Windows Security Center reports problem with Endpoint Protection
search cancel

Windows Security Center reports problem with Endpoint Protection


Article ID: 175328


Updated On:


Endpoint Protection


Windows Security Center (WSC) on Windows 10 machines reports problems with Symantec Endpoint Protection (SEP)

WSC error is either "Symantec Endpoint Protection is snoozed and your device may be unprotected" or "Symantec Endpoint Protection is off and your device may be unprotected"

sepWscSvc (a Symantec SEP service) will be noted as stopped, and attempts to restart it produce an error, for example: 

C:\Windows\system32>sc start sepwscsvc
[SC] StartService FAILED 577:

Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.



SES/SEP 14.3 RU6


This is related to the introduction of the sepWscSvc SEP service and it's dependence upon SymELAM; sepWscSvc will not start if SymELAM is disabled


Make sure SEP's SymELAM (Early Launch Anti-Malware) driver is installed and enabled in Virus and Spyware Protection policy.

Since sepWscSvc was first introduced, it is required that the SymELAM driver be enabled if customer is running SEP 14.2 RU1 or newer on Windows 8 and above.

As of Windows 10 v1903, it is sufficient that the SymELAM driver is installed (not necessarily enabled) for sepWscSvc to start.


Note:  Running Repair on the Symantec Endpoint Protection might fix the issue.