In Symantec Protection Engine (SPE) 7.5 release the default handling of encrypted container files has been changed from Delete to Log only. Due to this, there will be difference in the result when using encrypted container file rules in Symantec Protection for SharePoint Servers (SPSS) 6.0.x.
Encrypted container files by default are treated as log only in SPE 7.5. Therefore, you must change this setting on SPE to keep the behavior similar to the earlier release.
Log on to SPE console and go to Polices ->Filtering->Container Handling. Under Encrypted Container Handling change the option to Delete. Apply and save the change.
From the command-line, go to the Symantec Protection Engine installation directory (By default, the installation directory is C:Program FilesSymantecScan Engine or C:Program Files(x86)SymantecScan Engine).
Use the xmlmodifier tool to change the value of EncryptedContainersPolicy in filtering.xml to 2 (delete all encrypted containers). For example: