Symantec Protection Engine (SPE) logs contain one or more scan errors with hex code 0x80800c00 for .exe , msi, .dll and other executable files.

Error message : Failed with scan error hex code 0x80800c00 Client IP : x.x.x.x

ICAP SERVER RETURED ERROR CODE 500.

Release: SPE 8.2.x-9.0.x

A network device between the SPE and the BROADCOM global file reputation servers issued a TCP reset to SPE.

If this environment requires a proxy, set proxy settings in SPE using How to configure Symantec Protection Engine (SPE) 7.8 or later to use a Web Proxy to download Virus Definitions

If LiveUpdate also fails, troubleshoot that issue first with LiveUpdate error codes for Protection Engine 7.5 and later

Correcting the connectivity to Symantec Reputation server resolves the issue. See Networking Port Requirements

If SPE Server is not connected to internet, you may disable Insight scanning from Policy.xml to resolve the issue.

To Disable Symantec Insight™ in Symantec Protection Engine using xmlmodifier tool

1. Open cmd
2. Go to the Symantec Protection Engine installation directory.
3. Type the following Command and enter:
   .\xmlmodifier -s //policies/ThreatPolicies/InsightScanning/@enabled false policy.xml
   
   
4. Restart SPE service

If errors appear for any other type of file (non PE File) or does not get resolved by the resolution provided above, enable SPE, CSAPI and Stargate logs and provide it to Technical Support Engineer on a case.

What sorts of files are impacted?

Within SPE, Insight is only applicable to Portable Executable (PE) files. Examples of PE files include: .exe, .msi, .dll, .so

What about .apk files?

If you see this error for executable files, you may also see it for .apk files. If so, you may also need to disable reputation lookups for .apk, like so:

1. Open cmd
2. Go to the Symantec Protection Engine installation directory.
3. Type the following Command and enter:
   .\xmlmodifier -s //policies/ThreatPolicies/APKReputation/@enabled false policy.xml
4. Restart SPE service