Some Endpoint Protection (SEP) clients report an old last scan date and scheduled scans do not start as planned in the Virus and Spyware Protection policy.

The GUI shows Last Scan at an old date while the Next Scheduled Scan seems planned as per policy.
Based on the below registry REG_DWORD it seems that the last scan started as planned by policy.

KEY: HKLM\software\wow6432node\symantec\symantec endpoint protection\av\localscans\[Generally the first key. A series of letters and numbers that correspond to the ScanGuidID]\schedule
Value REG_DWORD: laststart

N/A

The below registry REG_DWORD shows a date set in the past.

KEY: HKLM\software\wow6432node\symantec\symantec endpoint protection\av\localscans\[Generally the first key. A series of letters and numbers that correspond to the ScanGuidID]\schedule
Value REG_DWORD: nextscanafter

1. Back up the Windows Registry before making any changes.
2. Disable Tamper Protection as per http://www.symantec.com/docs/TECH192023.
3. If open, exit the SEP GUI.
4. On Windows go on Start > Run > enter the following command without quotes: “smc -stop”.
5. Open Regedit and modify the below registry value. The value is hexadecimal and should represent the next scan date and time set in the policy. You can copy it from a machine that has no issue or you can convert it on http://www.epochconverter.com.
   
   KEY: HKLM\software\wow6432node\symantec\symantec endpoint protection\av\localscans\[Generally the first key. A series of letters and numbers that correspond to the ScanGuidID]\schedule
   Value REG_DWORD: nextscanafter
    
6. Exit Regedit.
7. On Windows go on Start > Run > enter the following command without quotes: “smc -start”.
8. Wait until the next scheduled scan. It should happen as planned.