"Antivirus Update failed" error and troubleshooting tips

Solution

Overview

Some of the most common "Antivirus Update failed:" error messages are the following:

1) DNS name not resolved.
2)
Failed to parse new filelist file.
3)
Unable to connect with remote host.
4)
AVUpdater: test FAILED
5) Could not get antivirus engine update location.
6) Could not unzip antivirus update Error code 9 (the specified zipfiles were not found).
7) Could not unzip antivirus update Error code 50 (the disk is (or was) full during extraction).
8) Could not unzip antivirus update Error code 259
9) failed! "Default" HTTP
 error occurred. Status code: 500. Host: av-download.bluecoat.com:443
10) failed! "default state unable to connect with remote host.
11) failed! "default state HTTPS client error: server does not reply on handshake
12) paused: cannot connect to av-download.bluecoat.com:443

Cases 1), 3) and 5) The ProxyAV is inability to connect to AV update server.
Cases 2), 5), 6) AV update server has been connected but the downloaded content is not complete or incorrect.

In previous cases, for further troubleshooting you can enable HTTP AV download (disable checkbox "Enable Client/Server HTTPs connection" in page: Advanced - SSL Client ) and try to force an update again.If it will not fix the problem a packet captures will be useful to to understand what AV server replies, and what part of the AV update file has been downloaded successfully.

Cases 4), 7) could happen due to some ProxyAV bugs fixed in version 3.1.1.3

Case 8)   is generated when the antivirus definition unzip process could not finish on time. It generally means that the ProxyAV is heavily loaded and not able to allocate enough CPU power for the virus definition unzip process. When this message is present, try configuring the ProxyAV to update its virus definitions off peak hours. (from /articles/Solution/CouldnotunzipantivirusupdateErrorcode259)

Cases 9), 10), 11), and 12) are caused by issues with HTTP certificate exchange between the ProxyAV appliance and the AV update server. If a ProxySG appliance is in the path between the ProxyAV and the Internet, ensure that SSL interception is bypassed for the ProxyAV IP address. If this is not the case, refer to 000016296 for more information.

Cause
Resolution
Workaround
Additional Information
Bug Number
InQuira Doc IdFAQ1769
Attachment

Article Feedback

Did this Article solve your issue?
Additional Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat