Issue scanning .mht (MHTML Web Archive) files with Symantec Protection Engine (SPE).

book

Article ID: 157491

calendar_today

Updated On:

Products

Protection Engine for Cloud Services

Issue/Introduction

Attempting to scan some .mht files results in a virus detection due to a malformed container violation.
This issue currently only appears to affect .mht files created with Windows Problem Steps Recorder(WPSR).

Cause

Some *.mht fies which are not compliant with RFC 822 and/or RFC 2046-defined MIME format specification can trigger malformed container errors (structure mismatch). In such a case, this behavior is by design. 

Resolution

If you wish to allow malformed container files do as follows.

To configure Symantec Protection Engine to allow malformed container files:

  1. In the console on the primary navigation bar, click Policies.
  2. In the sidebar under Views, click Filtering.
  3. Click the "Container Handling" tab at the top of the page.
  4. Ensure "Enable Malformed Container Handling" is checked
  5. Under "Enable Malformed Container Handling", select "Log only".
  • By default, Symantec Protection Engine is set to block malformed container files.