Endpoint Protection

Hi everyone

I need to add two directories to the scan exclusion list : /usr/renato/ and /usr/RENATO

so I tried to do it in two ways :

1 - Adding them to my GRC.DAT file:

  1.1 - Inside the key !KEY!=$REGROOT$\storages\filesystem\realtimescan\NoScanDir, add :

   /usr/renato=D1
   /usr/RENATO=D1

  1.2 - copy the file to /var/Symantec and force it to be updated

  --> Only the first entry was added

2 - Add the directories manually :

  2. 1 - symcfg add -k '\Symantec Endpoint Protection\AV\Storages\FileSystem\RealTimeScan\NoScanDir' -v /opt/RENATO -d 1 -t REG_DWORD

   --> OK, I can see my test directory /opt/RENATO listed on the exclusion list

  2. 2 - symcfg add -k '\Symantec Endpoint Protection\AV\Storages\FileSystem\RealTimeScan\NoScanDir' -v /opt/renato -d 1 -t REG_DWORD

   --> It was not added to the exclusion list

Am I missing something here ?  or is it a bug ?

According to this page "http://www.symantec.com/business/support/index?page=content&id=TECH95274" it should be case sensitive.

Best regards,

Renato Granzoto

No, I dont think so any case sensitive...

it's case sensitive

Scan exclusions in SAVFL are case sensitive, and use forward slashes instead of back slashes as in Windows paths.

http://www.symantec.com/business/support/index?page=content&id=TECH95274

...you log a case with Symantec Support if the software behavior directly contradicts a published Symantec article.

They should then be able to investigate and determine whether or not it is a software bug, and/or updated the offending article to correctly reflect intended behaviour.