Some applications or file shares are not able to function normally after installing Symantec Endpoint Protection with AV/AS feature and the issue is resolved if File System Auto-Protect (AP) is disabled. It may be required for some conditions or situations that you to disable the "deferred scanning" feature in Auto-Protect to either work around a known issue, to test a specific condition, or to alter the timing of file scans by Auto-Protect.
There are a variety of conditions where disabling this feature may be used and implemented as a work around or isolation test for when the issue is resolved or does not reproduce when Auto-Protect is disabled. Some examples may include and are not limited to only these examples:
Auto-Protect (AP) optimizes its scan based on I/O & CPU overheads. The AP Deferred Scan feature is utilized when high disk I/O is happening in a system (for example the copying of large files) or in the case of re-scanning a file after definition update. While copying large number of files it puts files in a queue which are not getting accessed for immediate READ/EXECUTE action. Scan thread picks files from the queue & scan is performed on them as early as possible. If any process tries to read/execute file which is already there in queue, then it gets scanned immediately for security reasons.
By default the Deferred Scan feature is Enabled and it will delay the scan. To disable the Deferred Scan feature: