Endpoint Protection

 View Only
  • 1.  SEP detecting one of it's own processes as a threat - SecLU.exe

    Posted Nov 18, 2009 07:12 PM
    SEP seems to think the SecLU.exe and is preventing it from running.


    I am just setting up our new configuration and thought this was hilarious. I knew I should have been more careful about purchasing a Symantec product!



    Anybody know what to do?


  • 2.  RE: SEP detecting one of it's own processes as a threat - SecLU.exe

    Posted Nov 18, 2009 11:13 PM
    Is the file sesclu.exe or secLU.exe?.  Sesclu.exe is a process that runs when there is an internal update taken from SEPM


  • 3.  RE: SEP detecting one of it's own processes as a threat - SecLU.exe

    Posted Nov 18, 2009 11:22 PM
    The other obvious explanation (that Sandip was hinting at) is that you may have a virus that has named itself something similar to a process that SEP uses. If i were you I would do a full system scan in safe mode with system restore off.



  • 4.  RE: SEP detecting one of it's own processes as a threat - SecLU.exe

    Posted Nov 19, 2009 12:45 AM
    I just did an entire search of my laptop and found no instance of a file name Secl*.exe

    I do however have sesc*.exe as mentioned by sandip_sali.



    I think sir you have a virus that SEP just found for you.




  • 5.  RE: SEP detecting one of it's own processes as a threat - SecLU.exe

    Posted Nov 19, 2009 07:07 AM
    There is no virus on the machine. I literally just built this machine and the only programs on it are Windows XP and Symantec Endpoint Protection. Unless Windows embedded a virus in it's own OS there is no possible way for there to be a virus.


    This was simply a guinea pig machine I built to deploy a new Endpoint install package to.



    And the file name is exactly what I said it was, SecLU.exe which a simple google will tell you is this:


    sesclu.exe is a SescLu\r belonging to Symantec Client Management Component\r from Symantec Corporation\r


  • 6.  RE: SEP detecting one of it's own processes as a threat - SecLU.exe
    Best Answer

    Posted Nov 19, 2009 07:14 AM
    Is it the Antivirus that is detecting it or it is the Tamper Protection ?
    If it is Tamper Protection then either disable Tamper protection or create exclusions for it.


  • 7.  RE: SEP detecting one of it's own processes as a threat - SecLU.exe

    Posted Nov 19, 2009 07:36 AM
    It's tamper protection, sorry for the lack of clarity.


    I will see about disabling this feature.