Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Symantec Corporate Auto-Protect disabled on user level account WinXP

Posted on 2009-04-02
Medium Priority
Last Modified: 2013-12-09
I have some workstations (XP SP-2) that are coming up with the Symantec client Auto-Protect disabled.  However, this is only happening on the user level logons.  When we go in with an administrator level account, the client initiates without issue.

I've been researching and some say that the definitions could be at issue (corruption or access rights).  If it were corruption, I don't think the admin level accounts would be ok.  And I've double checked the access to the definitions directories and user level accounts have full access.

Any ideas?  Thanks in advance for your response.

Question by:ShuttleDIK
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
LVL 15

Expert Comment

ID: 24056788

Here's the solution to your problem:

A Symantec Certified Specialist @ your service

Author Comment

ID: 24076207
Yep - I checked that one.  Unfortunately - 1) I don't have admin access to the Symantec controls (only to the Domain OU & local PCs - the Symantec installation sits higher up the Domain chain).  and 2)  Tamper Protection isn't enabled on the clients.

I did have some luck with rolling back the definition version.  So that might end up being the solution.  I need to see more examples of the failure before I can close this out.

Thanks for responding, though!!  Much appreciated.

Author Comment

ID: 24087516
Well, "fixing" the definitions only works sometimes.  I still end up with User level accounts having the Auto-Protect disabled and the Admin accounts enabled on many machines.

XMachine, can you confirm in the attached jpg that the Tamper Protection is indeed off?  Thanks!
If the symptom is the same, perhaps there's a different but similar cause?

Thanks again for your help.  I'm upping the point value 'cause it's taking more work here than I expected.

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

LVL 15

Assisted Solution

xmachine earned 200 total points
ID: 24090555
Yes, it's off and locked.

Author Comment

ID: 24091197
Right.  The Symantec servers sit above the OU which we manage and therefore we do not administer it.  But we do administer the workstations on which the client is running.  I think something is happening when a user is logged in and new virus defs are pushed down.  Many machines I'm able to copy over definitions from a working PC and the lil' red circle goes away.  However, I have a couple where that just doesn't fly.

Thanks again,

Author Comment

ID: 24097636
Most all of the workstations now are Auto-Protecting properly now, with various re-implementations of the Virus Definitions.  I still have one lonely machine that will not Auto-Protect on a User Level account.

I did a fresh clean of the virus defs again(I'm doing this manually). And this time when I logged in as a user, the VPTray icon first yielded the yellow exclamation point for 20 second, the reverted back to the red circle.

Is there perhaps an ini, dat or cfg file in which I could confirm the Tamper Protection setting?  The screenshot posted before is from an admin log in to the workstation, the user level doesn't let you view the GUI configuration.


Accepted Solution

ShuttleDIK earned 0 total points
ID: 24098219
Ok, after a re-build & compression of the registry on my last lingering faulty machine, the Auto-Protect is again working.

So the fix was to clean out the virus-defs & replace with known working copies.  Rebuild & compress the registry.  If this somehow addressed any active Tamper Protection issues, I wouldn't have confirmation about that.

Featured Post

Enroll in September's Course of the Month

This month’s featured course covers 16 hours of training in installation, management, and deployment of VMware vSphere virtualization environments. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to provide information to successfully install the MS SQL client tools for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technology…
For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (, the Zone Advisor for the Virus and …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question