Why SPE Doesn’t detect virus in Office files

I need a solution

Hi,

We as a user have a licensed version of SPE which we have installed in Windows Server 2012 Server.

We are using .Net Library of Symantec to send File for scanning. When we were testing out the solution we came to know that the Syamntec is not detecteing virus MS office files. We are using stand EICAR test files for the testing. Normal EICAR .txt files are dtected as a threat by syamntec and the ScanResult object gives out proper message.

But incase of EICAR MS Office files send to Symantec, server the responds as file not infected. The ScanResult object from Symantec says a proper connection to server is establised (ERR_CONN_SUCCESS) but just that file is not infected. The same file is flagged by my local laptop McAfee as infected.

Server Installed : Windows Server 2012

SPE Version : 8.0

In Symantec Console settings, set to scan all files & Bloodhound level is Medium

Could you please let us know what could be the possible issue over here and Could you also send out some Sample test file of all file types which can be tested.

It would be really great if you could respond ASAP, because our production deployment is waiting on this.

Thanks & Regads

Rahul S

0

Related:

  • No Related Posts

Latest from Symantec shows “Information is currently unavailable” on the Endpoint Protection Manager Home page

I do not need a solution (just sharing information)

Latest from Symantec shows “Information is currently unavailable” on the Endpoint Protection Manager Home page

Known issue being investigated. Please subscribe to this KB for updates:

https://support.symantec.com/us/en/article.TECH257…?

0

Related:

  • No Related Posts

Silent Uninstall For Tonight’s Removal

I need a solution

We recently aquired a customer who’s previous support used symantec.cloud, we worked with them to temp remove the uninstall password but for some reason the uninstall key listed in the registry did not work.

If someone could let us know how to mass deploy a silent uninstal it would most helpful as we lost our ability now to remove the uninstall password since it was curtesy of them and they dont want to remove the password for too long since it effects all of their clinets, and all I can find is the cleanwipe tool but for some reason it doesnt seem to have any built-in switches.

If Symantec does not have a way then we will have to remote into each individual machine large count and perform the uninstall manually, please help!

0

Related:

  • No Related Posts

“/” in macOS Exclusions cited as Special Character

I need a solution

Hi All,

We are having a challenge creating macOS exclusions in the Whitelist Policy. All of the online references for exclusions state using “/” in exclusions for mac, however when creating exclusions in this manner we are getting the following error:

Cannot use special characters |<>?*/”;

Has anyone seen this before and is there a solution for it?

Thanks in advance,

Tim

0

Related:

  • No Related Posts

Client Status is Off-line. Newly added client can’t have the license

I do not need a solution (just sharing information)

Symantec Endpoint Protection Manager (SEPM) reports that a Client Health State is “Off-Line” in status. It only started when I changed the workgroup name and add a user.

So what I did first as a solution is I uninstall the SEP software to each client, delete the client in the client group in SEPM (by deleting the client, it reduces the license “seat used”) and try to install again the SEP via Remote Push. It worked in one client but the rest are not. 

So what I did is I save the installer SEP package and manually install it to each client.

But since the Server Connection status to the SEPM is Not Connected to the SEPM, the newly added client does not show in the SEPM Client Group and it did not distribute its license, “Seat Used” number in the licensing details in SEPM is still the same.

(On the Symantec Endpoint Protection (SEP) client, the tray icon has a green dot. Within the client, under Help,Troubleshooting… > Server Connection Status, the client shows “Status: Not Connected.”)

I found a solution in the forum that I should perform Rebuild Indexes, but unfortunately, it does not work.

What would be some possible solutions? Cause it seems that my connection between SEPM and SEP is broken.

0

Related:

  • No Related Posts

Can’t purchase SEP?

I need a solution

Hi all.  Has anyone been able to order SEP any time in the past month?  As a Symantec partner, I do my SEP ordering at Ingram.  Ingram is unprepared for this Broadcom merger and they’re falling apart over there.  I have been nearly a month trying to place some orders for new customers.  These customers have purchased new computers as part of the Win 7 situation, and we’re having to deploy them WITHOUT ANY ENDPOINT SECURITY.   To say this situation is riduclous is an udnerstatement.  

When I do get a reply from Ingram, it was at first to say things like they are in training for the new procedures and have reduced staff etc. while adapting to tthe Broadcom stuff.  So I let it go a bit what with the holidays and all.  Inquiring further a couple weeks later, now I’m told they’re prioritizing renewals it seems at least to the end of January, so basically will not get my orders in anytime soon, and really in my mind who knows if Feb 1 we’ll just be told sorry we’re backed up for a nother month. 

What I find odd is that SEP will keep on functioning just fine whether you’re license is current or not, at least for 30 days or more.  So why not let existing customers continue as-is and fix up their licensing renewals later, and prioritize taking on new customers who, unless they’re loyal Symantec people like me, will end up moving elsewhere.   

So again I have business clients that are running computers without any form of endpoint security.  Am I the only Symantec partner finding this situation utterly idiotic?  . 

Also is there a Symantec parnter group on here?  The PartnerNet doens’t seem very active.  

Thanks!  

0

Related:

  • No Related Posts