search cancel

Endpoint Protection process ccSvcHst.exe crashes after installing 14.2 RU1

book

Article ID: 175440

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

After installing or upgrading to Symantec Endpoint Protection (SEP) 14.2 RU1 ccSvcHst.exe starts to crash. The faulting module is BashEim.dll.

7/3/2019 12:49:53 AM    Application    Error    Application Error    043-300-28247       1000    "Faulting application name: ccSvcHst.exe, version: 13.4.0.26, time stamp: 0x5bd740a5
Faulting module name: BashEim.dll, version: 14.2.4559.1100, time stamp: 0x5d02842a
Exception code: 0xc0000005
Fault offset: 0x0001fa0b
Faulting process id: 0x67c0
Faulting application start time: 0x01d53161068873ea
Faulting application path: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.4559.1100.105\Bin\ccSvcHst.exe
Faulting module path: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.4559.1100.105\Bin\BashEim.dll
Report Id: b0f8e00b-1ecc-4162-a026-65dc563a8df7
Faulting package full name:
Faulting package-relative application ID:"    

Resolution

This issue is fixed in Symantec Endpoint Protection 14.2 RU2. For information on how to obtain the latest build of Symantec Endpoint Protection, see Download the latest version of Symantec software here.

Possible Workaround:

  1. Disable Tamper Protection or set to Log only.
  2. Open Regedit
  3. Navigate to HKLM\SOFTWARE\WOW6432Node\Symantec\Symantec Endpoint Protection\SMC
  4. Create a new DWORD called MemoryMonitor.  Set the value to decimal 500.
  5. Create a new DWORD called MemoryMonitorFreq and set the value to decimal 1.
  6. Reboot the System.