• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3173
  • Last Modified:

stopping Symantec services and deleting old virus definition files

stopping Symantec services.

I am trying to stop the following services:
Symantec endpoint protection
Symantec Management Client
but the stop button is greyed out.

Though I am logged in to a domain controller as domain admin, but still cannot stop the services I indicated.
I need to stop the services so that I can deleted old virus definition files which are taking too much space

any help will be very much helpful

Thanks
0
jskfan
Asked:
jskfan
  • 5
  • 5
2 Solutions
 
Gareth GudgerCommented:
Open a command prompt.

Change the directory to where SEP is installed.

Type the following command.

"smc -stop"

This will stop all services related to SEP. There is a space in between SMC and -STOP

Also, SMC -START will restart all services when done.
0
 
jskfanAuthor Commented:
it prompts for password when I type my domain admin password it does not take it
0
 
Gareth GudgerCommented:
Ah. Someone must have configured a password in the Policies to disable the AV services.... do you have access to the Symantec EndPoint Protection Manager where you can move this server into a new group, apply a different policy to it, or, remove the setting that says service stops require a password?
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

 
jskfanAuthor Commented:
The service is started, however everything is greyed out, I cannot disable it nor start it nor stop it...though I am logged in to the domain controller as Domain Admin
0
 
Gareth GudgerCommented:
Yea it doesn't matter what credentials you have on the domain itself. This service shutdown password is set in Symantec EndPoint Protection Manager and the SEP Tamper Protection makes sure you have that password. Can you access SEPM to change or remove this password? Its easy to do.
0
 
jskfanAuthor Commented:
I managed to stop the service, but still cannot delete the folders under VirusDef, I get a message: You require permissions from Administrators to make change to this folder
0
 
Gareth GudgerCommented:
Check this article. It list the files and folders specifically to look for and delete.
http://www.symantec.com/business/support/index?page=content&id=TECH102927
0
 
jskfanAuthor Commented:
This helped me delete the files

To disable Tamper Protection for an individual client:

1.Open the client interface and go to Change Settings on the left.  
2.Click "Configure Settings" next to Client Management.
3.Select the "Tamper Protection" tab and uncheck the box that says, "Protect Symantec security software from being tampered with or shut down."
0
 
Gareth GudgerCommented:
Ah nice. That's surprising they had password protected the services from being shut down and not blocked changes to the Tamper Protection. Normally its all or nothing. But glad you got it resolved.
0
 
jskfanAuthor Commented:
Thanks
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now