You have Scan Engine set up to scan files and/or web traffic. Your file system scanner on your local system detected viral content in a file that passed through the scan engine system. The scan engine system did not register the file as being viral. You are concerned the scan engine software is not working.
Symptoms Web traffic and/or files is getting scanned by Symantec Scan Engine.
Virus definitions on the scan engine server may not be fully up to date.
In the event that a file system scanner detected viral traffic in a file that Symantec Scan Engine scanned and let through, you will need to do the following:
Ensure that Scan Engine's virus definitions are fully up to date. If they are not up to date, update them immediately. If the Liveupdate component does not update the scan engine software, you will want to download the latest version of our Intelligent Updater and run it on the scan engine server.
Ensure that the File-System Auto-protect program is excluding the directory that Scan Engine is using to scan files. Default directory is c:\program files\symantec\scan engine\temp. If this directory is not excluded, the file-system auto-protect scanner could be detecting these files as being viral before the Scan Engine software is able to examine the files.
If the file system scanner was a Symantec Scanner, then you will want to run a full system scan to ensure that nothing else got through. Best practice would dictate that you should run a full sweep across your entire network.
If, however, the file system scanner is that of another vendor, you will want to submit the file that was detected to https://submit.symantec.com/gold/. Fill out the information at that site and upload the file. Within a few hours you should get a response to the email address you provided with a tracking number. Call symantec support and open a support ticket with either the Scan Engine support or Endpoint Protection support. When you reach a technician, give them the tracking number so they can run queries against it and give you an update on your submission.
After ensuring that the virus definitions are fully updated, download a copy of the EICAR test string and drop it in the folder that Scan Engine uses to scan incoming files and then use the Scan Engine command line scanner to call for an on demand scan of eicar. If the file is detected, it should get deleted and/or quarantined. If it is quarantined, then your Scan Engine software is most likely functioning and the problem is either a) The definitions were previously not up to date, or b) The viral content has not yet been submitted to us.
If EICAR not detected as being viral, you will need to contact Symantec Scan Engine support for assistance.