Adjusting scans to improve computer performance

By default, virus and spyware scans minimize the effect on your client computers' resources. You can change some scan settings to optimize the performance even more. Many of the tasks that are suggested here are useful in the environments that run
Symantec Endpoint Protection
in guest operating systems on virtual machines (VMs).
Adjusting scans to improve computer performance on Windows computers
Modify tuning and compressed files options for scheduled and on-demand scans
You can adjust the following options for scheduled and on-demand scans:
  • Change tuning options
    You can change the scan tuning to
    Best Application Performance
    . When you configure a scan with this setting, scans can start but they only run when the client computer is idle. If you configure an Active Scan to run when new definitions arrive, the scan might not run for up to 15 minutes if the user is using the computer
  • Change the number of levels to scan compressed files
    The default level is 3. You might want to change the level to 1 or 2 to reduce scan time.
For more information, see:
Use resumable scans
For computers in your network that have large volumes, scheduled scans can be configured as resumable scans.
A scan duration option provides a specified period to run a scan. If the scan does not complete by the end of the specified duration, it resumes when the next scheduled scan period occurs. The scan resumes at the place where it stopped until the entire volume is scanned. Typically, you use the scan duration option on servers.
Do not use a resumable scan if you suspect that the computer is infected. You should perform a full scan that runs until it scans the entire computer. You should also not use a resumable scan if a scan can complete before the specified interval.
For more information, see:
Adjust Auto-Protect settings
You can adjust some settings for Auto-Protect scans of the file system that might improve your client computers' performance.
You can set the following options:
  • File cache
    Make sure that the file cache is enabled (the default is enabled). When the file cache is enabled, Auto-Protect remembers the clean files that it scanned and does not rescan them.
  • Network settings
    When Auto-Protect scans of remote computers are enabled, make sure that
    Only when files are executed
    is enabled.
For more information, see:
Allow all scans to skip trusted files
Virus and spyware scans include an option called Insight that skips trusted files. By default, Insight is enabled.
You can change the level of trust for the types of files that scans skip:
  • Symantec and Community Trusted
    This level skips files that are trusted by Symantec and the Symantec Community.
  • Symantec Trusted
    This level skips only files that are trusted by Symantec.
For more information, see:
Randomize scheduled scans
In virtualized environments, where multiple virtual machines (VMs) are deployed, simultaneous scans create resource problems. For example, a single server might run 100 or more VMs. Simultaneous scans on those VMs drain resources on the server.
You can randomize scans to limit the impact on your server. See:
Use Shared Insight Cache in virtualized environments
Shared Insight Cache eliminates the need to rescan the files that
Symantec Endpoint Protection
has determined are clean.
You can use Shared Insight Cache for scheduled and manual scans on your client computers. Shared Insight Cache is a separate application that you install on a server or in a virtual environment. See:
Disable early launch anti-malware (ELAM) detection
Symantec Endpoint Protection
ELAM works with Windows ELAM to provide protection against malicious startup drivers. See:
Adjusting scans to improve computer performance on Mac computers
Enable idle-time scan
Applies to scheduled scans on clients that run on Mac computers.
This option configures scheduled scans to run only while the computer is idle. See:
Modify compressed files setting
Applies to Auto-Protect and on-demand scans.
You can enable or disable the option, but you cannot specify the level of compressed files to scan. See:
Adjusting scans to improve computer performance on Linux computers
Scan by type of folder
The default is to scan all folder types. You can specify any of:
Root, Home, Bin, Usr, Etc
, and
. If you know that a folder is safe, you can uncheck it in the list.
Scan by file type
The default is to scan all files. If you know that a given extension is safe, you can remove it from the list.
Scan files inside compressed files
You can expand up to three levels to scan within compressed files. You might want to change the level to 1 or 2 to reduce scan time.
Scan for security risks
Lets you choose whether to scan for security risks. Security risks are updated through LiveUpdate. Scanning for security risks slows the scan down, but increases security. The default is to scan for security risks. To improve computer performance, uncheck this option.
More information