Hi,
The scan that runs after installation can not be configured or disabled in the SEPM. It can only be prevented by modifying the installation command line with the "RUNSCAN=0" argument.
There are 2 ways to pass the argument to the command line. Both options require that the client installation package is exported from the SEPM without the "Create a single exe" option checked.
Option 1: Call the MSI command line directly, adding the argument:
Example:
msiexec /i "<path>\symantec antivirus.msi" /qb RUNSCAN=0 RUNLIVEUPDATE=1 REBOOT=REALLYSUPPRESS
Once the package has been exported, the files can be delivered to a client machine. By using a script, the MSI command line can be called with the RUNSCAN=0 argument.
Option 2: Modify the setup.ini file in a client installation package:
Edit the setup.ini with any text editor and modify the parameters for "CmdLine" in the [Startup] section.
Example:
[Startup]
CmdLine=/qb /l*v "%TEMP%\SEP_INST.LOG" RUNSCAN=0 RUNLIVEUPDATE=1 REBOOT=REALLYSUPPRESS
Once the modification has been saved, launching the Setup.exe will apply the correct command line parameters, as the setup.ini will pass those arguments to the msi.
NOTE: Both of these solutions are provided as-is and are not supported. Be sure to test any solution that involves modifying the default settings provided with the product BEFORE deployment to a production environment.
NOTE: This solution does not apply to any previously applied scheduled scans, only to the Quickscan that is run immediately after installation.
Reference: How to disable the scan that runs when the Symantec Endpoint Protection client is first installed.
http://www.symantec.com/business/support/index?page=content&id=TECH90906