Endpoint Protection

 View Only

  • 1.  Vista 0x0000000A Blue Screen with SEP enabled

    Posted May 06, 2009 11:02 PM
    Vista Home Basic v6.0.6001 Service Pack 1 Build 6001, year old installation

    Symantec Endpoint Protection v11.0.3001.2224

    Dell Inspiron 1525

    BSOD on startup with service 'Symantec Endoint Protection' enabled reports:

    IRQL_NOT_LESS_OR_EQUAL
    STOP:0X0000000A (0X00000000, 0X00000002, 0X00000001, 0X81E5580C)

    (last group may vary)

    System startable in Safe Mode and startable in Normal mode if Symantec Endpoint Protection service is disabled.

    After a lengthy up period with SEP off, Vista installed three updates from Microsoft on shutdown. Accessing Windows Update after the subsequent start showed 22 outstanding updates. The windows update log indicated NO update later than 2008. (???) (Windows update subsequently installed TWO updates, restarted the system when I refused IE8, and then reported ONE update outstanding. Has the update function gone insane or are there really 18 security updates for IE8 already?)

    That aside:

    1. Is anyone familiar with the causes of this fault in relation to SEP?

    2. What update from Microsoft Update is out there that might effect this situation?







  • 2.  RE: Vista 0x0000000A Blue Screen with SEP enabled

    Posted May 07, 2009 12:09 AM
    Hi,

    You are using the old version of SEP. Try using SEP 11.0 MR4MP1a.

    There are few issues been resolved in this build of SEP.

    Rgrds,
    SAM


  • 3.  RE: Vista 0x0000000A Blue Screen with SEP enabled

    Posted May 07, 2009 12:19 AM
    This is usually a driver issue, it may be conflicting. Can you go to safe mode and get the Application and System Logs?


  • 4.  RE: Vista 0x0000000A Blue Screen with SEP enabled

    Posted May 07, 2009 01:59 AM
    Hi,

    I would say from experience that is very likely caused by Application and Device control, but you should really upgrade to MR4MP1a and if the problem continues, open a support ticket and send a full memory dump to Symantec support.

    - Jukka


  • 5.  RE: Vista 0x0000000A Blue Screen with SEP enabled

    Posted May 07, 2009 11:31 AM
    I neglected to clarify that one of the Microsoft updates in the first batch of three apparently corrected the problem. After those updates were installed, Vista booted normally with SEP enabled.

    This was a customer's computer. I have instructed them to update SEP to the new version.

    Still curious about which MS update may have corrected the problem.

    When I first checked the update history after the successful normal boot with SEP, the history showed no updates since 2008. (The customer had not used the computer between Nov 08 and Apr 09.) I would have expected the update log to have shown the three updates that Vista claimed it was installing, but it didn't. Subsequent updates did show.

    Thanks for the comments.

    jrb