Some background (and a proposal):
Application and Device Control (ADC) is using the sysfer.dll library. It will be injected into the process stacks to monitor, block, allow or log activities. Unfortunately there are some apps which are incompatible with sysfer.dll. See this article on this topic:
Creating Application Control Exclusions in Symantec Endpoint Protection 12.1
For managed clients, it's possible to define an exclusion in the Exceptions policy in SEPM for Application Control. If you do that, sysfer.dll won't be injected into the respective process stack.
Unfortunately, it's not possible to define this exception at the client GUI. Even if you disable ADC (proposal in my first post) you don't get rid of sysfer.dll. You have to disable the ADC component, as Brian wrote.
There is another solution if you have access to a SEPM and you don't want to remove ADC:
- Create a new, empty group
- In this group define the settings and policies for the unmanaged client -- in particular in the Exceptions policy the exclusion for EQ7 (the article above describes how to do this)
- Create an unmanaged client install package (.exe file), tied to the new group
- Run the install package on the target box (or deploy it remotely).
See here:
How To: Create an unmanaged client install package from the SEPM with custom policies
Of course this solution is awkward and definively not elegant. However, you can keep ADC running. It's even possible to create rule sets for ADC (not possible in the client GUI).
With tools such as Process Explorer or Process Hacker, you are able to check if sysfer.dll is in the process stack.
HTH!