Endpoint Protection

Hi, On one virtual server I have installed sep, and then disable the smcgiu.

Now I can't open sep on the virtual machine, can see smc.exe running under task manager,, also the client is connecting fine to sepm and updating but it seems not to be able to enable- Auto-protect on that client.

I have tried through sepm under logs to send the "enable auto-protect" command to the client, and it says completed 100% after a while but when i check client status, this one still don't have auto-protect enable.

So thats why i wanted to open sepm on the client and enable it from there but can't at all..

please help, anyone...

cheers

Ash

If you disable smcgui.exe then you can't open SEP client.

 this one still don't have auto-protect enable ....

is the RTVscan is running as services?

What is the SEP version installed on the machine?

Check wheter symantec enpont service is running.If no try to start it manually.If still having problem try to repair it from add/remove programs..

you disabled the interface so not able to open it.

check if its enabled via registry, you can test it using eicar test

KEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan" to 0 from 1

0 is disabled, 1 is enabled.

Re-enable smcgiu.

If you don't want users to access the local client try putting a password on it.

Goto SEPM polices for that group General Settings > Security Settings then tick Require a password to open the client user interface. This will request the user to put in a password if they try and open the client.