FProt Log full of virus detections?

Discussion, support and announcements for third party applications that work with MailEnable.
Post Reply
plenic
Posts: 9
Joined: Mon Oct 03, 2016 1:48 pm

FProt Log full of virus detections?

Post by plenic »

When I check the log in FProt (6), I see tons of what appears to be virus detections. But the FProt does not appear to be picking them up and notifying in the Mailenable Antivirus Log..? I copied and pasted two of the entries below. Note, all entries in the log are of different viruses, etc..
Are these "real" antivirus detections?
All are in the C:\Windows\TEMP folder..
Cheers
Paul

Event Type: Warning
Event Source: F-PROT Antivirus
Event Category: (2)
Event ID: 4096
Date: 10/3/2016
Time: 9:22:20 AM
User: NT AUTHORITY\SYSTEM
Computer: MAILSRV
Description:
Found file, C:\Windows\TEMP\FPQ2A44.tmp->Receipt 53-8609.xls->xl/vbaProject.bin, infected with PP97M/Downloader

For more information please visit http://www.f-prot.com/support/index.html
_________________________________________________

Event Type: Warning
Event Source: F-PROT Antivirus
Event Category: (2)
Event ID: 4096
Date: 10/3/2016
Time: 9:22:20 AM
User: NT AUTHORITY\SYSTEM
Computer: MAILSRV
Description:
Found file, C:\Windows\TEMP\FPQ2943.tmp->contract_11865.doc, infected with W97M/Agent

For more information please visit http://www.f-prot.com/support/index.html

MailEnable-Ian
Site Admin
Posts: 9738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: FProt Log full of virus detections?

Post by MailEnable-Ian »

Hi,

MailEnable does not use the Windows temp folder for scanning. The MTA agent that calls the F-Prot scanner will move the message to the MailEnable "Scratch" folder for scanning. The scratch folder is set within "Message Filter" properties window in the console. Navigate within the console to: servers > Localhost > Extensions > Message Filter. Right click on "Message Filter" and select properties. Here you can set the scratch folder. You need to ensure this folder is excluded the F-Prot resident AV scanner also.
Regards,

Ian Margarone
MailEnable Support

Post Reply