To prevent conflicts between the AMP for Endpoints Connector and antivirus or other security software, you must create exclusions so that your antivirus doesn’t scan the AMP for Endpoints Connector directory.
AMP for Endpoints Windows Connectors exclusions in McAfee ePolicy Orchestrator 4.6
Log in to ePolicy Orchestrator.
Select Policy >Policy Catalog from the menu.
Select the appropriate version of VirusScan Enterprise from the Product pull-down.
Edit your On-Access High-Risk Processes Policies.
Select the Exclusions tab and click the Add button.
In the By Pattern field, enter the path to your AMP for Endpoints Connector install (C:\Program Files\Cisco for versions 5.1.1 and higher or C:\Program Files\Sourcefire for previous versions by default) and check the Also exclude subfolders box.
You should exclude the AMP for Endpoints Connector using the Sourcefire directory as other files and sub-folders