Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users
Course Of The Month
Become a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Symantec EndPoint Protection 12.1 caused BSOD on my HP Proliant DL160 G6
Posted on 2012-04-09
Hi All,
I have a management server which I use for things like Backup Exec, Syslog and my Symantec EndPoint Protection Management server which is a HP Proliant DL160 G6 runnig Windows 2003 R2 Enterprise. It has been running EndPoint 11.1 for about 18 months fine, but the other day I decided it was time to go to 12.1 as we qualified for a free update.
I tested it out on my VM test lab and all seemed OK, so I did the upgrade on my management server and again the EndPoint Manager worked great on 12.1. I upgraded a few clients without issues so thought it was going OK, so then I upgraded the SEP client on my Management server to 12.1. As soon as the install finished my server blue screens with HARDWARE MALFUNCTION ??
I try a reboot, no joy, so I boot to safe mode and uninstall the SEP client and it then boots fine! Some googling later and I found some similar problems with Kaspersky so I updated all my management servers drivers, firmware and BIOS and tried again......same problem!
All my clients/VMs I have upgraded work fine, but this server doesn't want to work. All my other physical servers (DCs/Exchange etc) are also HP Proliant G6 servers (a mix of DL360 & DL380) while my management server is a DL160 G6. I have got no help from Symantec on this, they just tell me to update drivers etc which I have so I'm a little stuck.
I did find this - http://www.tricksguide.com/blue-screen-error-hardware-malfunction-pci-express-error-hp-proliant-server.html - which talks about disabling No Execute Memory Protection but my model server doesn't have this option.
Any suggestions?
Thx!
Andy
I have a management server which I use for things like Backup Exec, Syslog and my Symantec EndPoint Protection Management server which is a HP Proliant DL160 G6 runnig Windows 2003 R2 Enterprise. It has been running EndPoint 11.1 for about 18 months fine, but the other day I decided it was time to go to 12.1 as we qualified for a free update.
I tested it out on my VM test lab and all seemed OK, so I did the upgrade on my management server and again the EndPoint Manager worked great on 12.1. I upgraded a few clients without issues so thought it was going OK, so then I upgraded the SEP client on my Management server to 12.1. As soon as the install finished my server blue screens with HARDWARE MALFUNCTION ??
I try a reboot, no joy, so I boot to safe mode and uninstall the SEP client and it then boots fine! Some googling later and I found some similar problems with Kaspersky so I updated all my management servers drivers, firmware and BIOS and tried again......same problem!
All my clients/VMs I have upgraded work fine, but this server doesn't want to work. All my other physical servers (DCs/Exchange etc) are also HP Proliant G6 servers (a mix of DL360 & DL380) while my management server is a DL160 G6. I have got no help from Symantec on this, they just tell me to update drivers etc which I have so I'm a little stuck.
I did find this - http://www.tricksguide.com/blue-screen-error-hardware-malfunction-pci-express-error-hp-proliant-server.html - which talks about disabling No Execute Memory Protection but my model server doesn't have this option.
Any suggestions?
Thx!
Andy
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
7
-
5
- +2
15 Comments
I understand the 1st attempt was upgrade on existing 11.1 to 12.1, after uninstalling all Symantec endpoint related apps., did you try installing straightway version 12.1 ? plz try if "no".
@manic_andy ,
Do you have any of the dumps files? Could you post or 3 of them?
You can find the dumps file in C:\Windows\Minidump folder. More info below:
http://support.microsoft.com/kb/315263
Sudeep
Do you have any of the dumps files? Could you post or 3 of them?
You can find the dumps file in C:\Windows\Minidump folder. More info below:
http://support.microsoft.com/kb/315263
Sudeep
Yep after I did the uninstall from the upgraded 11.1 to 12.1 I tried a clean 12.1 client install and had the same problem.
Will generate a dump file later today when the backups have finished.
Will generate a dump file later today when the backups have finished.
