Why SPE Doesn’t detect virus in Office files

I need a solution

Hi,

We as a user have a licensed version of SPE which we have installed in Windows Server 2012 Server.

We are using .Net Library of Symantec to send File for scanning. When we were testing out the solution we came to know that the Syamntec is not detecteing virus MS office files. We are using stand EICAR test files for the testing. Normal EICAR .txt files are dtected as a threat by syamntec and the ScanResult object gives out proper message.

But incase of EICAR MS Office files send to Symantec, server the responds as file not infected. The ScanResult object from Symantec says a proper connection to server is establised (ERR_CONN_SUCCESS) but just that file is not infected. The same file is flagged by my local laptop McAfee as infected.

Server Installed : Windows Server 2012

SPE Version : 8.0

In Symantec Console settings, set to scan all files & Bloodhound level is Medium

Could you please let us know what could be the possible issue over here and Could you also send out some Sample test file of all file types which can be tested.

It would be really great if you could respond ASAP, because our production deployment is waiting on this.

Thanks & Regads

Rahul S

0

Related:

  • No Related Posts

Client Status is Off-line. Newly added client can’t have the license

I do not need a solution (just sharing information)

Symantec Endpoint Protection Manager (SEPM) reports that a Client Health State is “Off-Line” in status. It only started when I changed the workgroup name and add a user.

So what I did first as a solution is I uninstall the SEP software to each client, delete the client in the client group in SEPM (by deleting the client, it reduces the license “seat used”) and try to install again the SEP via Remote Push. It worked in one client but the rest are not. 

So what I did is I save the installer SEP package and manually install it to each client.

But since the Server Connection status to the SEPM is Not Connected to the SEPM, the newly added client does not show in the SEPM Client Group and it did not distribute its license, “Seat Used” number in the licensing details in SEPM is still the same.

(On the Symantec Endpoint Protection (SEP) client, the tray icon has a green dot. Within the client, under Help,Troubleshooting… > Server Connection Status, the client shows “Status: Not Connected.”)

I found a solution in the forum that I should perform Rebuild Indexes, but unfortunately, it does not work.

What would be some possible solutions? Cause it seems that my connection between SEPM and SEP is broken.

0

Related:

  • No Related Posts

Symantec & Rubrik & Qstar backup issue

I need a solution

We have a Windows 2012 R2 server running Symantec Endpoint Protection 14.2.53.23.2000. Same behavior I am reporting was also observed with ver 14.0.3876.1100

We have a backup appliance Rubrik on version 5.2 that archives virtual machines fine to the above server fine. It is when we attempt to write a virtual machine tape, using Qstar software we run into a problem. The job keeps restarting.

If we disable Symantec the jobs fails. If we put exceptions in place for the Qstar directories the job fails too.

If we remove Symantec the job completes.

How do we go about troubleshooting this type of scenerio? Rubrik and Qstar believe Symantec is the cause.

Thanks!

0

Related:

  • No Related Posts