Preventing SEP from scanning files accessed by a trusted process.
searchcancel
Preventing SEP from scanning files accessed by a trusted process.
book
Article ID: 199534
calendar_today
Updated On: 02-19-2025
Products
Endpoint Protection
Issue/Introduction
A performance or deadlock issue which has no vendor-specific solution may be resolved if Symantec Endpoint Protection (SEP) Auto-Protect is configured to skip scanning of files accessed by a third-party process.
Cause
SEP is designed to scan each and every I/O on the file system.
Resolution
To reduce potential for impact where a third-party process on an endpoint may have competing I/O, if this process is implicitly trusted it can be set as a trusted process.
Under the Policies tab, select Virus and Spyware Protection
Click the policy you would like to modify, and select Edit the policy, or Add a Virus and Spyware Protection Policy
Click Auto-Protect on the left-hand side
On the Scan Details tab,Under the Scanning section, click Advanced Scanning and Monitoring...
Ensure the box marked Do not scan files when trusted processes access the files is checked
Check the box marked Enable custom list
Click Customize process list...
Click Add...
Enter in the name of the process without the path (e.g. ClMgrS.exe), and click OK
Click OK three more times to save the changes
You may now apply the policy to a group and confirm the updated policy resolves the issue.
Additional Information
As of SEP 14.3 RU2, Auto-Protect Custom Process List is only supported in Windows. If you want Auto-Protect Custom Process List to be supported in other operating systems such macOS and Linux, please send us an enhancement request.
Auto-Protect Custom Process List is some times referred as "Real-time protection process exclusion list"