The files are usually encrypted and or password protected. As a result the SPE engine cannot open and scan the files. So they must be reported differently than just an informational notation.

Usually they are reported as one of the following (in the SPE logs)

decomposer 52

decomposer 21

Example:

1. A file named "Protected_Spreadsheet.xlsx" It is encrypted with a password. It is submitted to be scanned.

2. It is important to note that the SPE engine configuration is important in this scenario.  In the Cloud Console policy, under "Archive Handling", there is a section for encrypted file handling. In order for any encrypted file to be reported as a problem the "Encrypted File Archives" box must be turned on.

Also the "Action" must be set to either "Block" or "Delete". If set to Log only, it will only log the fact that the file was passed in for scanning. There will be no result.

3. With the above settings in place a person could pass the file "Protected_Speadsheet.xlsx" to the scan engine using the ICAP test program (ssecls.exe)

The scanner will not be able to open the file so the following should be returned ( a similar error would be returned to the external application that submitted the same file for scanning):