Answer
PROBLEM
An antivirus engine definition has become corrupt and cannot be initialized or successfully complete Auto-Updates.ENVIRONMENT
- GFI MailEssentials
- All supported environments
SOLUTION
There are two ways to initiate the update.
Solution 1
Solution 1
- Navigate to the following directory <GFI MailEssentials installation path>\GFI\MailEssentials\Updater\sed and delete the following files:
- trojandb_current_revision.txt
- trojandb_current_revision.txt.checked
- trojandb_current_revision.txt.tmp
- Open Services.msc and restart the GFI MailEssentials AV Scan Engine and GFI MailEssentials Autoupdater services.
- Open the MailEssentials Configuration and navigate the drop-downs to Email Security > Virus Scanning Engines > Trojan & Executable Scanner > Updates.
- Click Download Updates and click Apply.
- Verify that the definitions successfully installed on the Update status section.
If the above steps do not update the definitions a manual update is required in order to clear the possible corrupt definitions out of the GFI MailEssentials directories. Follow the steps below in order to complete the manual update process.
- Open a browser and navigate to http://cdnupdate.gfi.com/
- Navigate to the following directory incav2 > trojandb > C1 folder and click the trojandb_current_version.c1.zip link to download the latest Trojan and Executable definitions.
- After the download has completed you will need to navigate to service.msc and stop the SMTP or transport service (note this will stop mail flow and queue the messages in Exchange until restarted).
- In services.msc console locate and stop all gfi services related to MailEssentials.
- Extract the downloaded zip from step 2 to the following location <GFI MailEssentials installation path>\GFI\MailEssentials\Updater\sed overwrite when prompted by windows.
- Navigate to the directory where you just extracted the files to from the previous step, <GFI MailEssentials installation path>\GFI\MailEssentials\Updater\sed, and locate the file trojandb.zip
- Extract the trojandb.zip twice to the following locations (overwrite when prompted):
- <GFI MailEssentials installation path>\GFI\MailEssentials\EmailSecurity\Engines\sed
- <GFI MailEssentials installation path>\GFI\MailEssentials\EmailSecurity\Engines\Backup\SED
- Start all services stopped in step 3 and 4.
- Open the MailEssentials configuration and verify that the Trojan and Executable scanning engine has been updated Successfully with the latest version
CAUSE
- The definitions files were corrupted and that can cause update failures.
- Third party antivirus or backup scanning of the GFI MailEssentials folders can corrupt definitions.
- Content filter type Hardware firewalls can corrupt the MD5 checksum during the update process please verify the proper exclusions are in your hardware firewall for successful updates. See the following article for the current update sites needed to be excluded in your firewall https://www.gfi.com/support/products/gfi-mailessentials/What-sites-are-used-for-GFI-Product-Updates