When Symantec EDR policy is applied, certain applications fail to launch
search cancel

When Symantec EDR policy is applied, certain applications fail to launch

book

Article ID: 375683

calendar_today

Updated On:

Products

Endpoint Security Complete

Issue/Introduction

When a Symantec Endpoint Detection and Response (EDR) policy is applied in a Symantec Endpoint Security (SES) environment, certain applications may fail to launch with an error similar to this one:

Unhandled exception has occurred in <application name>. If you click Continue, the application will ignore this error and attempt to continue. If you click abort, the application will close immediately.

Could not load file or assembly 'DotNetHookDllCs, Version=1.0.0.1, Culture=neutral, PublicKeyToken=xxxxxxxxxxxxxxxx' or one of its dependencies. Could not find or load a specific file. (Exception from HRESULT:0x80131621)

Environment

TDAD prior to 14.3 RU9

Cause

This is caused by a know limitation prior to 14.3 RU9 in how we handled certain applications.

Resolution

There are two resolutions to this issue.

 

  1. Upgrade the client to RU9 - RU9 resolves the supportability issue that causes this crash, so upgrading to this version of the client will resolve the issue.
  2. Add a TDAD exception for the application. This is done by adding the process here in the TDAD policy:

 

Powered by Wolken Software