Symantec Endpoint Protection (SEP) client is observed to be using large amounts of CPU time or hanging on an Exchange server, particularly when trying to stop the SEP service.  In addition, the ProfileManagement.Dat file in C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Config is abnormally large.

Release: 14.3 RU1 or newer.

Problem in processing MS Exchange exclusions in certain situations

This issue has been resolved in SEP 14.3 RU8

For older releases, please refer to the workaround below:

Disable automatic exclusions

To disable the automatic exclusions:

• disable Tamper Protection through policy
• set the value to 1 (reg_dword) on the following registry key:

                    HKLM\SOFTWARE\WOW6432Node\Symantec\Symantec Endpoint Protection\AV\ProductControl\IgnoreExchangeServer

                    On 64-bit systems running 14.3 RU5 or newer, this key is;

                    HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\ProductControl\IgnoreExchangeServer

• Create manual exclusions for Exchange folders following Microsoft guidelines.
• Reboot server