When using Centralized Exceptions policy from Symantec Endpoint Protection Manager and selecting the prefix variable [Program Files], on 64-bit Windows, you notice that this exception is only applied to the C:\Program Files (x86) folder, which is the default folder for 32-bit applications. Files under C:\Program Files\ are not excluded and are scanned.
Workaround: When creating a Centralized Exceptions exclusion for the "C:\Program Files" (64-bit) directories, do not use the prefix variable [Program Files]. Instead, include the full folder or file path, such as C:\Program Files\.
This issue has otherwise been addressed as of SEPM version 12.1 RU2. As stated in the help file of newer versions: "Note: The prefix variable applies to 32-bit and 64-bit folders. For example, if you select [PROGRAM_FILES], both the Program Files (x86) and the Program Files folders are excluded."
Imported Document ID: TECH145715
Subscribing will provide email updates when this Article is updated. Login is required.