Hello,
Do you want to exclude CD/DVD/BD drives from scanning??
In your case, you can also configure individual scans to scan only certain extensions and skip any other extensions.
See About the files and folders that Symantec Endpoint Protection excludes from virus and spyware scans.
The File System Auto-Protect scan is the only type which would automatically scan a CD/DVD/BD/USB drive connected to the system. This type of scan, by default, would only run when a file is accessed or modified (scans the files when they are written, opened, moved, copied, or run).
This means that if any infections/threats present on the CD/DVD/BD/USB drive attempt to access or modify any of the content on the system, it would be detected. The detection mechanism within File System Auto-Protect ensures safety from threats present on the CD/DVD/BD/USB drives.
Symantec Antivirus does not currently run an automatic System Scan on the contents of flash drives when they are first plugged in. A manual scan on the contents of a flash drive can be initiated by right-clicking on the drive in My Computer and choosing Scan for Viruses.
http://www.symantec.com/docs/TECH102573
You could also change the following File System Auto-Protect setting in Symantec Endpoint Protection Manager for each client group by -
a. Click on Clients, Policies Tab, select Virus and Spyware Protection policy – Balanced, click Edit Shared.
b. Within Protection Technology, click on Auto-Protect, Click Advanced Scanning and Monitoring.
c. Click on Scan Details tab, select Scan when a file is modified, click OK and click OK once again.
Check this Article:
What are the differences between Symantec Endpoint Protection's Auto-Protect settings "Scan when a file is accessed or modified" and "Scan when a file is modified"?
http://www.symantec.com/docs/TECH197809
Hope that helps!!