You need to confirm that Symantec Endpoint Protection 11 (SEP 11) is configured to scan all files. How can it be verified that no files or folders are excluded from scans?
Before you begin: This document applies only to Symantec Endpoint Protection 11. If you use Symantec AntiVirus Corporate Edition 10.x (SAV 10.x) or Symantec Client Security 3.x (SCS 3.x), read How to verify that a Symantec corporate antivirus product is set to scan all files. If you use one of the Norton AntiVirus or Norton AntiVirus Professional 200x line of products, such as Norton 360 version 3 or a Norton 2009 product, read How to configure Norton AntiVirus to scan all files.
How to Confirm Exclusion Settings for all Managed SEP 11 Clients:
- Launch the Symantec Endpoint Protection Manager (SEPM) Console.
- Select the Policies option from the left-hand column.
- Select Centralized Exceptions from the "View Policies" section.
- Ensure that, for any centralized exception policies created, the location use count is 0. Unassign or delete any policies that have been created.
Policies created and assigned in the SEPM will be applied to all managed SEP clients in the network.
How to Confirm Exclusion Settings for an Unmanaged SEP 11 Client:
- Open the Symantec Endpoint Protection Client interface.
- Select "Change Settings" from the left-hand column.
- Select Configure Settings for "Antivirus and Antispyware Protection."
- Select the "File System Auto-Protect" tab.
- Confirm that "All types" is selected for "File Types."
- Select the Centralized Exceptions button.
- Confirm the list of Exception Items is empty.
For details on how to create Centralized Exceptions in the SEPM, please read Making exceptions using centralized exception policies in Symantec Endpoint Protection Manager