:\Program Files\Symantec AntiVirus\pki\roots\ folder on the client PC. You'll need to do this so the client will communicate with the primary server and receive virus def updates. This was the biggest problem I had to solve!

2.You may also want to copy GRC.dat from the primary server to the C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\ folder on the local PC. This makes sure all of SAV's programs settings and options (that you configured on the primary server) are implemented on the client PC. This step may not be necessary are you are already identifying the primary server on the command line.

3. If you're using a firewall or Windows Firewall (in XP), be sure to make the necessary exceptions (2967 TCP and perhaps a program exception of C:\Program Files\Symantec AntiVirus\Rtvscan.exe).

4.Reboot the PC after the installation is complete.

5.Don't worry about installing SymEvent. SAV already has the latest version as of the date of this post.

I hope this helps other folks. I'll surely went through - HELL - troubleshooting this over Christmas and would like to see others benefit. Knowledge should be free!

Wally Beck
Network Admin - Gainesville State College

Above Entry Provided on 1/25/2006 by wbeck

Rate It

Rating
119

In order to bypass a password protected install to uninstall it you must edit the registry and change the bits in the following lines from 1 to 0. That will effectively disable the password protection and allow you to silently and automatically remove the application prior to installing a new version.

[HKEY_LOCAL_MACHINE\SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion\AdministratorOnly\Security]
"LockUnloadServices"=dword:00000001
"UseVPUninstallPassword"=dword:00000001

Change to:
"LockUnloadServices"=dword:00000000
"UseVPUninstallPassword"=dword:00000000

We never used a password, but somehow it got set. You can remove this from a future MSI installation by directly editing the MSI and removing the two rows containing the "CheckUninstallPassword.(random_numbers)" in the tables. First remove it from the CustomAction table, then remove it from the InstallExecutionSequence. You highlight the entry, right click and then select "Drop Row". Afterwards select File, Save and you are done. Now after it is deployed it will not prompt for a password when removing it.

Above Entry Provided on 8/2/2006 by Wildhair

Rate It

Rating
119

I was getting 1721 errors after I did a msiexec /a network install both before and after I patch the admin install point. It appears Live Update won't install because it can't find lusetup.exe. Navigate to your CD and copy it over to the root of your install point. The install finished for me after that.

Above Entry Provided on 12/28/2006 by schieb

Rate It

Rating
117

This is the easyway...

1. install the symantec av server
2. copy from Programms\SAV\CLT-INST\ the folder WIN32 in a share
3. create a gpo to deploy the symantec*.msi file

thats it.

Above Entry Provided on 12/28/2006 by garftermy

Rate It

Rating
117

I utilize Zenworks 7 to distribute msi/mst. Had terrible time with mst for SAVCE 10.1.6000 client. What worked was on a clean vmware session of XP SP2 I installed the package and made all my time schedule changes, quarantine/delete options, no scan network drives etc. basically any customized modifications.Open regedit to HKLM/software/intel/landesk/virusprotect6 exported that registry key.

Locate the newest virus definition located in program files/common files/symantec shared/virusdefs/ex..20070510.025 Select all files within and utilize winzip to add and replace the files within the vdefhub.zip which is file within the sav directory where the symantec antivirus.msi is located. This is to not receive the virus defs older than 30 days message.
SAV directory place on network with created reg export, and modified vdefhub zip file.

Create an application object for symantec antivirus.msi with a distribution option where you would import the reg file you created. I push it out as unsecure system user so it will install with elevated priveledges-Power users etc.. Uninstals previous versions;installs new version;prompt for reboot;no problem.

I Use regmon to find those hard registry entry locations

Above Entry Provided on 5/10/2007 by roklivon

Rate It

Rating
117

Add an Entry

Virtualization: Information regarding how to work with this software in creating a virtual deployment package for products like Altiris SVS and Microsoft SoftGrid.

Virtualization

No information at this time. Discuss this package in the forum or click here if you have something to contribute!

Terminal Services: Notes on how to address problems working with this software in a Terminal Services session as with Citrix shared environments.

Terminal Services

No information at this time. Discuss this package in the forum or click here if you have something to contribute!

Related Links: Additional resources to reference in regards to the deployment and configuration of this software.