This is a known problem, plz check the link.
http://www.symantec.com/business/support/index?page=content&id=TECH181336
http://www.symantec.com/business/support/index?page=content&id=TECH181336
Under solution it says..
Security Update MS11-077 which contains a fix for this problem
Any application like folder lock or Adope apps install ?
Security Update MS11-077 which contains a fix for this problem
Any application like folder lock or Adope apps install ?
No folder lock or adobe.
Only have - Backup Exec 2010 SP1 (no CPS as aware of the conflict with that)
Symantec EndPoint Protection Manager 12.1
WSUS
WatchGuard Firewall WSM 11.3
Kiwi Syslog
Only have - Backup Exec 2010 SP1 (no CPS as aware of the conflict with that)
Symantec EndPoint Protection Manager 12.1
WSUS
WatchGuard Firewall WSM 11.3
Kiwi Syslog
If you didn't try.
Disable in windows the "restart on error" function, afterwards you can read the BSOD error message.
I feel its a conflict with one the application.
Disable in windows the "restart on error" function, afterwards you can read the BSOD error message.
I feel its a conflict with one the application.
Already have it set like that, so when it crashes after the SEP 12.1 client install it sits at the blue screen saying hardware malfunction. When I reboot and it does the post steps it shows that the P212 controller locked up, which is consistent with the problems I found that Kaspersky caused, but HP fixed in version 5.14 of the controller firmware I have installed.
I have reinstalled 11.1 client for now which works fine.
I have reinstalled 11.1 client for now which works fine.
Following are the known issues for Symantec Endpoint Protection 12.1
http://www.symantec.com/business/support/index?page=content&id=TECH163700
If you wish to try, I would suggest uninstall Backup Exec 2010 SP1, Install first sysmantec endpoint 12.1 and than install Backup exec.
http://www.symantec.com/business/support/index?page=content&id=TECH163700
If you wish to try, I would suggest uninstall Backup Exec 2010 SP1, Install first sysmantec endpoint 12.1 and than install Backup exec.
Thanks. I have logged an issue with Symantec support anyway now so am letting them troubleshoot it for me. I've been installing/uninstalling and trying different things for about 3 days now and no joy. I put 11.1 back on and it works fine, then tried uninstalling that manually (seemed OK) then installed 12.1 again and it just fails to install which didn't happen before so I have sent Symantec the logs and will see what they suggest.
One thing for certain though, my confidence in the product is gone. There is no way I can confidently say to my manager that we should deploy 12.1 now onto our DCs and or Exchange servers following this even if Symantec come back to me with a solution whatever that is. It just seems way to flakey to be causing a physical controller lockup when 11.1 worked fine. Last thing I want is to have this replicated on my DCs/Exchange where the controllor lockup could be way more serious than on my management server where I can afford to lose everything if needed.
I will post back when I heard back from Symantec on it.
One thing for certain though, my confidence in the product is gone. There is no way I can confidently say to my manager that we should deploy 12.1 now onto our DCs and or Exchange servers following this even if Symantec come back to me with a solution whatever that is. It just seems way to flakey to be causing a physical controller lockup when 11.1 worked fine. Last thing I want is to have this replicated on my DCs/Exchange where the controllor lockup could be way more serious than on my management server where I can afford to lose everything if needed.
I will post back when I heard back from Symantec on it.
Featured Post
Want to be a web developer? You'll need to know HTML. Prepare for HTML5 certification by enrolling in July's Course of the Month! It's free for Premium Members, Team Accounts, and Qualified Experts.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Usually shares are where we want them for our users and we tend to take them for granted. There are times, however, when those shares may disappear causing difficulty for your users.
One of the first things to try is searching for files that shou…
Learn about cloud computing and its benefits for small business owners.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
- Anti-Virus Apps
- Ransomware
- The Email Laundry
- Email Servers
- Cybersecurity
- Microsoft Access, *malware
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email
Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month6 days, 12 hours left to enroll
623 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.