Exclude the SmcGui.exe (sep11) process in your TS/RDS/XenApp servers

If like us, you are lucky to have SEP11 (Symantec Endpoint Protection) in your architecture, so you probably noticed that the SmcGui.exe process is launched along with each session of your server XenApp or TS/RDS.

In order to get off the SmcGui.exe process, you just have to follow the TECH105060 article from Symantec.

To wrap up, create the value DWORD : HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\LaunchSmcGui = 0

And if you wish to save some RAM on your server, then suppress the value ccApp, in HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (32 bits) or HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run (64 bits), afin de ne pas charger ccApp.exe.


Dans notre cas un serveur 2008 R2

If  your AD is in 2008, so the best, of course, is to implement a prefered GPO, with a WMI filter (example : Select * from Win32_Processor where DeviceID=”CPU0″ and AddressWidth=”32″ or Select * from Win32_Processor where DeviceID=”CPU0″ and AddressWidth=”64″)

If you want to use your preferred GPOs, on a 2003 server, so, you will have to install KB943729 in order to have preferred GPO applied

And for AD2003, there is also the option to go through a RegToAdm for the creation of the value LaunchSmcGui

SEP11-Exclude_SmcGui.reg
SEP11-Delete_SmcGui_Run_ccApp_64_Bits.reg
SEP11-Delete_SmcGui_Run_ccApp_32_Bits.reg

Post to Twitter

Leave a Reply

Your email address will not be published. Required fields are marked *

*