Endpoint Protection

There are unexpected system shutdowns and After enabling the creation of memory dump files on the server, and
analyzing the first .dmp file generated:
BugCheck 1000008E, {c0000005, 809040be, b4c4a6d4, 0}
*** WARNING: Unable to verify timestamp for NAVAP.sys
*** ERROR: Module load completed but symbols could not be loaded for NAVAP.sys
Probably caused by : NAVAP.sys ( NAVAP+2d873 )
Followup: MachineOwner

We have windows server 2003 and we are using Symantec Antivirus 8.1.1.323.

There are unexpected system shutdowns and After enabling the creation of memory dump files on the server.

This is a virtual server.Host is experiencing unexpected system shutdowns (sourcetype="wineventlog:system" AND EventCode="6008")

Symantec Antivirus 8.0 reached its End of Support Life as of November 30, 2005 and Symantec Antivirus 8.1 reached its End of Support Life as of January 31, 2007

I would suggest moving to either SEP 11.x or SEP 12.1

There is no product support for 8.X. Please upgade to SEP 11.7.x or 12.1. X at the earliest.

Hello,

SAV 8? Wow, that is some old software. 

Symantec Antivirus 8.0 reached its End of Support Life as of November 30, 2005 and Symantec Antivirus 8.1 reached its End of Support Life as of January 31, 2007, as defined in the Symantec Enterprise Technical Support Policy. Therefore virus definition updates are no longer supported for this product.

Symantec Antivirus 9.x has reached its End of Standard Support as of March 31, 2009. Virus definition updates for version 9.x will be discontinued on April 1, 2009.

http://www.symantec.com/business/security_response...

Symantec AntiVirus 10.x Corporate Edition (SAV) has reached its scheduled End-of-Support-Life (EOSL) on July 4, 2012. Virus definitions, maintenance updates, and technical support is no longer available for this product.

The recommended upgrade path is to replace SAV 8.x with Symantec Endpoint Protection 12.1 (SEP 12.1). 

More information

Hope that helps!!

Hi Vijay,

"Thumbs up" to all of the above.  Here in 2013, in a very legal sense SAV 8 is not protection at all.  There's absolutely no guarantee that it will be stable or secure against threats developed ten years beyond what SAV 8 was designed to do.  Please upgrade as soon as you can!

All the best,

Mick

Hi,

Symantec Antivirus 8.0 reached its End of Support Life as of November 30, 2005 and Symantec Antivirus 8.1 reached its End of Support Life as of January 31, 2007, as defined in the Symantec Enterprise Technical Support Policy. Therefore virus definition updates are no longer supported for this product.

Symantec Antivirus 9.x has reached its End of Standard Support as of March 31, 2009. Virus definition updates for version 9.x will be discontinued on April 1, 2009.

http://www.symantec.com/business/security_response...

You can't directly upgrade to SEP 12.1

Supported upgrade paths for the legacy vesions are as per the below:

SAV 9x & 10.x / SCS 2.x & 3.x / SSEP (Sygate) 5.1 --> SEP EE 12.1

If planning to install SEP 12.1 then it will be a fresh install for you.

I would also strongly recommend to upgrade to the latest version of SEP.

One small correction:

SAV 9, SCS 2.x and Sygate/SSEP are no longer supported when migrating to SEP 12.1.2 (12.1 RU2) and later.

sandra

We are in planning phase for the upgrade, but as of now we need some workaround to overcome this, as the server is very critical.

Thanks Sandra !!!

Hi,

You can uninstall SAV & Install trialware software of SEP.

About the trialware license

http://www.symantec.com/docs/HOWTO55075

Download - Symantec Endpoint Protection 12 Trialware

https://www4.symantec.com/Vrt/offer?a_id=117135

Download - Symantec Endpoint Protection Small Business Edition Trialware

https://www4.symantec.com/Vrt/offer?a_id=77956

Also you can try to scan the infected system using Symantec Power eraser.

http://www.symantec.com/theme.jsp?themeid=spe-user-guide

Just a reminder to anyone still using SAV: please do upgrade to SEP as soon as possible.  That product is no longer supported.  New definitions have been released for SAV 10.x long after support ended, in order to allow admins ample time to migrate.  These are just a courtesy and can be discontinued at any time.

Please do act now in order to remain protected!