Symantec Corporate Auto-Protect disabled on user level account WinXP

Posted on 2009-04-02
Last Modified: 2013-12-09
I have some workstations (XP SP-2) that are coming up with the Symantec client Auto-Protect disabled.  However, this is only happening on the user level logons.  When we go in with an administrator level account, the client initiates without issue.

I've been researching and some say that the definitions could be at issue (corruption or access rights).  If it were corruption, I don't think the admin level accounts would be ok.  And I've double checked the access to the definitions directories and user level accounts have full access.

Any ideas?  Thanks in advance for your response.

Question by:ShuttleDIK
  • 5
  • 2
LVL 15

Expert Comment

ID: 24056788

Here's the solution to your problem:

A Symantec Certified Specialist @ your service

Author Comment

ID: 24076207
Yep - I checked that one.  Unfortunately - 1) I don't have admin access to the Symantec controls (only to the Domain OU & local PCs - the Symantec installation sits higher up the Domain chain).  and 2)  Tamper Protection isn't enabled on the clients.

I did have some luck with rolling back the definition version.  So that might end up being the solution.  I need to see more examples of the failure before I can close this out.

Thanks for responding, though!!  Much appreciated.

Author Comment

ID: 24087516
Well, "fixing" the definitions only works sometimes.  I still end up with User level accounts having the Auto-Protect disabled and the Admin accounts enabled on many machines.

XMachine, can you confirm in the attached jpg that the Tamper Protection is indeed off?  Thanks!
If the symptom is the same, perhaps there's a different but similar cause?

Thanks again for your help.  I'm upping the point value 'cause it's taking more work here than I expected.

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

LVL 15

Assisted Solution

xmachine earned 50 total points
ID: 24090555
Yes, it's off and locked.

Author Comment

ID: 24091197
Right.  The Symantec servers sit above the OU which we manage and therefore we do not administer it.  But we do administer the workstations on which the client is running.  I think something is happening when a user is logged in and new virus defs are pushed down.  Many machines I'm able to copy over definitions from a working PC and the lil' red circle goes away.  However, I have a couple where that just doesn't fly.

Thanks again,

Author Comment

ID: 24097636
Most all of the workstations now are Auto-Protecting properly now, with various re-implementations of the Virus Definitions.  I still have one lonely machine that will not Auto-Protect on a User Level account.

I did a fresh clean of the virus defs again(I'm doing this manually). And this time when I logged in as a user, the VPTray icon first yielded the yellow exclamation point for 20 second, the reverted back to the red circle.

Is there perhaps an ini, dat or cfg file in which I could confirm the Tamper Protection setting?  The screenshot posted before is from an admin log in to the workstation, the user level doesn't let you view the GUI configuration.


Accepted Solution

ShuttleDIK earned 0 total points
ID: 24098219
Ok, after a re-build & compression of the registry on my last lingering faulty machine, the Auto-Protect is again working.

So the fix was to clean out the virus-defs & replace with known working copies.  Rebuild & compress the registry.  If this somehow addressed any active Tamper Protection issues, I wouldn't have confirmation about that.

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Download screen comes up repeatedly in an endless loop 2 225
Trojan blocked 11 91
vMware vShield Endpoint 6.0 4 85
VMware Black Screen 13 107
PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question