For testing, they originally disabled everything "Symantec".
That has all since been put back so SEP is again fully enabled, and all "Symantec related "drivers running again, even a server reboot.
The network driver/provider they moved down was exactly as stated above - the "Symantec SNAC provider".
Go to the network folder and highlight your network connection - ususally the name of the card used to get to the network, choose the menu option Advanced, then advanced settings then provider order tab.
Microsoft techs are routinely telling folks to move the Symantec SNAC provider to the bottom, below Microsoft Windows network, Terminal services and so on.
They claim this is known, and fixes some things - although were not specific.
The drivers are all enabled again, it was SEP they were trying to kill without an uninstall, and they were successful, and it's all enabled again - but with that change in order listed above.
I can get screenshots of that if needed.........
The drivers were killed using the startup config tool to disable drivers and services for testing.
I do NOT know if the provider order has any impact, but it's an interesting coincidence......... and maybe that is ALL it is?