Symantec Endpoint Protection (SEP) detects files under C:\ProgramData\Symantec\Symantec Endpoint Protection\<version>\SRTSP\Quarantine when a third-party program performs read operations on files in real time when they are written to (created/modified). This may include programs that perform indexing, automatic backup, or security functions.
Read activity by any process other than the SEP scan process causes auto-protect to re-scan the file on the new read attempt.
Symantec does not recommend running more than one file-scanning application on a computer at any time.
For other realtime applications such as indexing and backup, please exclude the following folders from monitoring by these third-party applications.