search cancel

How to configure the Symantec Endpoint Protection Manager policy to show scan progress on Endpoint Protection client


Article ID: 163435


Updated On:


Endpoint Protection


Symantec Endpoint Protection runs the Administrator-Defined scheduled scan quietly; it does not show scan progress.

If you try to do a manual scan on the Symantec Endpoint Protection client, it may also show "Another scan is in progress. Your scan will be queued if you want to continue with the scan". 




The default setting is "Do not show scan progress". You can configure the "Virus and Spyware Protection" policy to show the scan progress or enable vpdebug to see the scan progress in the vpdebug log.


Supported Windows operating systems


Option 1:

Edit the "Virus and Spyware Protection" policy to show the scan progress

Open the SEPM console and select Policies from the left menu. Choose Virus and Spyware Protection, double-click the policy that the target endpoint belongs to, and click Administrator-Defined Scans under Windows Settings. Go to the Advanced tab and change the Scan Progress Options under Scan Progress Options to Show scan progress.

Once the Symantec Endpoint Protection client receives the the new policy, you can start a new scan and the scan progress will be shown on the endpoint(s).



Option 2:

Enable the vpdebug log to view and record the scan progress

Open SEP client (double-click the shield), click Help on the upper right, and click Troubleshooting. Select Debug logs in the left menu, then click Edit Debug Log Settings. Type "ALL" into the blank cell and click OK.

Start a scan or execute DoScan.exe. You will find the vpdebug log at:

C:\ProgramData\Symantec\Symantec Endpoint Protection\<Current Version>\Data\Logs


Additional Information

It is strongly recommended to remove (revert to blank field) the "ALL" setting on the client, once log gathering is complete. This log is verbose, and will continue to consume disk space if vpdebug is left on longer than needed.

Related article:

Scan Endpoint Protection clients from a command-line with DoScan.exe