You can run DoScan.exe from a DOS prompt or script to scan common risk locations (like Active or Quick Scan) or scan all drives on any 32-bit version of Windows.

NOTE: From RU6-MP1 release DoScan.exe has more features and can launch scans to custom directories see below.

 Doscan.exe is typically found inside the SEP (Symantec Endpoint Protection) client installation folder, by default:

"%programfiles%\Symantec\Symantec Endpoint Protection"

The options can be viewed by double clicking on the file. These options are case sensitive.

 DoScan.exe /cmdlinescan [/LOGFILE="<log file path and filename>"] [/SCANALLDRIVES]

This will create a log file, called DoScan.log. The log will be located by default in:

 "%ALLUSERSPROFILE%\Application Data\Symantec\Symantec Endpoint Protection\Logs"

or inside the location you specify in the command-line.

From SEP 11 RU6-MP1 release, there are new features available in DoScan.exe.

You can see the new features from the help window of DoScan.exe on RU6-MP1, running “Doscan.exe /help” command line:  

 More information about the new features and their usage:

1) DoScan.exe /ScanName "Weekly Scheduled Scan"

• Only one scan is allowed to pass in as of now. The name of a local scan or admin scan can be passed in as a parameter.

• Scan options are the same as from the named scan in the command line.

 2) DoScan.exe /List

• Lists all the admin and local scans present in the system.

• Attaches to the same console if launched from a console or creates a new console to display the output if launched from a Windows GUI.  

Notes:
Before run the command 'DoScan.exe /ScanName "Weekly Scheduled Scan', you need to run the 'DoScan.exe /List' to find out what scan name can be used.

Below is the example of the 'DoScan.exe /List':

 3) DoScan.exe /ScanDrive "A-C,E,V-S,Z"

• You can leave spaces in between drive letters but the entire string should be within quotes. This example will scan drives A, B, C, E, S, T, U, V, Z.

• Scan options will be taken from the default quick scan options.

 4) DoScan.exe /ScanDir "%WinDir%\System32" /ScanDir "%Temp%" /ScanDir "C:\Test"

• Multiple directories can be passed in with multiple /ScanDir switches.

• Relative paths or Environment strings are permitted in the path. Internally these will be converted to fully qualified names.

• Scan options will be taken from the default quick scan options.

 5) DoScan.exe /ScanFile "C:\Test.log" /ScanFile "%WinDir%\Notepad.exe"

• Same as the /ScanDir switch. Multiple filenames can be passed with multiple /ScanFile switches.

• Relative paths or Environment strings are permitted in the path. Internally these will be converted to fully qualified names.

• Scan options will be taken from the default quick scan options.

NOTES: DoScan.exe is not a DOS-based scanner. You cannot run DoScan.exe from a bootable disk. Because DoScan.exe makes a call to Rtvscan.exe and uses the current local virus definitions, Auto-Protect must be enabled.

Doscan.exe options in SEP 12.1

Notes:

- Previous funtionality to create a log file with doscan.exe (switch /LOGFILE=) known from SEP 11 is completely gone. Log files for scans started with doscan.exe are by default created in C:\Programdata\Symantec\Symantec Endpoint Protection\[SEP Version]\Data\Logs\AV\