Endpoint Protection

View Only

Back to discussions

Expand all | Collapse all

Tamper Protection Alert

Jump to Best Answer

1. Tamper Protection Alert

0 Recommend
Migration User
Posted Jun 06, 2013 05:26 AM

Reply Reply Privately
Check the Event - 45, Application is block by symantec. Please help

I have stop the smc to run this application.
2. RE: Tamper Protection Alert
Best Answer

0 Recommend
Migration User
Posted Jun 06, 2013 05:29 AM

Reply Reply Privately
hello,

It's managed sep client or unmanaged client ?

as per screen shot Tamper Protection blocked your application.You can create exceptions for Tamper Protection in sepm server.

Check some of artical

Creating a Tamper Protection exception

Article:HOWTO55213 | Created: 2011-06-29 | Updated: 2011-12-17 | Article URL http://www.symantec.com/docs/HOWTO55213

How to Create Exceptions or Exclusions for Tamper Protection Alerts that have already been logged

Article:TECH92553 | Created: 2009-01-24 | Updated: 2010-01-23 | Article URL http://www.symantec.com/docs/TECH92553
3. RE: Tamper Protection Alert

0 Recommend
Migration User
Posted Jun 06, 2013 05:38 AM

Reply Reply Privately
Hello,

You can creat the Exception for this application using Tamper Protection

Check the PETE comment

https://www-secure.symantec.com/connect/forums/symantec-tamper-protection-alert-8#comment-6896891

*Edit*

http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/c291bf8d5d97b5f68025736200576f9d?OpenDocument

Creating exceptions for Symantec Endpoint Protection

Article:HOWTO55204 | Created: 2011-06-29 | Updated: 2011-12-17 | Article URL http://www.symantec.com/docs/HOWTO55204
4. RE: Tamper Protection Alert

0 Recommend
Broadcom Employee

pete
Posted Jun 06, 2013 05:43 AM

Reply Reply Privately
have you put under tamper protection exception which is available in SEP 12
5. RE: Tamper Protection Alert

0 Recommend
Broadcom Employee

Chetan Savade
Posted Jun 06, 2013 07:21 AM

Reply Reply Privately
Hi,

You should check this article

How to Create Exceptions or Exclusions for Tamper Protection Alerts that have already been logged

http://www.symantec.com/docs/TECH92553

If you have already created exception and still facing problem then need to follow this workaround

Possible Workarounds:

It may be possible to work around or resolve this issue either by updating the application for which the Tamper Protection alerts are being generated, or by updating the SEP client version on the affected machines. A future version of the product may make the Tamper Protection alert optional, offering a different alternative to exclusions for avoiding overly frequent alerts.

Symantec Endpoint Protection (SEP) clients generating Tamper Protection alerts on excluded applications

http://www.symantec.com/docs/TECH171057
6. RE: Tamper Protection Alert

0 Recommend
ℬrίαη
Posted Jun 06, 2013 07:40 AM

Reply Reply Privately
You're on the first version of SEP 12.1. You should consider upgrading to the latest version.
7. RE: Tamper Protection Alert

0 Recommend
Trusted Advisor

Mithun Sanghavi
Posted Jun 06, 2013 11:59 AM

Reply Reply Privately
Hello,

Check this Thread with similar issue :

https://www-secure.symantec.com/connect/forums/sep-121-tamper-protection-alert-fills-event-log

Create a Tamper Protection exception for C:\Program Files(x86)\Alnet systems\Net Professional\professional\vdrs startdrs.exe

Below KB can help you in this:

Creating a Tamper Protection exception

On a Kind Note: Please migrate to the Latest version of SEP 12.1 RU2 and above:

Best practices for upgrading to the latest version of Symantec Endpoint Protection 12.1.x

http://bit.ly/T1gCU2

Hope that helps!!
8. RE: Tamper Protection Alert

0 Recommend
AjinBabu
Posted Jun 07, 2013 05:04 AM

Reply Reply Privately
HI,

Tamper Protection provides real-time protection for Symantec applications on servers and clients. It protects Symantec processes from non-Symantec processes such as worms, Trojan horses, and viruses.

When Tamper Protection is enabled, you can have it perform one of the following actions:

Log attempts to modify Symantec applications.

Block attempts to modify Symantec applications and log the attempt.

If you found these process are required you can create exceptions against tamper protection.

http://www.symantec.com/business/support/index?page=content&id=TECH183201

Regards

Ajin

Endpoint Protection

Tamper Protection Alert

Migration UserJun 06, 2013 05:26 AM

Migration UserJun 06, 2013 05:29 AMBest Answer

Migration UserJun 06, 2013 05:38 AM

peteJun 06, 2013 05:43 AM

Chetan SavadeJun 06, 2013 07:21 AM

ℬrίαηJun 06, 2013 07:40 AM

Mithun SanghaviJun 06, 2013 11:59 AM

AjinBabuJun 07, 2013 05:04 AM

1. Tamper Protection Alert

2. RE: Tamper Protection Alert Best Answer

Creating a Tamper Protection exception

How to Create Exceptions or Exclusions for Tamper Protection Alerts that have already been logged

3. RE: Tamper Protection Alert

Creating exceptions for Symantec Endpoint Protection

4. RE: Tamper Protection Alert

5. RE: Tamper Protection Alert

6. RE: Tamper Protection Alert

7. RE: Tamper Protection Alert

8. RE: Tamper Protection Alert

2. RE: Tamper Protection Alert
Best Answer