SymQual statistical analysis allows to detect emerging issues in your environment. It is therefore recommended to enable submissions of crash-related data on systems running Symantec Endpoint Protection (SEP) to Symantec. With that said, your security policy, or a specific situation might dictate that not only submissions should be disabled at a site-wide level (by unchecking SEPM > Admin > Servers > Local Site > Edit Site Properties > Data Collection > "Let clients send troubleshooting information to Symantec to resolve product issues faster.", which is the preferred way of disabling submissions to Symantec), but also that the Symantec Endpoint Protection Error Processor scheduled task should be deleted.
While it is not possible to delete the scheduled task (it will be recreated if found missing when the SepMasterService is started), it is possible to create a Disable Symantec Endpoint Protection Error Processor task that counter-acts all its possible actions. Towards that end, save the file in attachment to the C: drive of the system where the task is to be disabled. Next, open an administrative Command Prompt (cmd.exe) window and run the following command:
schtasks /create /xml "C:\Disable Symantec Endpoint Protection Error Processor.xml" /tn "Symantec Endpoint Protection\Disable Symantec Endpoint Protection Error Processor"
To achieve the same on a large number of systems, replace C:\ by %LOGONSERVER%\netlogon\ in the above command and place the XML file on your domain controllers’ netlogon share, where it is accessible to all clients in your domain. In this fashion, allowing its use in a login script.
The newly created scheduled task will disable the Symantec Endpoint Protection Error Processor scheduled task:
The task was optimized to ensure it does this in any and all circumstances: