Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrade.
Please accept our apologies in advance for any inconvenience this might cause.

Excessive Tamper Alerts

Created: 07 Nov 2012 • Updated: 07 Nov 2012 | 4 comments

We are sill searching for a solution for our Excessive Tamper Alerts.

Per article TECH171057 this should have been fixed with the latest update. We have performed the update and have created the exception in our policy. However, the system in question is still getting excessive tamper alerts.

I see there is an option to turn off the notifications, but I was looking for a solution rather than a band aid for this particular situation. I've contacted the vendor for the software we are getting the alert for and they have referred us to setting up an exclusion policy.

I've been unable to locate any other suggestions or fixes online and was hoping you may be able to shed some light on this.

Thanks,

David

Comments 4 CommentsJump to latest comment

_Brian's picture

So you've added the exception for all clients affected and it's still not working?

If it is truly a bug and the latest release doesn't fix it, than I would call support.

I'm curious if as a test you completely uninstalled/reinstalled the latest version on one affected client to see what the result is. Perhaps it is an upgrade type bug which does not affect a clean install.

Other than adding an exception, turning off the notification, or disabling tamper protection, I don't know that there is much else that can be done. Especially if it still a bug in the latest release. Support would need to rectify.

 

Mazakoptech's picture

Hi Brian,

Thank you for the response.

Yes, I added the exception in our policy. It appears only one system is affected with this issue. I have not had the chance to uninstall/reinstall as this user travels a lot. When back in the office I will try the uninstall.reinstall option.

David

 

Rafeeq's picture

i belive its a classroom software, check if there any update for it..

sandra.g's picture

Your screen shot says 12.1.1000 (which is RU1), but the KB article you reference says it was fixed with 12.1.1101 ("This problem is fixed in Symantec Endpoint Protection 12 Release Update 1 Maintenance Patch 1 (12.1 RU1-MP1).")... Was the client restarted after the upgrade?

sandra

Symantec, Information Developer
Installation, Migration, Deployment and Patching
User Protection & Productivity, Endpoint Protection

Don't forget to mark your thread as 'solved' with the answer that best help