Symantec EndPoint Protection 12.1 caused BSOD on my HP Proliant DL160 G6

Hi All,

I have a management server which I use for things like Backup Exec, Syslog and my Symantec EndPoint Protection Management server which is a HP Proliant DL160 G6 runnig Windows 2003 R2 Enterprise.  It has been running EndPoint 11.1 for about 18 months fine, but the other day I decided it was time to go to 12.1 as we qualified for a free update.

I tested it out on my VM test lab and all seemed OK, so I did the upgrade on my management server and again the EndPoint Manager worked great on 12.1.  I upgraded a few clients without issues so thought it was going OK, so then I upgraded the SEP client on my Management server to 12.1.  As soon as the install finished my server blue screens with HARDWARE MALFUNCTION ??

I try a reboot, no joy, so I boot to safe mode and uninstall the SEP client and it then boots fine!  Some googling later and I found some similar problems with Kaspersky so I updated all my management servers drivers, firmware and BIOS and tried again......same problem!

All my clients/VMs I have upgraded work fine, but this server doesn't want to work.  All my other physical servers (DCs/Exchange etc) are also HP Proliant G6 servers (a mix of DL360 & DL380) while my management server is a DL160 G6.  I have got no help from Symantec on this, they just tell me to update drivers etc which I have so I'm a little stuck.

I did find this - http://www.tricksguide.com/blue-screen-error-hardware-malfunction-pci-express-error-hp-proliant-server.html - which talks about disabling No Execute Memory Protection but my model server doesn't have this option.

Any suggestions?

Thx!

Andy
manic_andyAsked:
Who is Participating?
 
manic_andyConnect With a Mentor Author Commented:
Yep after I did the uninstall from the upgraded 11.1 to 12.1 I tried a clean 12.1 client install and had the same problem.

Will generate a dump file later today when the backups have finished.
0
 
faizbaigCommented:
I understand the 1st attempt was upgrade on existing 11.1 to 12.1, after uninstalling all Symantec endpoint related apps., did you try installing straightway version 12.1 ? plz try if "no".
0
 
Sudeep SharmaTechnical DesignerCommented:
@manic_andy ,

Do you have any of the dumps files? Could you post  or 3 of them?

You can find the dumps file in C:\Windows\Minidump folder. More info below:
http://support.microsoft.com/kb/315263

Sudeep
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
faizbaigCommented:
0
 
manic_andyAuthor Commented:
I don't get the bugcheck though?
0
 
faizbaigCommented:
Under solution it says..
Security Update MS11-077 which contains a fix for this problem

Any application like folder lock or Adope apps install ?
0
 
manic_andyAuthor Commented:
And just check and I already have the security rollup 2567053 installed.
0
 
manic_andyAuthor Commented:
No folder lock or adobe.
Only have - Backup Exec 2010 SP1 (no CPS as aware of the conflict with that)
Symantec EndPoint Protection Manager 12.1
WSUS
WatchGuard Firewall WSM 11.3
Kiwi Syslog
0
 
faizbaigCommented:
If you didn't try.
Disable in windows the "restart on error" function, afterwards you can read the BSOD error message.

I feel its a conflict with one the application.
0
 
manic_andyAuthor Commented:
Already have it set like that, so when it crashes after the SEP 12.1 client install it sits at the blue screen saying hardware malfunction.  When I reboot and it does the post steps it shows that the P212 controller locked up, which is consistent with the problems I found that Kaspersky caused, but HP fixed in version 5.14 of the controller firmware I have installed.
I have reinstalled 11.1 client for now which works fine.
0
 
faizbaigCommented:
Following are the known issues for Symantec Endpoint Protection 12.1
http://www.symantec.com/business/support/index?page=content&id=TECH163700


If you wish to try, I would suggest uninstall Backup Exec 2010 SP1,  Install first sysmantec endpoint 12.1 and than install Backup exec.
0
 
manic_andyAuthor Commented:
Thanks.  I have logged an issue with Symantec support anyway now so am letting them troubleshoot it for me.  I've been installing/uninstalling and trying different things for about 3 days now and no joy.  I put 11.1 back on and it works fine, then tried uninstalling that manually (seemed OK) then installed 12.1 again and it just fails to install which didn't happen before so I have sent Symantec the logs and will see what they suggest.

One thing for certain though, my confidence in the product is gone.  There is no way I can confidently say to my manager that we should deploy 12.1 now onto our DCs and or Exchange servers following this even if Symantec come back to me with a solution whatever that is.  It just seems way to flakey to be causing a physical controller lockup when 11.1 worked fine.   Last thing I want is to have this replicated on my DCs/Exchange where the controllor lockup could be way more serious than on my management server where I can afford to lose everything if needed.

I will post back when I heard back from Symantec on it.
0
 
manic_andyAuthor Commented:
Just realized its not generating dump files as its not causing a STOP, its just doing a hardware malfunction bsod, so no minidump or kernal dumps.  Don't really want to start messing around with NMI switches/jumpers to cause a stop so have logged a call with Symantec to get it looked at.
Thanks.
0
 
Andrew LumCommented:
Hi Andy, I'm facing the exact problem you faced. Did Symantec get back to you for any solutions?
0
 
Me MeCommented:
No sorry, ended up moving SEPM to a dedicated VM.
0
All Courses

From novice to tech pro — start learning today.