Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

Even though Tamper protection is disabled via policy on the SAV servers, it is still a running process on the local PC.

  • 1.  Even though Tamper protection is disabled via policy on the SAV servers, it is still a running process on the local PC.

    Posted Sep 24, 2009 02:36 PM
    I need to have this corrected, and I also do not have the option to STOP the Tamper protection service, I am forced to disable it and have the user restart.


  • 2.  RE: Even though Tamper protection is disabled via policy on the SAV servers, it is still a running process on the local PC.

    Posted Sep 24, 2009 03:52 PM
     which process do you see running on the client.the only file responsible for Tamper Protection is spbbcdrv.sys


  • 3.  RE: Even though Tamper protection is disabled via policy on the SAV servers, it is still a running process on the local PC.

    Posted Sep 24, 2009 06:30 PM
    Sorry, I thought it was a SAV unit, but it is SEP. Same scenario


  • 4.  RE: Even though Tamper protection is disabled via policy on the SAV servers, it is still a running process on the local PC.
    Best Answer

    Posted Sep 24, 2009 06:42 PM

    Title: 'The Tamper Protection driver, SPBBCDrv.sys, is still loaded even when Tamper Protection is disabled through SSC or on the local client.'

    Document ID: 2008020609515348

    > Web URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008020609515348?Open&seg=ent


  • 5.  RE: Even though Tamper protection is disabled via policy on the SAV servers, it is still a running process on the local PC.

    Posted Sep 24, 2009 08:35 PM
    But, policy should fix it, I have several sites in 3 countries :-(