ASC 5 and SEP

[cindywilson]

Hello,

I just installed ASC5 on an XP machine running Symantec Endpoint Protection 11 (unmanaged client). SEP keeps giving me a message on ASC saying it is trying to modify the smcgui.exe file. It pops up frequently.

 

I thought I could put smcgui.exe file on the ignore list within ASC but I can't seem to be able to do this. I think it might be the active boost feature in ASC.

 

Please help!

[enoskype]

Hi cindywilson, welcome to IObit forum! :grin:

 

smcgui.exe being the Symantec Agent Firewall file, you should put ASC5 in the ignore list of Symantec Endpoint Protection 11. It shouldn't work vice versa.

 

Perhaps, changing the security permissions of the smcgui.exe file and giving acces to administrators and system can be a remedy too.

 

Cheers.

[thomas_symantec]

Hello,

 

Depending on the pop-up message, You may be able to add a rule in your firewall to allow for the ASC5 application.

 

Firewall Policies on Unmanaged Clients

 

http://www.symantec.com/business/support/index?page=content&id=TECH105725&locale=en_US

 

If this is a known good application being detected as a threat, you can file a False Positive report with the Symantec Security Response folks.

 

https://submit.symantec.com/false_positive/

 

 

I hope this is helpful.

 

Best,

Thomas

[enoskype]

Welcome to IObit Forum Thomas! :grin:

 

Thanks for the info, since you are from Symantec, perhaps you could help for ASC5 to be accepted as a false positive in Symantec, as it is not easy for the users to know the details per the process of submitting as asked in your posted link.

 

Thanks again and cheers.

[Cicely]

Hi cindywilson,

 

Sorry for the inconvenience, we will look into issue, please kindly help us.:smile:

 

1) Please provide the specific version and the download link of the your Symantec Endpoint Protection.

 

2) Please take a screenshot of the notification you got and send it to us, we will look into it.

 

Guide for Taking Screenshots:

 

http://graphicssoft.about.com/cs/general/ht/winscreenshot.htm

 

Thanks in advance!;-)

[bg3075]

Have you tried to create an exception / allowance in SEP 11 for ASC 5? I uninstalled ASC 5 already and re-installed version 4, prior to reading this thread.

[thomas_symantec]

Welcome to IObit Forum Thomas! :grin:

 

Thanks for the info, since you are from Symantec, perhaps you could help for ASC5 to be accepted as a false positive in Symantec, as it is not easy for the users to know the details per the process of submitting as asked in your posted link.

 

Thanks again and cheers.

 

The submission process will be your best bet at getting ASC5 added for exception once proven it is a false positive.

 

https://submit.symantec.com/false_positive/

 

 

Regards,

Thomas

[enoskype]

OK Thomas, then the best bet should be user cindywilson following the submission procedure, or Cicely directly contacting Symantec.

 

Thanks and cheers.

[cindywilson]

Clarification

 

The notification I am getting is a Symantec tamper protection alert with the target being SEP's ccsvchst.exe and the actor process being ASC5's ascservice.exe.

 

Maybe I'm off base but I don't think that is a false positive but rather ASC trying to modify/remove/stop one of SEP's services. Is that correct? And if so, isn't that something to be fixed on Iobit's end?

[Melvin_Deal]

Hi bg3075.

 

So you had a similar event and went back to ASC4 to circumvent?

 

I think CindyWilson is correct... that this is to be corrected on the Iobit side.

 

-Mel

[cindywilson]

I'm getting a tamper protection alert from symantec (see my post from 11/30 for exact details). I don't think it is an issue for Symantec but for Iobit because ASC seems to be trying to interfere with SEP. I am using several versions of SEP...11.0.4, 11.0.6 and 12.1

[solbjerg]

hi cindywilson

Can't you make do with one Symantec Endpoint Protection (SEP)?

Symantec/Norton has previously been known to erroneously block and warn against IObit Products.

Cheers

solbjerg

 

I'm getting a tamper protection alert from symantec (see my post from 11/30 for exact details). I don't think it is an issue for Symantec but for Iobit because ASC seems to be trying to interfere with SEP. I am using several versions of SEP...11.0.4, 11.0.6 and 12.1