How to manually update Lumension Anti-Virus definition files

Version 2

    Details

    Lumension Endpoint Management and Security Suite (LEMSS) with Lumension Anti-Virus (LAV) 7.2

     

     

    BACKGROUND

    Some company security policies require an infected endpoint be taken off the network prior to updating the Anti-Virus definitions and performing additional scans.  This means the endpoint is not able to communicate to the LEMSS server to receive updated Anti-Virus definitions.

     


    Resolution

     

    PROCEDURE

    For HEATsoftware Anti-Virus, use the following steps to update LAV definitions in the event the endpoint has to be taken offline:
    NOTE:  Please ensure the AV Definition files on the LEMSS server are updated!

    • On the LEMSS server, locate the Anti-Virus definition files in the Install Directory\HEAT Software\EMSS\Content\AntiVirus\Definitions folder
    • Based on the Operating system architecture, the following files needs to be copied to a removable storage device
      • 32bit Operating System av32bit\avx folder.

    AvCopy.JPG

      • 64bit Operating System \av64bit\avx folder.

    Avx64.JPG

    • On the infected endpoint, stop the LEMSS Agent service in Windows Services
    • Insert the removable media storage device and replace the files in C:\ProgramData\HEAT Software\EMSSAgent\data\persist\live\AV\ScanEngine\1 folder
    • Start the LEMSS Agent service in Windows Services
    • Launch HEATsoftware EMSS Agent Control Panel, click on AntiVirus followed by Scan Now & Events
    • Click on scan now

     


    C:\Program Files (x86)\HEAT Software\EMSS\Content\AntiVirus\Definitions\av32bit\avx