matt1982
asked on
Symantec anti-virus causing blue screen on boot
We have Symantec Anti-Virus Corp 10.1 installed on our systems along with Deepfreeze 6. We have the virus definitions redirected to a D: partition which is not affected by deepfreeze so that Symantec software can stay up to date when the computers are restarted.
The main systems we are having issues with are HP D530's. Every so often (likely when the definitions are updated) when the computers are rebooted, they will show the XP logo and then flash a blue screen realy quick and reboot. some will keep doing this and some will come out of it after a while. I have found that booting to recovery console and run an fdisk /mbr it will resolve the problem most times. After doing this however, when looking in device manager under non plug and play devices the savrt device has an "1" on it.
The blue screen that is appearing references the file savrt.sys every time. It also has the message "DRIVER_UNLOADED_WITHOUT_C
We have many other types and makes and models of computers and we've only seen it affect the HP's so far. I believe there are some 5700's being affected as well.
Any thoughts or ideas on what to try would be great. If I left out any info that may be important let me know.
Thanks in advance.
The main systems we are having issues with are HP D530's. Every so often (likely when the definitions are updated) when the computers are rebooted, they will show the XP logo and then flash a blue screen realy quick and reboot. some will keep doing this and some will come out of it after a while. I have found that booting to recovery console and run an fdisk /mbr it will resolve the problem most times. After doing this however, when looking in device manager under non plug and play devices the savrt device has an "1" on it.
The blue screen that is appearing references the file savrt.sys every time. It also has the message "DRIVER_UNLOADED_WITHOUT_C
We have many other types and makes and models of computers and we've only seen it affect the HP's so far. I believe there are some 5700's being affected as well.
Any thoughts or ideas on what to try would be great. If I left out any info that may be important let me know.
Thanks in advance.
Kutyi
I am running a similar setup, except I do not separate the definitions to a thawed partition and all works well. the defs update fine as my policy is to update the policy every 2 minutes, no lag time noticed. I would guess it is an issue with the updating. I suggest yoiu try it the way I have set it up to see if it will work for you.
what version of sav are you using 10.1.????
thanks
thanks
ASKER
sav is version 10.1.4.4000
Im lost on this one...you if you can replicate the exact steps to get it to bluescreen then you can point out which software is causing the bluescreen... you can push an update to a pc and and find out exactly how to reproduce then you can turn off deepfreeze and test again if no crashes then deepfreeze might be the culprit. Then you can turn off deep freeze and test again if it does crash then the culprit is deep freeze. if it does crash then we have a problem with sav.
try and post back
try and post back
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It is possible the reason you might never have experienced the problem because it only seems to affect certain models of HP computers, mainly the HP d530's. Anyone have any idea on what files it may be changing on the C: drive that would cause this problem? It appears the problem only occurs after a virus definition update. The issue will always seem to appear on Thursday morning, and possibly other days too but Thursday is the only day I've noticed so far. I doesn't appear to be updating the savrt.sys file from what I can tell.
Thanks for the suggestions and I will try them if I get the chance.
Thanks for the suggestions and I will try them if I get the chance.
I have over 60 HP D530 SFF PCs.
ASKER
Ok that's good to know...I'll definitely look at trying what you mentioned then. Thanks
ASKER
What Kutyi mentioned did solve the issues of rebooting but it is not the way we really want things done. Ideally we would like to find out why Symantec only seems to have an issue with these types of computers and if there is a way to keep our original configuration and have these HP's still work. Our next step will have to be to contact Syamntec and then possibly HP.