Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Server rebooting due to Symantec Antivirus 8.1.1.323

Created: 29 May 2013 | 10 comments

There are unexpected system shutdowns and After enabling the creation of memory dump files on the server, and
analyzing the first .dmp file generated:
BugCheck 1000008E, {c0000005, 809040be, b4c4a6d4, 0}
*** WARNING: Unable to verify timestamp for NAVAP.sys
*** ERROR: Module load completed but symbols could not be loaded for NAVAP.sys
Probably caused by : NAVAP.sys ( NAVAP+2d873 )
Followup: MachineOwner

 

We have windows server 2003 and we are using Symantec Antivirus 8.1.1.323.

There are unexpected system shutdowns and After enabling the creation of memory dump files on the server.

This is a virtual server.Host is experiencing unexpected system shutdowns (sourcetype="wineventlog:system" AND EventCode="6008")

Operating Systems:

Comments 10 CommentsJump to latest comment

.Brian's picture

Symantec Antivirus 8.0 reached its End of Support Life as of November 30, 2005 and Symantec Antivirus 8.1 reached its End of Support Life as of January 31, 2007

I would suggest moving to either SEP 11.x or SEP 12.1

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Rafeeq's picture

There is no product support for 8.X. Please upgade to SEP 11.7.x or 12.1. X at the earliest.

 

Mithun Sanghavi's picture

Hello,

SAV 8? Wow, that is some old software. 

Symantec Antivirus 8.0 reached its End of Support Life as of November 30, 2005 and Symantec Antivirus 8.1 reached its End of Support Life as of January 31, 2007, as defined in the Symantec Enterprise Technical Support Policy. Therefore virus definition updates are no longer supported for this product.

Symantec Antivirus 9.x has reached its End of Standard Support as of March 31, 2009. Virus definition updates for version 9.x will be discontinued on April 1, 2009.

http://www.symantec.com/business/security_response...

Symantec AntiVirus 10.x Corporate Edition (SAV) has reached its scheduled End-of-Support-Life (EOSL) on July 4, 2012. Virus definitions, maintenance updates, and technical support is no longer available for this product.

The recommended upgrade path is to replace SAV 8.x with Symantec Endpoint Protection 12.1 (SEP 12.1). 

More information

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Mick2009's picture

Hi Vijay,

"Thumbs up" to all of the above.  Here in 2013, in a very legal sense SAV 8 is not protection at all.  There's absolutely no guarantee that it will be stable or secure against threats developed ten years beyond what SAV 8 was designed to do.  Please upgrade as soon as you can!

All the best,

Mick

With thanks and best regards,

Mick

Chetan Savade's picture

Hi,

Symantec Antivirus 8.0 reached its End of Support Life as of November 30, 2005 and Symantec Antivirus 8.1 reached its End of Support Life as of January 31, 2007, as defined in the Symantec Enterprise Technical Support Policy. Therefore virus definition updates are no longer supported for this product.

Symantec Antivirus 9.x has reached its End of Standard Support as of March 31, 2009. Virus definition updates for version 9.x will be discontinued on April 1, 2009.

http://www.symantec.com/business/security_response...

You can't directly upgrade to SEP 12.1

Supported upgrade paths for the legacy vesions are as per the below:

SAV 9x & 10.x / SCS 2.x & 3.x / SSEP (Sygate) 5.1 --> SEP EE 12.1

If planning to install SEP 12.1 then it will be a fresh install for you.

I would also strongly recommend to upgrade to the latest version of SEP.

 

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

sandra.g's picture

One small correction:

SAV 9, SCS 2.x and Sygate/SSEP are no longer supported when migrating to SEP 12.1.2 (12.1 RU2) and later.

sandra

Symantec, Senior Information Developer
Enterprise Security, Mobility, and Management - Endpoint Protection

Don't forget to mark your thread as 'solved' with the answer that best helps you!

Chetan Savade's picture

Thanks Sandra !!!

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Vijay Yadav's picture

We are in planning phase for the upgrade, but as of now we need some workaround to overcome this, as the server is very critical.

Chetan Savade's picture

Hi,

You can uninstall SAV & Install trialware software of SEP.

About the trialware license

http://www.symantec.com/docs/HOWTO55075

Download - Symantec Endpoint Protection 12 Trialware

https://www4.symantec.com/Vrt/offer?a_id=117135

Download - Symantec Endpoint Protection Small Business Edition Trialware

https://www4.symantec.com/Vrt/offer?a_id=77956

Also you can try to scan the infected system using Symantec Power eraser.

http://www.symantec.com/theme.jsp?themeid=spe-user-guide

 

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Mick2009's picture

Just a reminder to anyone still using SAV: please do upgrade to SEP as soon as possible.  That product is no longer supported.  New definitions have been released for SAV 10.x long after support ended, in order to allow admins ample time to migrate.  These are just a courtesy and can be discontinued at any time.

Please do act now in order to remain protected!

With thanks and best regards,

Mick