Symantec Endpoint Protection (SEP) clients scan Microsoft SQL Server files and folders by default.
To minimize the impact of the SEP client Auto-Protect and scheduled scans on the performance of the SQL Server, exclude the folders recommended by Microsoft housing Microsoft SQL Server database files as suggested by the Microsoft article below. For more information on configuring exclusions, see Creating Exceptions Policies in the Endpoint Protection Manager and Configuring Centralized Exceptions policies in Endpoint Protection Manager .
Additional Microsoft SQL server information regarding recommendations pertaining to an acceptable security posture, and based on the organizational requirements of your organization, are detailed in the following Microsoft article: How to choose antivirus software to run on computers that are running SQL Server.
Note: It is necessary to exclude the folders containing these files for maximum effectiveness. Folder based exclusions are processed before Auto-Protect or scheduled scans access a file where file name or extension based exclusions are processed after the scan happens.