What are the the differences between the default settings of the "Default Quickscan", "Active Scan Upon Startup", "Defwatch Quickscan"? How do they relate to the options listed in the user interface or scan policy?
When configuring scan policy in the Symantec Endpoint Protection Manager or through the client user interface (UI) there are 3 options
Common infection locations
Well-known virus and security risk locations
These options correspond to the following in the registry on the Symantec Endpoint Protection client