Symantec Data Loss Prevention (DLP)
Endpoint Agent
You are receiving below mentioned errors while installing DLP Endpoint Agent on endpoint machines:
2016-12-02 13:59:52 | PreInstallCleanup | SEVERE | FindAndRemoveDriver(): OpenSCManager failed: Access is denied
action: DecryptFile():
'C:\Users\ADMINI~1\AppData\Local\Temp\cg.ead': failed, Error: 87
--result: The parameter is incorrect
Windows 10
This issue is caused because of OS hardening or permissions due to which Symantec DLP Endpoint Agent is unable to invoke its DLLs and access certain registry keys.
1. Download Process Monitor from https://technet.microsoft.com/en-us/sysinternals/processmonitor.aspx and then run it
2. Click on the below shown icons to disable them. You will find these icons just below the Menu Bar
3. Click on the filter icon
4. Look for any item under the Action column that says “Include”. Uncheck them if there are any
5. Select “Process Name” as the first condition, “is” as a second condition, type “msiexec.exe” as a third condition and “Include” as a last condition
6. Click “Add” and then click to save changes
7. Run Symantec DLP Endpoint Agent installer and follow it till the error is received
8. Click on File menu and click Save
9. Select below highlighted options, select Format as CSV, select the path where you would like to save your report and click Ok
10. Open the saved CSV file in a excel spreadsheet and add a filter to Result column
11. It will look something like this
12. Click on the filter, uncheck Select All, select Access Denied, and then click OK. This will filter out Access Denied results on file and registry paths due to which the issue is happening