Endpoint Protection Small Business Edition

 View Only

  • 1.  Tamper Protection Alert

    Posted Mar 01, 2012 08:42 AM

     

    SYMANTEC TAMPER PROTECTION ALERT

     

    Target:  C:\Program Files\Common Files\Symantec Shared\ccApp.exe

    Event Info:  Set Information Process

    Action Taken:  Logged

    Actor Process:  C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (PID 884)

    Time:  Wednesday, February 29, 2012  9:53:01 AM

    This is what pops up almost everyday when using our email. What do I do to keep this from popping up!

    Thanks

    Vera



  • 2.  RE: Tamper Protection Alert

    Posted Mar 01, 2012 12:26 PM

    Hello,

     

    I responded to this question in your other post.

    https://www-secure.symantec.com/connect/forums/symantec-tamper-protection-alert-message#comment-6787581



  • 3.  RE: Tamper Protection Alert

    Posted Mar 01, 2012 12:54 PM

    Hi Vera,

    the message indicates that SEP tamper protection suspected ASCService.exe to attack ccApp.exe. ccApp.exe is a SEP process responsible for E-mail scanning.

    Tamper protection shields SEP processes, files and registry entries from attacks.

    Google says that ASCService.exe is a component of Advanced SystemCare, a tool for better performance and security (!). I think that SEP and ASC just crashed.

    I would disable ASC (just because it's not a good idea to run two separate security tools at the same time), or create an exception for ASCService.exe, as described here for SEP SBE:

    Creating a Tamper Protection exception: http://www.symantec.com/docs/HOWTO54866

    HTH!



  • 4.  RE: Tamper Protection Alert

    Posted Apr 02, 2012 04:52 AM

    How to add a centralized Exceptions Policy if you don't already have one to edit

    1. Open the Symantec Endpoint Protection Manager.
    2. Click Policies.
    3. Click Centralized Exceptions.
    4. Click "Add a Centralized Exceptions Policy".
    5. Click OK.
    6. Assign Policy dialog box will pop up.
    7. Click YES to assign the policy to the group or groups of your choice.
    8. Check the box next to the group to which you would like to assign the policy.
    9. Click Assign.