search cancel

Software that performs very repetitive network file access is slower with SEP installed


Article ID: 159313


Updated On:


Endpoint Protection


With Symantec Endpoint Protection (SEP) Antivirus component 12.1 installed, a piece of software that performs very repetitive network file access is slower to start or to work with.

  • The software is accessing a large number of files or queries a large number of directories over a UNC path or mapped drive.
  • The slowness is seen with only the Antivirus component of SEP installed.
  • The slowness is seen even with the Network Scanning feature disabled.
  • The slowness does not go away when using file or folder exclusions.



The Auto Protect Network Trust feature within SEP adds two registry keys that disables a part of the SMB2 Client Redirector Cache. The keys are necessary for reliable operation of the trust feature, but can be removed if trust is not used (or if network scanning is disabled altogether).

For further details about the SMB2 Client Redirector Cache please see:



  • Remove the following two registry values that were added by the SEP installation:

    Value: FileNotFoundCacheLifetime
    Value: DirectoryCacheLifetime
  • Uncheck the "Trust files on remote computers running Auto-Protect" option in the "Network Scanning Settings" section of the SEP Autoprotect Advanced Options.
  • Reboot to make the registry changes take effect.