05-19-2010 04:47 PM
Our products continually evolve to meet the security needs of our customers. With each year that goes by, we run into limitations that are difficult to overcome as our products become more sophisticated. Given the system configuration of many older PCs (particularly those running very old operating systems with limited system resources) this can be quite a challenge.
Unfortunately, in this case we can no longer overcome the limitations in the memory management capability of the supported Windows 9x operating systems when used with NAV or NIS. We advise users to upgrade their system in order to be able to install the latest 2010 products.
We continue to research possible solutions to this problem and will post more information when it becomes available.
As an aside, we strongly recommend that users stay current with a modern OS and the latest protection if at all possible. To facilitate this, anyone that has a 2006 or newer product is entitled to the latest product as long as they have an active subscription. These users have easy access to the latest version and they will get the latest protection features available from Norton. Since the threat landscape is constantly changing, it’s to our users’ benefit to keep their security software current since the current year release will have the latest technology updates to battle these threats.
05-21-2010 05:46 PM
There are memory limitations imposed by older operating system that originally seemed like the cause of the issue. But after investigation we have confirm that this is a product issue, not an operating system issue.
The error messages that NAV, NIS and SystemWorks 2002/2003/2004 (NAVCE 7.6 and SAV8) users are seeing are caused by an AV engine initialization problem causing a user mode crash and kernel mode issues when the kernel engine does not load. In short, there is not enough memory available for the definitions to load, scanning fails and an error message occurs.
The failures are occurring because of the current size of the definition set, combined with how memory is managed in older Norton products. The amount of kernel memory available varies from operating system to operating system, but as an example Windows XP allocates 160 MB of kernel memory. Driven by the growth in the size of definition sets, AV scanners currently require around 110-120MB to load everything into memory. The failures are occurring because this amount of memory is not available to the product.
Current versions of the product do not have the issue because we have implemented aggressive memory management techniques to work around the problem and improve the efficiency of these products. These aggressive techniques cannot be implemented in older versions of the product without introducing system instability. In other words, these techniques in older versions cause the operating system to crash.
The other possible workaround is to reduce the size of our virus definition sets. Ten years ago Symantec was generating 5-10 new virus definitions a week but today because of the changing threat landscape we are generating more than 15,000 new definitions each day and this has put a real challenge on the older engines. In order to address the problem over last two years we have made improvements to the AV engine and the definition format to reduce the size of the definitions. This has slowed the growth but not stopped it entirely. Obviously, as new threats are released we must release new definitions to protect our customers. We cannot keep protection current without a definition set at its current size.
05-21-2010 05:51 PM - last edited on 05-24-2010 06:56 AM by Tony_Weiss
I can't recommend enough the need for you to upgrade your system to use NIS 2010.
But if you absolutely refuse to, and want to revert your product back to how it was prior, follow the steps as explained by quietleaf.
1. Turn off LU in the product UI.
2. Apply an IU from prior to 5/10 (Available here.)
3. Go to C:\Program Files\Common Files\Symantec Shared\VirusDefs and edit definfo.dat to make sure the product is using defs from prior to 5/10.
You must also continue to keep the LiveUpdate turned off, or else it will download newer definitions and break your product again.
Again, please upgrade your product to the most recent version. The older products are not able to protect you from current threats.