CLOUD SOLUTIONS

Troubleshooting Bitdefender Endpoint Security Tools update errors

This section contains a list of errors that might be encountered during a Bitdefender Endpoint Security Tools update and the applicable troubleshooting steps

BEST error message -3

This section explains how to troubleshoot the error message -3 occurred during an update of Endpoint Security by Bitdefender, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Note

This section applies to Endpoint Security, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Error -3 occurs when Bitdefender Endpoint Security cannot download updates over the internet.

Possible Causes

The error occurs usually when the endpoint cannot download updates from upgrade.bitdefender.com due to internet restrictions in the network, such as firewalls, content filtering, proxies, etc.

Resolution

Please check your gateway security solution logs for any blocked traffic to upgrade.bitdefender.com or update.cloud.2d585.cdn.bitdefender.net.

Note

To speed up troubleshooting, please also provide support tool logs from the affected workstation and associated relay/appliance. Read also Using the Support Tool to learn how to use the GravityZone LogCollector for troubleshooting.

BEST error message 1002

This section explains how to troubleshoot the error message 1002 occurred during an update of Endpoint Security by Bitdefender, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Note

This section applies to Endpoint Security, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Error 1002 stands for "Could not resolve server" and it is received when the endpoint cannot resolve the hostname of the remote update server.

This is usually a DNS problem and you need to make sure that the endpoint can properly resolve the update server hostname.

Troubleshooting Steps
  1. From the endpoint target machine, send a ping request to the update server hostname and verify what IP address it resolves:

    Ping update_server_IP

    Ping update_server_hostname

  2. If the IP address does not correspond with the one assigned to the update server, then you can try to send the following command to the endpoint machine to reset the DNS:

    ipconfig /flushdns

If the situation persists, you need to run the troubleshooting process on your DNS server and make sure that the update server name is resolved properly by the machines in the network. More specifically, verify the entries in the DNS server and make sure they exist and the hostname and IP is correct.

Until this is fixed, the only workaround is to change the update server format in the GravityZone policy, from hostname to IP address. For example: 192.168.0.1:7074

Note

To speed up troubleshooting, please also provide support tool logs from the affected workstation and associated relay/appliance. Read also this KB to learn how to use the GravityZone LogCollector for troubleshooting.

BEST error message 1011

This section explains how to troubleshoot the error message 1011 occurred during an update of Endpoint Security by Bitdefender.

Note

This section applies to Bitdefender Endpoint Security on Windows, Linux and Mac.

Error 1011 stands for I/O timeout and it is received when the endpoint fails to reach the designated update server as it times out.

Possible Causes
  • The update server is offline

  • The update server port is closed on 7074

  • The endpoint does not have access to the update server network location

Troubleshooting Steps

As this is a connectivity issue, you need to run a number of checks to see exactly where the problem is:

  • Verify that the update server is up and running by doing the following:

    • If the update server is a relay, check that epupdateserver.exe is running. If not, you can start it manually from Services.

    • If the update server is located on the GravityZone appliance or Linux Relay, you can try to restart the update server service with the following command:

      sudo service arrakis restart

  • From the endpoint, verify that you can ping the update server:

    Ping IP_updateserver 7074

  • Verify that port 7074 is reachable from the endpoint by sending a telnet command:

    telnet IP_updateserver 7074

  • Open the 7074 port, if closed on the update server.

Note

To speed up troubleshooting, please also provide support tool logs from the affected workstation and associated relay/appliance. Read also this KB to learn how to use the GravityZone LogCollector for troubleshooting.

BEST error message 1018

This section explains how to troubleshoot the error message 1018 occurred during an update of Endpoint Security by Bitdefender, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Note

This section applies to Endpoint Security, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Error 1018 stands for "Http/404 Status Code - Not Found" and it is received when the endpoint cannot download all the files from the update server as they are missing.

Possible Causes

The endpoint receives a list of files to download from the update server, but it fails to download them because the files are missing.

Resolution

The issue is caused by the local update server. To determine if the server is updating properly, please open an email ticket via the web form.

Note

To speed up troubleshooting, please also provide support tool logs from the affected workstation and associated relay/appliance. Read also this KB to learn how to use the GravityZone LogCollector for troubleshooting.

BEST error message 2002

This section explains how to troubleshoot the error message 2002 occurred during an update of Endpoint Security by Bitdefender, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Note

This section applies to Endpoint Security, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Error 2002 stands for "MD5 check failed" and it is received when the update files do not pass the MD5 checksum integrity check.

The downloaded files on the endpoint do not match the files present on the update server.

Troubleshooting Steps

The most common cause of this error is that the files are altered/corrupted during the download process by a third-party firewall present in the network, or by a content filtering application acting as a proxy.

Resolution

In this case, you need to whitelist the address to which the endpoint tries to connect to in your network firewall / content filtering application. Specifically, whitelist the internet update server address:

Upgrade.bitdefender.com:80

update.cloud.2d585.cdn.bitdefender.net:80

Note

To speed up troubleshooting, please also provide support tool logs from the affected workstation and associated relay/appliance. Read also this KB to learn how to use the GravityZone LogCollector for troubleshooting.

BEST error message 2013

This section explains how to troubleshoot the error message 2013 occurred during an update of Endpoint Security by Bitdefender, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Note

This section applies to Endpoint Security, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Error 2013 stands for "File must not be downloaded and updated" and occurs when the files present on the endpoint are newer than the ones on the local update server.

Possible Causes

This error is triggered when an endpoint downloads the virus signatures first from an up-to-date update server, and afterwards using a local update server with outdated signatures.

Resolution

The issue is caused by the local update server. To determine if the server is updating properly, please open an email ticket via the web form.

Note

To speed up troubleshooting, please also provide support tool logs from the affected workstation and associated relay/appliance. Read also this KB to learn how to use the GravityZone LogCollector for troubleshooting.

BEST error message 2019

This section explains how to troubleshoot the error message 2019 occurred during an update of Endpoint Security by Bitdefender, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Note

This section applies to Endpoint Security, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Error 2019 occurs when the endpoint was at first updated from another ring, and the update available on the current ring is older.

Resolution

In the active policy settings, go to General > Update > Update Ring and switch to fast ring.

An endpoint that downloads a product update from a newer ring (fast ring) cannot downgrade to a ring that runs with older updates (slow ring).

Note

To speed up troubleshooting, please also provide support tool logs from the affected workstation and associated relay/appliance. Read also this KB to learn how to use the GravityZone LogCollector for troubleshooting.

BEST error messages 1003, 1004, and 1005

This section explains how to troubleshoot the error messages 1003, 1004 and 1005 occurred during an update of Endpoint Security by Bitdefender, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Note

This section applies to Endpoint Security, Bitdefender Endpoint Security Tools (for Windows and Linux) and Endpoint Security for Mac.

Errors Description
  • 1003: Could not resolve proxy

  • 1004: Could not connect to proxy or server

  • 1005: Could not authenticate to proxy or server

Possible Causes
  • The endpoint is not configured correctly to communicate over the internet through a proxy.

  • The endpoint cannot resolve the proxy due to a DNS issue.

  • There is no proxy configured in the Bitdefender policy.

Troubleshooting Steps

At first, ping the proxy hostname to check if it is resolved correctly.

In the GravityZone policy, go to General > Settings > Proxy Configuration and configure the proxy server used in your network for outside communication.

Note

To speed up troubleshooting, please also provide support tool logs from the affected workstation and associated relay/appliance. Read also this KB to learn how to use the GravityZone LogCollector for troubleshooting.