Autoprotect Off - Status false positives
From the SEPM console - 'Status Summary' I see a big number of clients' Autoprotect status as Off. After cross checking I'm finding most of machines appearing in this report are false positives. So I was trying to get the 'true' status of the Clients somehow. I know there is a registry entry associated with this (SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan > OnOff keyvalue). But this is also not showing the right status, I mean ideally if OnOff = 1, Autoprotect is enabled, but this was not always true from my cross checking of the clients. Do any one have a clue as to how to get the right status of the client. I'm using RU6MP2 version. In many cases it was like this, in the client's system log an error 'warning' is generated "Symantec Endpoint Protection Auto-Protect failed to load." but in the subsequent updated definitions I noticed that this got automatically fixed but it did not leave any clue that things got fixed.