Video Screencast Help

Automatic scanning of Mapped network drive

Created: 12 Jan 2010 • Updated: 10 Aug 2010 | 13 comments

My basic logic is - I can use the SEP client to set a custom scan, to scan my X: (network mapped drive) o.k. - but if I wanted to do this automatically (when I am not logged in) it is obviously going to fail, becuase there is no mapped drive.

I looked at doscan.exe, but even when I ran this with the /SCANALLDRIVES it only to 59seconds (doscan.log) - so clearly something is not correct.

Is there any other SEP command line tool I can use in conjunction with a simple net use .bat script ? Is there any easy way of doing this?

Comments 13 CommentsJump to latest comment

Vikram Kumar-SAV to SEP's picture

 doscan.exe is the only command line scanning tool.

The Server on which these drives are physicall present do you have sep on them ? You can run local scan on those servers..rather than scanning those drives locally from your machine.

Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.

SaladFingers's picture

Thanks Vikram, but no.  The network drive it is mapping is a NAS drive, so am really wanting to map to it and scan.

I'm using the doscan option as follows....

doscan.exe /cmdlinescan /SCANALLDRIVES /LOGFILE="d:\doscan.log"

When I look in the log it tells me the duration of the scan was 59 seconds - clearly not a FULL scan of any drive, let alone a mapped drive (even when logged in!)

Any suggestions ?

AravindKM's picture

You can do this in GUI. Map the drive to your pc right click give a scan.I think this is easy.You can do a scheduling also if you want.

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

SaladFingers's picture

Please explain AravindKM.

I have configured the SEP client already (from the SEP client) to do a custom scan on the mapped drive, the scheduled scan completes after 4 seconds when I am not logged in. The custom scan works if I am logged in with the drive mapped.

How do I scan the X: drive when I am not logged in?

AravindKM's picture

Try by selecting the option "allow user defined scheduled scan to run  when scan author is not logged in" from antivirus and antispyware policy under administrator defined scans.

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

AravindKM's picture

Also under file system auto protect assure that you are selected network in  antivirus and antispyware policy

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

SaladFingers's picture

that option has to choosen for it to even to attempt the scan (the one that completed in 4 seconds)

Vikram Kumar-SAV to SEP's picture

 doscan.exe /cmdlinescan  [/LOGFILE="Location"] [/SCANALLDRIVES]
It should be like this..

If it is completing in 59 seconds that means it is just doing a active scan..which is the default scan run by doscan.exe...Full scan will take minimum 15-30 minutes..

Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.

SaladFingers's picture

15-30 minutes? - that all depends on how much data.

I tested using a batch script with the net use command to map the NAS drive to X: .  This was scheduled a couple of minutes before the SEP Client Custom Scan started, which scans only the X: drive. (All this happening without being logged in).

I didn't expect it to work but it did.

SaladFingers's picture

I'm afraid scheduling the mapping just before the locally scheduled SEP scan only worked once.  When I tried to recreate this solution,  SEP never picked up the map drive and scanned 0 items succesfully.

This is probably to do with that fact the no matter what login account you use to scheduled SEP to scan it will always scans under the SYSTEM login.  Where as creating a mapped drive as a part of a batch file will always be under a local admin / regular domain id.

Has anybody played with automating a  network scan via the SEP client ?

Nirav Mistry's picture

Title: 'Does a Full Scan scan Mapped Network Drives?'
Document ID: 2009092213060248
> Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2009092213060248?Open&seg=ent

Hope it helps.

Nirav Mistry

PrimeInc's picture

Possible Solution.   You could download another antivirus product, a free one, such as ClamWin.  This is not to replace Symantec, only to get Symantec to scan the NAS.

Schedule your task to run as a local user.

In the batch file, perform a
net use x: \\nasserver\share /user:username password

then you can do a
clamscan.exe -r x:\
http://forums.clamwin.com/viewtopic.php?t=800
http://forums.clamwin.com/viewtopic.php?t=1892

If you have Symantec configured to scan network folders, both products will scan your NAS.  Symantec should locate a virus though, and not let Clam scan it.   As I recall, Clam will extract ZIP files into %temp%, so Symantec could locate viruses after extraction.  Really depends on what your real time settings are set to.

This gets you more control over what to scan than what doscan gives you.

SaladFingers's picture

Thanks PrimeInc - that's the only remotely close to a solution answer I have had so far.

The problem I am finding is that no matter what logins I use (local or domain based) to create the job in Task Scheduler (that maps the drive),  SEP does not see that mapped drive, even though that drive was mapped with the persistant option under the same login when creating the SEP custom scan job.