if you are using SEPM - check schedulled scaning in Antivirus and Antispyware policy
if standalone - client properties

also it can be PTP
disable it - and check

yes - oppps
i was mistaken
PTP (proactive threat protection) is not working on servers OS

try this:
in SEPM
goto Policies->click Policy components-> Scheduled scan templates and delete any scans in it

Did anyone ever figure this out?  I have the same issue, only with workstations.  It was migrated from 10.1 and we used to run the scans on Friday at noon.  When I upgraded to SEP, I changed the scans to run on Saturday.

Does it store the scheduled scan information in the registry somewhere.  How can we get rid of the ghost scans?

Thanks,

Jim

Hiya

look in the registry key "HKEY_CURRENT_USER\Software\Symantec\Symantec Endpoint Protection\AV\Custom Tasks" for alphanumeric entries, like "4F2B7917-5F64-45E1-AF7B-C4559B31AE62"

This would be a scheduled scan, when you expand this key you should also see an entry "schedule".

Deleting those entries ( of course after backing up your registry ) should resolve this issue....

greetings

dennis

Also, please keep in mind that the "ghost" scans the folks are referring to are from not disabling the scheduled scans in SAV 10.x prior to performing a migration. This is actually mentioned in the installation guide. I can't stress enough the importance of reading that guide prior to installing/migrating to SEP. It can save you a lot of headaches in the long run.

Another thing you can try is searching the registry for "minofday" to find any scheduled scans hiding in the registry.

Thanks, that was it.