Our company has been dealing with a nagging issue for the last week or two. I have tried multiple fixes but ultimately I believe it has to do with our recent Symantec Endpoint Protection Manager migration to a new server and client SEP upgrades from v12 to v14.2.
Upon logging on in the morning, users will get an error: “Windows could not connect to the System Event Notification Service service”
After a reboot (usually just one, sometimes 2 or 3), they will be able to log in again. This only affects Windows 7 and 8.1 users, not Windows 10. It does not seem tied to Group Policy as users are spread across various OU’s and no changes have been made recently.
We have tried:
- Symantec update to 14.2.1031.0100
- Patching windows
- Rejoining domain
- Forcing group policy update
- Netsh winsock reset
- Phone reboots (Act as switches for the PC’s)
- Reg key edits: https://appuals.com/fix-windows-could-not-connect-to-the-system-event-notification-service/
- Setting Group Policy Service (gpsvc) to Automatic startup type
- Setting DHCP Client service to Automatic startup type
- Uninstalling KB2952664
- Rafeeq’s registry edit suggestion (Didn’t find these keys at all): https://www.symantec.com/connect/forums/symantec-endpoint-protection-blocks-system-event-notification-service-starting
So ultimately I am wondering if there are any settings within Symantec Endpoint Protection that could be causing this issue. I greatly appreciate any and all input.