Early Launch Anti-Mailware status issue
Created: 05 Feb 2013 | 12 comments
Hello everyone,
I am using Symantec Endpoint Protection Manager 12.1.2 and I am currently having an issue. As shown in this screen shot, I have a few clients that are showing the Early Launch Anti-Malware driver status as Disabled. This is causing my home page to show as something is wrong. The thing is, I disabled the Early Launch Anti-Malware in the policy that effects this group. It should show disabled by policy. The other strange thing is, I am not sure how this would have been installed, because these are not Windows 8 machines. These machines are either XP, Server 2000 (ugh, I know...), or Server 2003.
How do I get these to show as disabled by policy, or uninstall the driver from these clients?
Thanks
Discussion Filed Under:
Comments 12 Comments • Jump to latest comment
I'm wondering if this is a bug. If you check that option on the client, what does it show? Should be under Virus and Spyware Protection >> Configure Settings >> ELAM tab
SEP Knowledge Base
Endpoint SWAT
Well, two of the clients are running the older version of Symantec 11 so they don't even have this installed, yet it is still showing disabled.
The other clients have it unchecked and greyed out.
Thanks for your quick response.
Interesting. All my clients show as "Not Installed"
There is no way to create a package without this to my knowledge. If it detects Windows 8 than it will install it. Otherwise it won't.
Looks to be a bug, perhaps a suport call is needed.
SEP Knowledge Base
Endpoint SWAT
Thanks for your quick response. It must be a bug, since my 90 other clients are normal.
Support can confirm. Or if you can live with it...
SEP Knowledge Base
Endpoint SWAT
Definitely a bug - the driver must be installed to be disabled and this won't happen on OS older than windows 8 - contact support for them to check.
Hmm bug?... won't be pretty on the reporting/gui
but other than that won't affect anything
Hello,
The highlighted client (provided in the Screenshot) is that from XP, Server 2000 or Server 2003?
What about the other unhighlighted clients are those either from XP, Server 2000 or Server 2003 machines as well.???
If it is Windows 8 / 2012, then I believe the Early Launch Anti-Malware Settings were disabled from the client machine and that is why we see as "Disabled"
If you have disabled from SEPM, then try disabling and then locking the policy.
Early Launch Anti-Malware Settings are supported on computers that run Microsoft Windows 8 or Later.
I checked this by Disabling the Policy on the SEPM and that affected the Windows 8 and 2012 and I receive the Status as "Disabled by Policy" on the SEPM.
However, In your case, since all the clients are either XP, Server 2000 or Server 2003, this driver would not get installed at all. So, if you are disabling the Early Launch Anti-Malware Settings, these does not get effect on SEP client as this policy either way.
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
Thanks for your reply.
We currently have 0 Windows 8/ Server 2012 machines. All of the machines in the screenshot that show disabled are XP, 2000, 2003. The ones that show not installed are either 2003 or 2008 (R2).
Has to be a bug. Call support to confirm.
SEP Knowledge Base
Endpoint SWAT
can you check this thread
https://www-secure.symantec.com/connect/forums/fir...
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Cent sure.... a bug.. please log a call with Support to confirm and let us know if that helped.
Don't forget to mark your thread as 'solved' or vote with the answer that best helped you!
Would you like to reply?
Login or Register to post your comment.