If an Endpoint FlexResponse plug-in uses code to create a file that contains sensitive data, any USB copy event that triggers the plug-in results in multiple copies of the file, and multiple incidents logged to the Enforce Server administration console.

Follow these steps to configure the plug-in host application process (PLGH.EXE) to ignore all types of activity:

1. Login to the Enforce Server administration console with Administrator privileges.
2. Select System > Agents > Application Monitoring.
3. Click Add Application.
4. Enter the following information in the Application Information fields:
   •  Name (required): Enter PluginHost or any other name for this configuration.
   •  Internal Name: Enter PluginHost\.exe
   •  Original Filename: Enter PluginHost\.exe
5. Deselect the following items in Application Monitoring Configuration section:
   •  Network Access
   •  Print/Fax
   •  Send to Clipboard
   •  Filesystem Activity
6. Click Save.

Symantec will release a hotfix for this issue in the near future.