Hello Dear,
It looks like the only way to do this is to create a custom scan via the client interface. You can't do exactly what you want via the SEPM's Administrator-Defined Scans.
Scans created via the Client Interface can be set to scan only one drive.
- Open the SEP GUI > Scan for Threats > Create a new scan > Custom Scan > Check the box next to the drive you want to scan
Since the SEPM doesn't have a practical way to determine which drive or folder location you want to scan, if you setup a Custom Scan in the SEPM, your options are limited.
- AV/AS Policy > Administrator-Defined Scans > Add... > OK > Change 'Scan Type' to "Custom Scan" > "Edit Folders..."
- This scan will rely on the Windows variables for locations that are common to all Windows environments. Unfortunately, it doesn't look like %SYSTEMDRIVE%.
I have one more idea for the same...
Do you want to scan only system drive for both auto protect and scheduled scan?
If yes create a centralized exception for other drives.Then it will scan only system drive even if you give full scan.For this refer this KB
Creating Centralized Exception policies in Symantec Endpoint Protection Manager.
We have some servers that have many physical drives but we do not want them scanned and thus I had to put in the Drive Letter for each drive.
Add->Security Risk Exception->Folder
No Prefix
Make sure the Check box is checked to include subfolders and put in teh driver letter like below.
E:\
Remember that this will exclude these drives from all scans, Admin scans, User scans, Active Scans and PTP Scans.