smc -stop will not disable SEP. Otherwise you can stop the SEP service from services.msc. This should disable it.

If you have NTP installed, you can right click the SEP icon in the task tray and select "Disable", this will disable the NTP component.

You can check this as well:

Disabling the Symantec Endpoint Protection client Network Threat Protection and Intrusion Detection System components

smc -stop was the first thing I did. I went into services and made sure all Symantec services were stopped. So currently no Symantec services are running, including the SEP service and SMC.

what version of SEP?
is the "Symantec Endpoint Protection" stopped too?

12.1 RU1 MP1

Yes, the Symantec Endpoint Protection service is stopped. Symantec Management Client service is off. 

I feel the issue is elsewhere, but whenever there's a problem it seems like they always say "It's Symantec". I turned everything off so that it couldn't be seen as that the exclusions weren't working. The vendor's documentation actually says to disable real time protection in any AV program running on one of these servers, permanently.

yes exclusions are the correct way to check. it should be stopped, can you check this registry entry to know if AP is off or on
HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan\OnOff

That's set to one (under wow6432node). Does that mean that Realtime Protection is currently running, or just that it would be if the services were started?

yes, 1 represents on, change it o in registry and check the reindex. also suggest to open a support ticket.