The Symantec Endpoint Protection (SEP) client generates many folders in the C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\ErrMgmt\Queue\Incoming.
These files and folders consume a large amount of disk space.
The application or process crashes may not be related to SEP.
When installing SEP, SymQual and Windows Error Reporting debug settings are added to the Windows registry. When an application or process crashes, files and folders are generated, and data is sent to Symantec. If the SEP client is unable to transmit this data to Symantec, these files and folders will remain on disk and consume disk space.
Investigate other applications or processes that are crashing, and implement a fix as necessary. This will stop any additional creation of files and folders.
Additionally, ensure that the SEP clients are able to access all required URLs. See Required exclusions for proxy servers to allow Endpoint Protection to connect to reputation and licensing servers. Once the SEP clients submit the data to Symantec, they delete the data on disk.
To fully disable submissions and prevent data accumulation:
- In the Symantec Endpoint Protection Manager, go to Admin > Servers > Local Site > Edit Site Properties > Data Collection.
- Uncheck "Let clients send troubleshooting information to Symantec to resolve product issues faster."
Disable SymQual monitor
To disable SymQual's monitor for specific applications or processes:
- Disable Tamper Protection.
- At the command line, disable SEP with
- Delete the files in the folder, C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\ErrMgmt\Queue\Incoming.
- In the Windows Registry Editor, create a backup, and then navigate to the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps
- Delete any unnecessary subkeys.
Note: Any subkeys that have a "DumpFolder'" value of "C:\ProgramData\Symantec\Data\LocalDumps" are the processes that we monitor.
- At the command line, restart SEP with
- Re-enable Tamper Protection.