Error Message

Log Name: Veritas Enterprise Vault
Source: Enterprise Vault
Event ID: 41315
Task Category: Index Query Server
Level: Warning
Keywords: Classic
User: N/A
Description:
Invalid access to memory location. (Exception from HRESULT: 0x800703E6)

and/or

Log Name: Veritas Enterprise Vault
Source: Enterprise Vault
Event ID: 41315
Task Category: Index Query Server
Level: Warning
Keywords: Classic
User: N/A
Description:
Configuration Error

It appears the issue is due to McAfee 8.8 being installed on EV indexing servers.

This issue is very similar to the one described in this article, however it can still occur even with the McAfee 8.8 exclusions in place.  It is recommended to go through the article first and ensure all exclusions are in place, before trying the solution below.

On each Enterprise Vault server hosting an Indexing service, set the following registry values:

Key: HKLM\Software\Microsoft\ASP.NET\FCNMode
Value Type: DWORD
Value: 1

Key: HKLM\Software\WOW6432Node\Microsoft\ASP.NET\FCNMode
Value Type: DWORD
Value: 1

This key is described here.

Warning: Incorrect use of the Windows registry editor may prevent the operating system from functioning properly. Great care should be taken when making changes to a Windows registry. Registry modifications should only be carried-out by persons experienced in the use of the registry editor application. It is recommended that a complete backup of the registry and workstation be made prior to making any registry changes.

Setting this key will prevent IIS from restarting the /EVIndexing app pool if it detects changes to the files or configuration on disk.  It appeared McAfee was triggering the behavior, irrespective of exclusions.

Versions of Enterprise Vault starting with 12.4 and higher are not affected as the integration with IIS has changed for the /EVIndexing virtual directory.