When Symantec Protection Engine (SPE) is scanning with Active Scan enabled, SPE records scan errors on PDF files with e-signatures. 

The log entry recorded by SPE is similar to the following:

The Symantec Protection Engine has encountered a scan error

Date/time of event = 2021-10-26 18:04:45

Event Severity Level = Error

Scanner = Stargate

Result ID = 10

URL = [REMOVED BY KB AUTHOR].pdf

File name = [REMOVED BY KB AUTHOR].pdf

Client IP = 127.0.0.1

Scan Duration (sec) = 0.073

Connect Duration (sec) = 0.740

Symantec Protection Engine IP address = [REMOVED BY KB AUTHOR]

Symantec Protection Engine Port number = 1344

Uptime (in seconds) = 233

Date/time of event(with millisec) = 2021-10-26 18:04:45:864

Symantec Protection Engine Host Name = [REMOVED BY KB AUTHOR]

Process ID = 1264

Release : 8.2

Multiple causes

There was an error in Disarming because the sample did not conform to PDF spec as we understood it. For the fix in Stargate engine 7.3, we modified the STARGATE pdf parser to accept the format in the sample. 

BROADCOM resolved this in a STARGATE engine update via LiveUpdate.

The Active Scan feature of SPE is sometimes also referred to its previous name, Disarm.