Unable to run doscan.exe with SEP 12.1 as part of a script using the SYSTEM account

book

Article ID: 157318

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

A system administrator may prefer to run scheduled scans or manual scans on a SEP client using doscan.exe. It is not uncommon to use a script and use a DOS CALL in the script while referencing the doscan.exe binary in the following folder:

"C:\Program Files\Symantec\Symantec Endpoint Protection"

You have observed how calls to the binary in SEP 11 work fine when using the SYSTEM account, but stopped working after migration to SEP 12.1.

Cause

The doscan.exe binary in the "C:\Program Files\Symantec\Symantec Endpoint Protection" folder on a SEP 12.1 system is a mere proxy, and calling this proxy using a call with the SYSTEM account does not work. The proper doscan.exe is located in the .\<currentversion>\bin folder. For example:

"C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\".

Resolution

Symantec recommends calling the doscan.exe in the "C:\Program Files\Symantec\Symantec Endpoint Protection\<currentversion>\Bin" folder using scripts. Calling the proxy doscan.exe may lead to failure.