Best Scan Performance : Optimizes the performance of the antivirus and antispyware scans that run on the client computer. Scans take less time to complete, but other applications may run more slowly during scans.
Balanced Performance: Balances the performance of a scan against the performance of other applications. Balances scan performance and the performance of other applications that run during scans.
Best Application Performance: Optimizes the performance of other applications that are running on the computer. Scans take longer to complete, but other applications on the computer may perform better during a scan.
Log all files and directories scanned during On-Demand / Scheduled Scan with SEP 11.0:
Enable the Symantec Endpoint Protection debug with specific parameters.
- Open the local user interface of the Symantec Endpoint Protection 11.0 client
- Click Help and Support> Troubleshooting.
- Click Debug Logs.
- Under Symantec Endpoint Protection, click Edit Debug Log Settings.
- Enter the following values: L SC
- Click OK.
- Click Close to close the Troubleshooting dialog.
- Run the On-Demand or Scheduled Scan you are curious about. (Note: The debug option does not work with On-Demand Active Scans)
- Once the scan completes, close the scan dialog box if one is visible.
- Click Help and Support> Troubleshooting.
- Click Debug Logs.
- Click View Log.
- The "vpdebug.log" file will launch in the default text editor. This is a log of every file and directory that has been scanned.
- Run a "Custom On-Demand Scan" on a user-created directory called "C:Tools:"
Below is an example of how a "vpdebug.log" after the above steps have been completed. 
Technical Information
"vpdebug.log" is written to the working Symantec Endpoint Protection client directory, which is the following by default:
C:Program FilesSymantecSymantec Endpoint Protection
- The registry value which is set debug parameters are entered is:
HKEY_LOCAL_MACHINESOFTWARESymantecSymantec Endpoint ProtectionAVProductControlDebug
Interpreting error codes appearing in system logs relating to files scanned by Symantec AntiVirus Scan Engine
This code list is put together by Symantec Technical Support and periodically updates. The list is not a reliable resource to guide internal processes. The list is to be used as debugging codes for the Symantec AntiVirus Scan Engine product. If an important file is consistently generating an error code, it should be submitted to Symantec Support for verification.
This information is provided as is, no further interpretation of these codes is offered or available. If there is a need to have a specific error diagnosed, please provide a sample of the file and the accompanying error to Symantec Technical Support. You must contact Symantec Technical Support in order to submit a sample. Symantec Technical support cannot provide a more robust version of this document.
Known error codes returned by Symantec Antivirus Scan Engine:
- 0 No Error
6 File Not Found
10 Concatenated CAB file
11 Scan Failure
17 Broken or invalid archive.
20 CAB file DLL not found
21 LZ DLL not found
24 Temp file access failed
- 30 Open container failed
31 Failed to access container
32 Failed to update container
33 Could not close container
34 RAR ARJ update container update problem
36 File is too large
- 40 Error extracting file from container
41 Could not access file extracted from container
42 Could not decrypt extracted file
43 Code returned when Decomposer processes a file that is only part of the complete archive. Such as when RAR splits a large archive into smaller pieces.
50 Insufficient disk space
51 Insufficient memory
52 Error replacing infected file with repaired data
53 Could not Quarantine
59 Blocking due to mail policy
60 Extraction level exceeded
61 Extraction time exceeded
62 Extraction size exceeded
63 Invalid file type for engine
64 Engine file is missing
65 Invalid file type
66 MIME date field not compliant
67 Deletion invalid
68 Size of extracted file unknown
69 Invalid temp directory
70 Could not create temporary file
71 Temporary file could not be opened
72 Could not read temporary file
73 Could not write temporary file
74 Could not close temporary file
75 Could not delete temporary file
76 Disk not ready
77 File has invalid parameters
78 Change not allowed
79 Unable to replace
80 Error incorrect usage of decomposer engine
81 Error decomposer engine exception
82 Generic error returned
83 Default error returned
84 Container is malformed
90 MIME interface not present
91 No token file present
92 Could not open token file
93 Could not read token file
94 Could not find token file
95 Unable to close token file
99 Operation cancelled by user
100 Default error. Returned when no other code applies
110 Unable to get engine interface
111 Warning message, could not find file specified
112 Unable to open a temporary file
113 Unable to read a temporary file
114 Unsupported call to decomposer engine
115 Decomposer returns this error when a CAB file is less than 10 bytes in size
116 Error deleting top-level local file
<
p>To interpret logs for Scan Engine 5.x, please see the following documentation:
Title: How to read the logfile for Symantec Scan Engine 5.x
URL: http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2006020614513354
Title: Interpreting error code pairs that appear in the Scan Engine 5.x logs
URL: http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2009041708170054
