Hi, I got an issue with Symantec Endpoint (version 11.0.5002.333 Client-Server network edition):
I'm trying to installer a Software called OCSNG wich is a well known network inventory software (link to download and anlysis: http://launchpad.net/ocsinventory-windows-agent/2.0/2.0/+download/OCSNG-Windows-Agent-2.0.zip).
I've noticed that the setup installer is failing only on the station where SEP client is installed, that's why i'm sure the matter is coming from SEP protection. Actually i see in the log file of the setup installer, that it's failing here:
SetACL allowing System and Administrators full permissions on <C:\Documents and Settings\All Users\Application Data\OCS Inventory NG\Agent\Download>...Result: -1073741819
SetACL allowing Users / Power Users read only permissions on <C:\Documents and Settings\All Users\Application Data\OCS Inventory NG\Agent\Download>...Result: -1073741819
It is windows ntstatus code (in hex): C0000005 which means STATUS_ACCESS_VIOLATION. I think the culpit is SEP resident driver which is scanning in realtime and opening handle to the used file or folder and then the installer tries to open the same (already opened by SEP) handle into no shared access, thus resulting the ACCESS_VIOLATION code.
I've tried to uninstall SEP on a failing station and after full uninstallation of SEP, setup is working flawlessly.
My request is, can you just analyze the Setup Installer file and then find the issue with SEP and then maybe patch it to solve the embarassing problem (for me, as network administrator).
Thanks for reading,
Regards