How to Verify if an Endpoint Client has Automatically Excluded an Application or Directory

Article:TECH105814  |  Created: 2008-01-05  |  Updated: 2011-03-02  |  Article URL http://www.symantec.com/docs/TECH105814
Article Type
Technical Solution


Issue



You would like to verify all exceptions on an Endpoint client.

Symptoms
 

The latest version of the Endpoint Protection client automatically detects the presence of certain installed components/applications, such as Microsoft Exchange and Active Directory Domain Controllers. Where can you manually inspect these exclusions to verify if they need to be added to the Centralized Exceptions policy?

 


Cause



The latest version of Endpoint Protection now automatically adds exclusions that are not visible from the Endpoint Protection Manager.


Solution




HOW TO VISUALLY INSPECT EXCLUSIONS
 

  1. Start > Run > Regedit
     
  2. Browse to the registry key:
    • HKEY_LOCAL_MACHINE\SOFTWARE\SYMANTEC\SYMANTEC ENDPOINT PROTECTION\AV\EXCLUSIONS
      Note: On 64bit window machines the registry path is:
      HKEY_LOCAL_MACHINE\Software\WOW6432Node\Symantec\Symantec Endpoint Protection\AV\Exclusions
       
  3. Expand the key to view the various applications listed there.
    • The 'File Exceptions' folder is where you can inspect the full list of exclusions associated with that product.


This key is where both automatic and policy added exclusions are stored on the client. Inspecting this key reveals all exclusions applied to the client. If you do not see the exclusion you are trying to add listed in the registry, then it is not being added automatically. You must manually add it to a Centralized Exceptions policy.


 




 



 




Legacy ID



2008090512574448


Article URL http://www.symantec.com/docs/TECH105814


Terms of use for this information are found in Legal Notices