Symantec Endpoint Protection (SEP) graphical user interface (GUI) does not load with Avecto Defendpoint Client (Privilege Guard) installed on the computer.
Avecto Defendpoint Client (Privilege Guard) provides a policy based approach to privilege management. All users log on with standard user accounts and Privilege Guard assigns the necessary rights and privileges to applications.
Avecto Defendpoint Client client hooks in to Symantec Endpoint Protection binary files which does not allow the graphical user interface to load.
The following issues occur when Avecto Defendpoint Client injects, or hooks, into Symantec application and/or services.
The SEP shield does not show up in the system tray.
Unable to launch the SEP interface from the Start menu.
Modify the registry on the computer to add the SEP path to the Avecto Defendpoint client injection/hook exclusion list.
To add a path in the Avecto Defendpoint client exclusion list
Open Regedit. NOTE:This process requires local administrative permissions.
In Regedit, browse to HKEY_LOCAL_MACHINE\SOFTWARE\Avecto\Privilege Guard Client.
Create a new Multi-String value, and name it HookExclusions (or use the existing key, if it is already present), and then double-click the value.
In the Edit Multi-String window, within the Value Data field, type the following values, each on their own line: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\[VERSION]\Bin C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\[VERSION]\Bin64 Where [VERSION] is the version number of the SEP client on the computer. Example: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7004.6500.105\Bin
If you are using a 64-bit operating system, repeat steps 1-4 for HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Avecto\Privilege Guard Client to ensure that you also exclude 32-bit processes.
Restart the computer.
Subscribing will provide email updates when this Article is updated. Login is required.