Access denied or Error: 87 while installing Symantec DLP endpoint agent
search cancel

Access denied or Error: 87 while installing Symantec DLP endpoint agent


Article ID: 184253


Updated On:


Data Loss Prevention Endpoint Prevent


Symantec Data Loss Prevention (DLP)
Endpoint Agent

You are receiving below mentioned errors while installing DLP Endpoint Agent on endpoint machines:  


2016-12-02 13:59:52 | PreInstallCleanup | SEVERE | FindAndRemoveDriver(): OpenSCManager failed: Access is denied

action: DecryptFile():
'C:\Users\ADMINI~1\AppData\Local\Temp\cg.ead': failed, Error: 87
--result: The parameter is incorrect


Windows 10


This issue is caused because of OS hardening or permissions due to which Symantec DLP Endpoint Agent is unable to invoke its DLLs and access certain registry keys.


1. Download Process Monitor from and then run it
2. Click on the below shown icons to disable them. You will find these icons just below the Menu Bar

3. Click on the filter icon

4. Look for any item under the Action column that says “Include”. Uncheck them if there are any

5. Select “Process Name” as the first condition, “is” as a second condition, type “msiexec.exe” as a third condition and “Include” as a last condition

6. Click “Add” and then click to save changes

7. Run Symantec DLP Endpoint Agent installer and follow it till the error is received
Click on File menu and click Save

Select below highlighted options, select Format as CSV, select the path where you would like to save your report and click Ok

Open the saved CSV file in a excel spreadsheet and add a filter to Result column

It will look something like this

12. Click on the filter, uncheck Select All, select Access Denied, and then click OK. This will filter out Access Denied results on file and registry paths due to which the issue is happening