Issue scanning .mht (MHTML Web Archive) files with Symantec Protection Engine (SPE).

Article:TECH201006  |  Created: 2012-12-19  |  Updated: 2014-06-23  |  Article URL http://www.symantec.com/docs/TECH201006
Article Type
Technical Solution


Issue



Attempting to scan some .mht files results in a virus detection due to a malformed container violation.
This issue currently only appears to affect .mht files created with Windows Problem Steps Recorder(WPSR).


Cause



Some *.mht fies which are not compliant with RFC 822 and/or RFC 2046-defined MIME format specification can trigger malformed container errors (structure mismatch). In such a case, this behavior is by design. 


Solution



If you wish to allow malformed container files do as follows.

To configure Symantec Protection Engine to allow malformed container files:

  1. In the console on the primary navigation bar, click Policies.
  2. In the sidebar under Views, click Filtering.
  3. Click the "Container Handling" tab at the top of the page.
  4. Ensure "Enable Malformed Container Handling" is checked
  5. Under "Enable Malformed Container Handling", select "Log only".
  • By default, Symantec Protection Engine is set to block malformed container files.

Supplemental Materials

SourceETrack
Value3032435

SourceETrack
Value3071800

SourceETrack
Value3073554



Article URL http://www.symantec.com/docs/TECH201006


Terms of use for this information are found in Legal Notices