SescLU.exe and Rtvscan.exe crashing
I have a Windows Server 2008 R2 Terminal server with Citrix XenApp 6 running on a virtual machine on Windows Server 2008 R2 HyperV. I had SEP 11.0.5002.333 64-bit running on the server fine previously.
Yesterday the HyperV server crashed and rebooted so the virtual machine did not shut down properly. Now the SescLU.exe and Rtvscan.exe processes are crashing immediately upon starting. I tried uninstalling and re-installing. I downloaded the newest version of SEP (11.0.6100.645) and upgraded to that. I am still having the same issue. Here's the entries in the error logs:
Faulting application name: SescLU.exe, version: 11.0.6100.480, time stamp: 0x4c5b6596
Faulting module name: ntdll.dll, version: 6.1.7600.16559, time stamp: 0x4ba9b29c
Exception code: 0xc0000005
Fault offset: 0x0002e9c0
Faulting process id: 0x1320
Faulting application start time: 0x01cb4a0e92415471
Faulting application path: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SescLU.exe
Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report Id: cffa38a5-b601-11df-9851-00155d010102
Faulting application name: Rtvscan.exe, version: 11.0.6100.463, time stamp: 0x4c2d25af
Faulting module name: ntdll.dll, version: 6.1.7600.16559, time stamp: 0x4ba9b29c
Exception code: 0xc0000005
Fault offset: 0x0002e733
Faulting process id: 0x14a8
Faulting application start time: 0x01cb4a0db1424d02
Faulting application path: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report Id: eefcf732-b600-11df-9851-00155d010102
I ran system file checker on the specified ntdll.dll and it didn't find any problems. I also ran a chkdsk on the drives and it found a couple small errors and repaired them. I did the reinstalls after the chkdsk ran. Any help in getting SEP to run would be greatly appreciated. Thanks.
Comments
hi
create a centralized exception for sesclu.exe file and then check it
http://forums.citrix.com/message.jspa?messageID=1448435
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
I created exceptions for the
I created exceptions for the sesclu.exe and that didn't help.
Can you check in the event
Can you check in the event viewer what was reason for server crashing.
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
I'm not sure if I was clear
I'm not sure if I was clear in my description. The SEP client is installed on the Citrix virtual machine which runs on the HyperV server. The HyperV server is the machine that crashed. There was no indication in the Event Log as to why it crashed. I did notice that I didn't have a reliability update installed from Microsoft. I'm assuming that whatever the reason for the crash was fixed in that update. The HyperV server is fully updated now and has been running fine since then.
Could you please uninsatll
Could you please uninsatll SEP client, delete the Liveupdate folder, from C:/program data/Symantec, and then re-install it as unmanaged sep client?
Also, please see the following:
http://clientui-kb.symantec.com/kb/index?page=content&id=TECH123419&actp=search&viewlocale=en_US&searchid=1283396912366
http://clientui-kb.symantec.com/kb/index?page=content&id=TECH91070&actp=search&viewlocale=en_US&searchid=1283396912366
-VKalani
I'm not running a Citrix
I'm not running a Citrix Provisioning server so that first link doesn't apply to me. I have already seen the best practices for running SEP on a Citrix Terminal Server and put the recommendations into place.
I uninstalled the SEP client and re-installed it as an unmanaged client. I'm still having the same problem.
hi
remove live update
delete liveupdate folders
instal liveupdate
repair sep from add/remove programs..
and check
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Still have the same issue.
Still have the same issue.
enable sep debugging, and
enable sep debugging, and post the debugging logs......
-VKalani
Here's my debug logs. I
Here's my debug logs. I followed the instructions here: http://service1.symantec.com/support/ent-security.nsf/docid/2007090611252048?Open&seg=ent. I only did the standard SMC debugging. Let me know if I need to do something different.
It looks to be SEP was not
It looks to be SEP was not complete removed..
Un-install SEP..Delete all the files and folder then re-install SEP
Better to follow Manual Removal Procedure
http://service1.symantec.com/support/ent-security....
Then Install SEP.
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
HI Vikram
He is using Windows 2008 R2 Server but the above manual for upto 2003 32 bit editions only.
Whether he can use Cleanwipe tool for complete removal and try ...
If this Info helps to resolve the issue please Mark as Solution
Thanks
How to manually uninstall
How to manually uninstall Symantec Endpoint Protection client from Windows Vista, Windows 7, and Windows 2008 32-bit
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007080209280848
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
I followed the manual removal
I followed the manual removal instructions and still have the same problem. I'm running 2008 R2 which is 64-bit though and those instructions were for 32-bit versions. I looked for files and folders in corresponding folders (Program Files (x86), etc.) on the 64-bit machine too though.
Any updates on this? We have
Any updates on this? We have the SAME EXACT issue but we are using XenApp6 on VMware.
I never figured out the
I never figured out the problem. I just ended up reinstalling everything from scratch.
Any of you with Citrix XenApp6
Have hotfix XA600W2K8R2X64003 installed?
I had the exact same error as described in the opening post, but when i uninstalled that hotfix, the error disappeared.
I have now tried installing the hotfix before SEP. And this seems to work. But this might break the citrix hotfix?
Would you like to reply?
Login or Register to post your comment.