@AdithyanT 

The "Detect suspicious email attachmantes scanner" is not enabled in the ENS policy

• ENS version installed: 10.5.x and 10.6.1.x
• Outlook Version installed: MS Office 365 ProPlus, Version 1902
• Have you logged a Service request with us? No, I created this posting as recommended
• If you are using an older version, have you tested with a newer version of ENS? yes with 10.6.1.x

@Former Member 

I restarted the Security Center service (it is started automatically) and I enabled the GPO, but it did not change anything.

My client uses the same ENS and Outlook version and the status is "Valid".

It also receives the same policy.

Also the user said that the problem occured suddenly.

And on the client from another user which also had this problem it suddenly disappeared, there the status was "Valid" again.

So it seems that this problem occurs sporadically.

Best regards

Hi @schrmat,

As @Former Member had already pointed out, I am afraid this is not really supported. However, I can suggest you to look into event viewer to see if you find any events with respect to this issue in your event viewer?

I have come across a similar situation on VSE owing to third party unsigned dll injections. I am afraid there is not much Tech Support will be able to assist you with on this since it is not supported, however, I am just trying to be of some help on this.

Hi @AdithyanT 

unfortunately I do not see any related events in the event viewer.

What do you exactly mean with "not supported"?

My question is actually if we can exclude that McAfee is responsible for that error?

Best regards

Hi @schrmat,

Thank you for your response. I think you may not have had a chance to look into the KBA my colleague had suggested.

By not supported, we refer to the below statement:

"Outlook Trust Center is not a supported feature of ENS. Outlook can sometimes detect the antivirus program via Windows Security Center. So, if the Security Center service is stopped, Outlook might not recognize ENS.

NOTE: If your Windows 10 version is earlier than 1709, you will see this issue unless you apply this Microsoft KB:
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-security-center...

Because ENS does not currently support this feature, Outlook users are referred to the Windows Security Center for the status of the antivirus product. ENS continues to correctly scan emails regardless of the status shown in the Outlook Trust Center.

NOTE: McAfee customers report that in some cases, starting the Windows Security Center service allows Outlook to show the correct status in the Trust Center.

Customers can use the following workaround, but there is no guarantee that this workaround will resolve the issue."

This is the excerpt we refer to from the below KBA:

https://kc.mcafee.com/agent/index?page=content&id=KB91683 as mentioned by @Former Member 

However, please note that despite what the status is said/reported by the Outlook, We perform the scan as required. So the reporting is not supported by us since it would depend on how MS API works, but our feature works as it is supposed to!

Hi @schrmat,

Ah, That makes sense, Sorry to ahve repeated the excerpts for you. I guess what you are asking is answered here:

https://kc.mcafee.com/agent/index?page=content&id=KB53813

We do not support the APIs used by Microsoft. Correct me if I am wrong, but the error message is something like this?

Security Alert: This file contains encrypted macros that have been disabled because there is no antivirus software installed that can scan them. To run these macros, remove the encryption or permission restrictions on this file. File Path: Help protect me from unknown content (recommended) Prevent encrypted macros from being scanned for viruses

If yes, your answer is in the KBA above!