What is the ADScan.exe process in SES
search cancel

What is the ADScan.exe process in SES


Article ID: 239023


Updated On:


Endpoint Security Complete


What is the purpose of ADScan.exe process and how often does it run on the clients?


Release : 14.3 RU4


ADScan.exe process is a component of the App Discovery Feature from Hardening in 14.3 RU4.   Hardening is a behavioral engine used to reduce the attack surface on the endpoint.  The Hardening engine has App Control feature which controls what processes are allowed to run on the endpoint.

  • The ADScan process performs the scanning for applications and binary files on the endpoint.  
  • The ADScan process is launched by the Symantec Endpoint Foundation (SEF). AD engine for a scheduled scan, and to retrieve App Discovery data for an App Discovery retrieval command.
  • When launched for a scan, ADScan performs the scan, updates a local database, and generates full and delta app discovery result files.
  • The ADScan process receives the scan settings from the scanner.ini file which it receives on the command line.
  • The App Discovery retrieval request will also spawn an ADScan.exe.  


The Frequency of discovery of files and other items on your devices:

  • Full Disk Scan Non-System Drives Once a Month (The 20th day of the Month)
  • Full Disk Scan System Drive Once a Month (The 10th day of the Month)
  • Well Known Scan Once a Day (3AM Daily)


Well-known locations scan

  • Add/Remove Programs
  • Programs folder
  • Desktop and Start menu shortcuts
  • Microsoft registry locations


Full disk scan

  • Includes all of the well-known scan locations plus all local drives (system or non-system).
  • Runs on all your devices.